paw*_*que 40 debugging analysis elasticsearch
我想看看针对elasticsearch实例执行的所有查询.是否可以在调试模式下运行elasticsearch,或者告诉它存储针对它执行的所有查询?
目的是查看使用elasticsearch进行分析从软件启动的查询.
Nat*_*han 28
在5之前的ElasticSearch版本中,您可以通过更改ElasticSearch.yml配置文件来完成此操作.在此文件的最底部,您可以调整记录时间以记录所有:
index.search.slowlog.threshold.query.warn: 10s
index.search.slowlog.threshold.query.info: 5s
index.search.slowlog.threshold.query.debug: 2s
index.search.slowlog.threshold.query.trace: 500ms
index.search.slowlog.threshold.fetch.warn: 1s
index.search.slowlog.threshold.fetch.info: 800ms
index.search.slowlog.threshold.fetch.debug: 500ms
index.search.slowlog.threshold.fetch.trace: 200ms
index.indexing.slowlog.threshold.index.warn: 10s
index.indexing.slowlog.threshold.index.info: 5s
index.indexing.slowlog.threshold.index.debug: 2s
index.indexing.slowlog.threshold.index.trace: 500ms
调整设置并重新启动节点,然后查阅日志以查看针对您的节点执行的查询.请注意,如果生产日志文件的大小会迅速增加.
Iva*_*anD 12
在5.x版中,您必须为每个索引设置慢速日志记录.
命令行:
curl -XPUT 'http://localhost:9200/myindexname/_settings' -d '{
"index.indexing.slowlog.threshold.index.debug" : "0s",
"index.search.slowlog.threshold.fetch.debug" : "0s",
"index.search.slowlog.threshold.query.debug" : "0s"
}'
或者,如果您使用的是Kibana,请转到开发工具栏并输入:
PUT /myindexname/_settings
{"index.indexing.slowlog.threshold.index.debug": "0s",
"index.search.slowlog.threshold.fetch.debug" : "0s",
"index.search.slowlog.threshold.query.debug": "0s"}
#1:适用于所有指数
您可以使用以下命令将设置应用于所有索引:
PUT /_all/_settings
{"index.indexing.slowlog.threshold.index.debug": "0s",
"index.search.slowlog.threshold.fetch.debug" : "0s",
"index.search.slowlog.threshold.query.debug": "0s"}
#2:保留现有设置
如果您不想覆盖现有设置,只需添加新设置,请在_settings后添加'''preserve_existing = true''',如下所示:
PUT /_all/_settings?preserve_existing=true
{"index.indexing.slowlog.threshold.index.debug": "0s",
"index.search.slowlog.threshold.fetch.debug" : "0s",
"index.search.slowlog.threshold.query.debug": "0s"}
如果设置不存在,上述请求将仅添加设置.如果它们已经存在,它将不会改变它们.
#3:所有可用的日志设置
所有可用的慢速日志设置都在这里和下面供您参考:
PUT /test_index/_settings
{
"index.search.slowlog.threshold.query.warn": "60s",
"index.search.slowlog.threshold.query.info": "5s",
"index.search.slowlog.threshold.query.debug": "1s",
"index.search.slowlog.threshold.query.trace": "0.1s",
"index.search.slowlog.threshold.fetch.warn": "30s",
"index.search.slowlog.threshold.fetch.info": "5s",
"index.search.slowlog.threshold.fetch.debug": "1s",
"index.search.slowlog.threshold.fetch.trace": "0.1s",
"index.indexing.slowlog.threshold.index.warn": "6s",
"index.indexing.slowlog.threshold.index.info": "5s",
"index.indexing.slowlog.threshold.index.debug": "1s",
"index.indexing.slowlog.threshold.index.trace": "0.1s",
"index.indexing.slowlog.level": "info",
"index.indexing.slowlog.source": "1000"
}
Tou*_*mal 10
从第5版开始,ElasticSearch会为此功能收取费用.它被称为"审计日志",现在是X-Pack的一部分.有一个免费的基本许可证,但此许可证仅为您提供简单的监视功能.身份验证,查询日志记录和所有这些相当基本的东西现在花钱.