0

我使用彈簧數據Elasticsearch解析中的數據ELasticseach。我已經在那裏有一個索引元素(elastalert)女巫包含alert_sent屬性。所以我想要做的就是返回發送給管理員的所有警報。我嘗試在存儲庫List<Alert> findByAlert_sentTrue()中定義一個方法,但似乎下劃線是一個問題(如文檔http://docs.spring.io/spring-data/elasticsearch/docs/current/reference/html/#repositories.query-methods.query-property-expressions中所述)。通過Spring數據彈性搜索在elasticsearch中搜索特定字段

這裏的索引元素的映射:

{ 
    "elastalert_status" : { 
    "mappings" : { 
     "elastalert" : { 
     "properties" : { 
      "@timestamp" : { 
      "type" : "date", 
      "format" : "dateOptionalTime" 
      }, 
      "aggregate_id" : { 
      "type" : "string", 
      "index" : "not_analyzed" 
      }, 
      "alert_exception" : { 
      "type" : "string" 
      }, 
      "alert_info" : { 
      "properties" : { 
       "recipients" : { 
       "type" : "string" 
       }, 
       "type" : { 
       "type" : "string" 
       } 
      } 
      }, 
      "alert_sent" : { 
      "type" : "boolean" 
      }, 
      "alert_time" : { 
      "type" : "date", 
      "format" : "dateOptionalTime" 
      }, 
      "match_body" : { 
      "type" : "object", 
      "enabled" : false 
      }, 
      "rule_name" : { 
      "type" : "string", 
      "index" : "not_analyzed" 
      } 
     } 
     } 
    } 
    } 
} 

我創建了一個實體使用該索引的元素:

@Document(indexName = "elastalert_status", type = "elastalert") 
    public class Rule { 
     @Id 
     private String id; 
     private String name; 
     private String es_host; 
     private String es_port; 
     private String index; 
     private String type; 
     private String query; 
     private String TimeStamp; 
     private String email; 
     private int runEvery; 
     private String alertsent; 
     private String alertTime; 
     private String matchBody; 
    ... 
Getters and Setters 
... 

,捲曲這將是

curl -XPOST 'localhost:9200/elastalert_status/elastalert/_search?pretty' -d ' 
{ 
    "query": { "match": { "alert_sent": true } } 
}' 

所以我怎樣才能讓所有那些使用Spring Data Elasticsearch發送警報? 謝謝。

回答

0

我找到了一個解決方案,我開始通過創建擴展ElasticsearchRepository存儲庫,並加入我的personnalized查詢

public interface RuleRepository extends ElasticsearchRepository<Rule,String> { 

    @Query("{\"bool\": {\"must\": {\"match\": {\"alert_sent\": true}}}}") 
    List<Rule> findSentAlert(); 
} 

,並以可視化這些警報只添加這段代碼:

List<Rule> rules = repository.findSentAlert(); 
    System.out.println("Rule list: " + rules); 

我希望它可以幫助別人:)