0
我有以下數據在我的ES數據庫Elasticsearch:通配符查詢返回錯誤
{
"took": 3,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 618,
"max_score": 1,
"hits": [
{
"_index": "secse",
"_type": "monologue",
"_id": "4",
"_score": 1,
"_source": {
"username": "balpha",
"timestamp": "2011-03-04T00:00:00",
"identifier": "4",
"messages": [
{
"message": "\n \n \n\r\n @Iszi new feature: \r\n \n\n\n",
"identifier": "604694"
},
{
"message": "\n \n\n3A: Chat clean up & owner rulesSure. In most cases, the room owner is more or less arbitrary, because it's just the person who was first to create the (e.g.) PHP room. But of course it makes sense to have several owners, especially for rooms that are quite active and have developed their own \"style\", and have those owners be p...\n\n\n\n",
"identifier": "604695"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "4331",
"_score": 1,
"_source": {
"username": "Jenko",
"timestamp": "2011-01-06T00:00:00",
"identifier": "4331",
"messages": [
{
"message": "\n \n\n0Q: Prevent acccess to the C driveIs it possible to prevent regular users from accessing or modifying the C drive? they should be allowed to execute certain programs. This is to ensure that employees cannot steal or copy out proprietary software even though they should be able to execute it.\n\nThis is for Windows XP/7.\nsecurity protection access-control\n\n\n\n",
"identifier": "290604"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "4728",
"_score": 1,
"_source": {
"username": "JHarley1",
"timestamp": "2011-01-12T00:00:00",
"identifier": "4728",
"messages": [
{
"message": "\n \n\r\n I am just reading up on Kerberos in regards to application security, does anyone know anything about it? \r\n \n\n\n",
"identifier": "308589"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "6356",
"_score": 1,
"_source": {
"username": "itsnotvalid",
"timestamp": "2011-01-29T00:00:00",
"identifier": "6356",
"messages": [
{
"message": "\n \n\r\n well, i can talk without being a member in security.sx \r\n \n\n\n",
"identifier": "428619"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "4658",
"_score": 1,
"_source": {
"username": "Essobi",
"timestamp": "2011-01-20T00:00:00",
"identifier": "4658",
"messages": [
{
"message": "\n \n\r\n doing fine \r\n \n\n\n",
"identifier": "389309"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "6705",
"_score": 1,
"_source": {
"username": "Richard Gadsden",
"timestamp": "2011-05-14T00:00:00",
"identifier": "6705",
"messages": [
{
"message": "\n \n\r\n Afternoon, @ScottPack (3:25pm here) \r\n \n\n\n",
"identifier": "978411"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "12635",
"_score": 1,
"_source": {
"username": "WZeberaFFS",
"timestamp": "2011-05-06T00:00:00",
"identifier": "12635",
"messages": [
{
"message": "\n \n\r\n @Iszi agreed +1 :) \r\n \n\n\n",
"identifier": "933929"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "13335",
"_score": 1,
"_source": {
"username": "Justin",
"timestamp": "2011-04-29T00:00:00",
"identifier": "13335",
"messages": [
{
"message": "\n \n\r\n @ThomasPornin Shouldn't the encyclopedia only include questions as such? So if said question is a terrible one why not correct the question to meet the answer? \r\n \n\n\n",
"identifier": "903332"
},
{
"message": "\n \n\r\n Nevermind, I just thought about it. \r\n \n\n\n",
"identifier": "903334"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "1084",
"_score": 1,
"_source": {
"username": "Ben Pilbrow",
"timestamp": "2011-03-30T00:00:00",
"identifier": "1084",
"messages": [
{
"message": "\n \n\r\n We'll get a complaining post on Meta if we're not careful. Something to strive for I guess :-) \r\n \n\n\n",
"identifier": "752945"
}
]
}
},
{
"_index": "secse",
"_type": "monologue",
"_id": "10608",
"_score": 1,
"_source": {
"username": "Fred1234",
"timestamp": "2011-04-08T00:00:00",
"identifier": "10608",
"messages": [
{
"message": "\n \n\r\n Hi guys... \r\n \n\n\n",
"identifier": "795968"
}
]
}
}
]
}
}
我想用下面的查詢與2011的時間戳返回所有條目:
GET _search
{"query" : {
"wildcard" : { "timestamp" : "2011*" }
}
}
但我m到處以下錯誤:
{
"error": "SearchPhaseExecutionException[Failed to execute phase [query], all shards failed; shardFailures {[vqcfh1FdQyGetag21_zKTQ][secse][0]: SearchParseException[[secse][0]: from[-1],size[-1]: Parse Failure [Failed to parse source [{\"query\" : {\n \"wildcard\" : { \"timestamp\" : \"2011*\" }\n }\n }\n]]]; nested: IllegalArgumentException[Invalid format: \"2011*\" is malformed at \"*\"]; }{[vqcfh1FdQyGetag21_zKTQ][secse][1]: SearchParseException[[secse][1]: from[-1],size[-1]: Parse Failure [Failed to parse source [{\"query\" : {\n \"wildcard\" : { \"timestamp\" : \"2011*\" }\n }\n }\n]]]; nested: IllegalArgumentException[Invalid format: \"2011*\" is malformed at \"*\"]; }{[vqcfh1FdQyGetag21_zKTQ][secse][2]: SearchParseException[[secse][2]: from[-1],size[-1]: Parse Failure [Failed to parse source [{\"query\" : {\n \"wildcard\" : { \"timestamp\" : \"2011*\" }\n }\n }\n]]]; nested: IllegalArgumentException[Invalid format: \"2011*\" is malformed at \"*\"]; }{[vqcfh1FdQyGetag21_zKTQ][secse][3]: SearchParseException[[secse][3]: from[-1],size[-1]: Parse Failure [Failed to parse source [{\"query\" : {\n \"wildcard\" : { \"timestamp\" : \"2011*\" }\n }\n }\n]]]; nested: IllegalArgumentException[Invalid format: \"2011*\" is malformed at \"*\"]; }{[vqcfh1FdQyGetag21_zKTQ][secse][4]: SearchParseException[[secse][4]: from[-1],size[-1]: Parse Failure [Failed to parse source [{\"query\" : {\n \"wildcard\" : { \"timestamp\" : \"2011*\" }\n }\n }\n]]]; nested: IllegalArgumentException[Invalid format: \"2011*\" is malformed at \"*\"]; }]",
"status": 400
}