国产一级a片免费看高清,亚洲熟女中文字幕在线视频,黄三级高清在线播放,免费黄色视频在线看

打開APP
userphoto
未登錄

開通VIP,暢享免費(fèi)電子書等14項(xiàng)超值服

開通VIP

首頁(yè)

好書

留言交流

下載APP

聯(lián)系客服
Kibana User Guide [4.2] » Discover

Discover

發(fā)現(xiàn)

You can interactively explore your data from the Discover page. You have access to every document in every index that matches the selected index pattern. You can submit search queries, filter the search results, and view document data. You can also see the number of documents that match the search query and get field value statistics. If a time field is configured for the selected index pattern, the distribution of documents over time is displayed in a histogram at the top of the page.

在Discover頁(yè)面,你可以交互地瀏覽你的數(shù)據(jù)。你可以訪問符合索引模式的每個(gè)索引結(jié)果中的文件。你可以提交索引請(qǐng)求,過濾搜索結(jié)果,查看結(jié)果中的數(shù)據(jù)。你也可以查看符合索引結(jié)果文件的數(shù)量,得到字段結(jié)果的統(tǒng)計(jì)。如果一個(gè)時(shí)間字段符合選擇的索引模式,那么,分布式文件將以柱狀圖的形式展現(xiàn)在頁(yè)面頂部。


Setting the Time Filter

設(shè)置時(shí)間過濾

The Time Filter restricts the search results to a specific time period. You can set a time filter if your index contains time-based events and a time-field is configured for the selected index pattern.

時(shí)間過濾器把搜索結(jié)果限制到一個(gè)特殊的時(shí)期。你可以設(shè)置一個(gè)時(shí)間過濾器,如果你的索引包括基于時(shí)間的時(shí)間,一個(gè)時(shí)間字段將被選擇的索引模式配置。

By default the time filter is set to the last 15 minutes. You can use the Time Picker to change the time filter or select a specific time interval or time range in the histogram at the top of the page.

一般情況下,時(shí)間過濾器被設(shè)置成15分鐘。你可以使用Time Picker改變時(shí)間過濾器,或者選擇一個(gè)明確的時(shí)間間隔,或者時(shí)間在頁(yè)面頂部的柱狀圖上波動(dòng)。

To set a time filter with the Time Picker:

使用Time Picker設(shè)置時(shí)間過濾器:

  1. Click the Time Filter displayed in the upper right corner of the menu bar to open the Time Picker.
  2. To set a quick filter, simply click one of the shortcut links.
  3. To specify a relative Time Filter, click Relative and enter the relative start time. You can specify the relative start time as any number of seconds, minutes, hours, days, months, or years ago.
  4. To specify an absolute Time Filter, click Absolute and enter the start date in the From field and the end date in the To field.
  5. Click the caret at the bottom of the Time Picker to hide it.

  1. 點(diǎn)擊菜單欄的右上教來打開Time Picker。

  2. 想要設(shè)置一個(gè)快速過濾,只要點(diǎn)擊一個(gè)快捷鏈接。

  3. 想要設(shè)置一個(gè)相關(guān)的Time Picker,點(diǎn)Relative然后輸入相關(guān)的開始時(shí)間。你可以把開始時(shí)間設(shè)置成任意的年、月、日、小時(shí)、分和秒。

  4.  想要設(shè)置一個(gè)完全的Time Picker,點(diǎn)Absolute然后在From字段輸入起始時(shí)間,在To字段輸入結(jié)束時(shí)間。

  5.  點(diǎn)Time Picker 的底部來隱藏它。

To set a Time Filter from the histogram, do one of the following:

從柱狀圖設(shè)置時(shí)間過濾器,可以做下面的事情實(shí)現(xiàn):

  • Click the bar that represents the time interval you want to zoom in on.
  • 點(diǎn)代表時(shí)間間隔的條。
  • Click and drag to view a specific timespan. You must start the selection with the cursor over the background of the chart—the cursor changes to a plus sign when you hover over a valid start point.
  • 點(diǎn)擊和拖拽達(dá)到一個(gè)特點(diǎn)的時(shí)間維度。你必須用光標(biāo)在圖表的背景處進(jìn)行選擇,當(dāng)光標(biāo)在一個(gè)有效的開始點(diǎn)時(shí),光標(biāo)變成一個(gè)增加標(biāo)志。

You can use the browser Back button to undo your changes.

你可以使用瀏覽器的后退按鈕來撤銷你的操作。

The histogram lists the time range you’re currently exploring, as well as the intervals that range is currently using. To change the intervals, click the link and select an interval from the drop-down. The default behavior automatically sets an interval based on the time range.

柱狀圖列出來你當(dāng)前正在瀏覽數(shù)據(jù)的時(shí)間維度,也包括你正在使用的時(shí)間間隔。為了改變時(shí)間間隔,可以點(diǎn)擊鏈接,從下拉菜單中選擇。默認(rèn)的行為會(huì)隨著時(shí)間波動(dòng),被設(shè)置為一個(gè)時(shí)間間隔。

Searching Your Data

搜索你的數(shù)據(jù)

You can search the indices that match the current index pattern by submitting a search from the Discover page. You can enter simple query strings, use the Lucene query syntax, or use the full JSON-basedElasticsearch Query DSL.

你可以搜索符合現(xiàn)在索引結(jié)果的數(shù)據(jù),通過在Discover頁(yè)面提交一個(gè)搜索。你可以輸入一些簡(jiǎn)單的請(qǐng)求字段,使用 Lucene搜索語(yǔ)法,或者使用完全基于JSON的Elasticsearch Query DSL

When you submit a search, the histogram, Documents table, and Fields list are updated to reflect the search results. The total number of hits (matching documents) is shown in the upper right corner of the histogram. The Documents table shows the first five hundred hits. By default, the hits are listed in reverse chronological order, with the newest documents shown first. You can reverse the sort order by by clicking on the Time column header. You can also sort the table using the values in any indexed field. For more information, see Sorting the Documents Table.

當(dāng)你提交一個(gè)搜索,柱狀圖、文件列表、字段列表也會(huì)隨著搜索結(jié)果而更新。所有的hits數(shù)(即符合的文件總數(shù))在柱狀圖的右上方顯示出來。文件列表展現(xiàn)了前500個(gè)滿足的。一般情況下,hits會(huì)按時(shí)間反序排列,最新的文件排在最前面。你可以把索引順序反過來,通過點(diǎn)擊Time柱的頭。你也可以對(duì)列表進(jìn)行排序,通過使用所有索引的字段。關(guān)于更多信息,詳見: Sorting the Documents Table。

To search your data:

為了檢索你的數(shù)據(jù):

  1. Enter a query string in the Search field: 在搜索域輸入一個(gè)請(qǐng)求字段:

    • To perform a free text search, simply enter a text string. For example, if you’re searching web server logs, you could enter safari to search all fields for the term safari.
    • 進(jìn)行一個(gè)隨意字段的檢索,簡(jiǎn)單地輸入一個(gè)字段。例如,如果你想搜索web服務(wù)日志,你可以輸入safari 來搜索所有關(guān)于safari 的字段。
    • To search for a value in a specific field, you prefix the value with the name of the field. For example, you could enter status:200 to limit the results to entries that contain the value 200in the status field.
    • 為了檢索一個(gè)確定字段的值,你可以在數(shù)字前加上字段名的前綴,你可以輸入status:200來限制結(jié)果是status字段值是200的。
    • To search for a range of values, you can use the bracketed range syntax, [START_VALUE TO END_VALUE]. For example, to find entries that have 4xx status codes, you could enter status:[400 TO 499].
    • 為了檢索值的范圍,你可以使用括號(hào)范圍語(yǔ)法,例如status:[400 TO 499]。

    • To specify more complex search criteria, you can use the Boolean operators ANDOR, andNOT. For example, to find entries that have 4xx status codes and have an extension of php orhtml, you could enter status:[400 TO 499] AND (extension:php OR extension:html).

      These examples use the Lucene query syntax. You can also submit queries using the Elasticsearch Query DSL. For examples, see query string syntax in the Elasticsearch Reference.

    • 為了檢索更復(fù)雜的內(nèi)容,你可以使用ANDOR, 和NOT。例如:status:[400 TO 499] AND (extension:php OR extension:html).

  2. Press Enter or click the Search button to submit your search query. 按 Enter鍵或點(diǎn)Search按鈕來提交你的搜索請(qǐng)求。

Starting a New Search 開始一個(gè)新的檢索

To clear the current search and start a new search, click the New Search button in the Discover toolbar.

清理現(xiàn)有的搜索結(jié)果,新建一個(gè)新的索引,可以點(diǎn)擊工具欄中的New Search按鈕。


Saving a Search

保存一次搜索

You can reload saved searches on the Discover page and use them as the basis of visualizations. Saving a search saves both the search query string and the currently selected index pattern.

你可以在Discover界面重新導(dǎo)入已有的搜索結(jié)果,并使用它們做新的可視化操作。該操作保存了搜索請(qǐng)求字段和當(dāng)前選擇的索引模式。

To save the current search:

保存過程:

  1. Click the Save Search button 
     in the Discover toolbar.點(diǎn)擊此按鈕
  2. Enter a name for the search and click Save.輸入名字

Loading a Saved Search

加載一個(gè)保存的搜索

To load a saved search:

加載過程:

  1. Click the Load Search button 
     in the Discover toolbar.點(diǎn)擊此按鈕
  2. Select the search you want to load.輸入名字

If the saved search is associated with a different index pattern than is currently selected, loading the saved search also changes the selected index pattern.

在保存的搜索結(jié)果中,含有不同的索引模式,而不僅僅是當(dāng)前選擇的,重新加載保存的搜索結(jié)果也改變了選擇的索引模式。

Changing Which Indices You’re Searching

更改你正在檢索的索引項(xiàng)

When you submit a search request, the indices that match the currently-selected index pattern are searched. The current index pattern is shown below the search field. To change which indices you are searching, click the name of the current index pattern to display a list of the configured index patterns and select a different index pattern.

當(dāng)你提交一個(gè)搜索要求,符合當(dāng)前選擇索引模式的信息將被檢索。當(dāng)前索引模式將在搜索欄下展現(xiàn)。為了改變你正在檢索的索引項(xiàng),點(diǎn)擊當(dāng)前索引模式的名字,來展現(xiàn)一些列索引模式,然后選擇一個(gè)新的。

For more information about index patterns, see Creating an Index Pattern.

關(guān)于索引模式的更多信息,詳見:Creating an Index Pattern。

Automatically Refreshing the Page

自動(dòng)刷新頁(yè)面

You can configure a refresh interval to automatically refresh the page with the latest index data. This periodically resubmits the search query.

你可以確定一個(gè)刷新間隔來自動(dòng)刷新頁(yè)面,顯示最新的信息。這會(huì)周期性地重發(fā)搜索請(qǐng)求。

When a refresh interval is set, it is displayed to the left of the Time Filter in the menu bar.

當(dāng)一個(gè)刷新間隔被設(shè)置后,它在菜單欄中Time Filter的左側(cè)被展現(xiàn)。

To set the refresh interval:

怎樣設(shè)置刷新間隔

  1. Click the Time Filter 
     in the upper right corner of the menu bar. 點(diǎn)按鈕
  2. Click the Refresh Interval tab. 點(diǎn)刷新間隔標(biāo)簽
  3. Choose a refresh interval from the list. 從列表中選擇一個(gè)刷新時(shí)間

To automatically refresh the data, click the 

 Auto-refresh button and select an autorefresh interval:

為了周期性刷新數(shù)據(jù),點(diǎn)擊Auto-refresh按鈕選擇一個(gè)自動(dòng)刷新間隔:


When auto-refresh is enabled, Kibana’s top bar displays a pause button and the auto-refresh interval: 

. Click the Pause button to pause auto-refresh.

當(dāng)自動(dòng)刷新設(shè)置好后,Kibana的頂部條看起來像這樣 

,點(diǎn)擊Pause按鈕來終端自動(dòng)刷新。

Filtering by Field

通過字段過濾

You can filter the search results to display only those documents that contain a particular value in a field. You can also create negative filters that exclude documents that contain the specified field value.

你可以過濾搜索結(jié)果,讓其只顯示一些特殊字段。你也可以排除過濾器來排除掉包含特殊字段值得數(shù)據(jù)。

You can add filters from the Fields list or from the Documents table. When you add a filter, it is displayed in the filter bar below the search query. From the filter bar, you can enable or disable a filter, invert the filter (change it from a positive filter to a negative filter and vice-versa), toggle the filter on or off, or remove it entirely. Click the small left-facing arrow to the right of the index pattern selection drop-down to collapse the Fields list.

你可以從Fields添加過濾器,或者從Documents表添加過濾器。當(dāng)你添加時(shí),在搜索欄下回顯示出來過濾條。從過濾條,你可以是一個(gè)過濾器工作或不工作,更改它,打開或關(guān)閉它,或者完全刪除它。點(diǎn)擊向左的箭頭到索引模式塊的右邊,可以折疊Fields列表。

To add a filter from the Fields list:

Fields列表增加過濾器:

  1. Click the name of the field you want to filter on. This displays the top five values for that field. To the right of each value, there are two magnifying glass buttons—one for adding a regular (positive) filter, and one for adding a negative filter.
  2. To add a positive filter, click the Positive Filter button 
    . This filters out documents that don’t contain that value in the field.
  3. To add a negative filter, click the Negative Filter button 
    . This excludes documents that contain that value in the field.

  1. 點(diǎn)擊你想要過濾字段的名字,這里展現(xiàn)了字段中排名最高的5個(gè)值。在每個(gè)值得右邊,有兩個(gè)個(gè)放大鏡按鈕,一個(gè)用來普通過濾,一個(gè)用來排除過濾。

  2. 普通過濾,按鈕

.。

  3. 排除過濾,按鈕 

 

To add a filter from the Documents table:

Documents目錄增加過濾器:

  1. Expand a document in the Documents table by clicking the Expand button 
     to the left of the document’s entry in the first column (the first column is usually Time). To the right of each field name, there are two magnifying glass buttons—one for adding a regular (positive) filter, and one for adding a negative filter.
  2. To add a positive filter based on the document’s value in a field, click the Positive Filter button 
    . This filters out documents that don’t contain the specified value in that field.
  3. To add a negative filter based on the document’s value in a field, click the Negative Filter button 
    . This excludes documents that contain the specified value in that field.

  1.在 Documents增加一個(gè)文件,可以在第一個(gè)圓柱體(它一般是Time),通過點(diǎn)擊Expand按鈕到文件入口的左邊。在每個(gè)字段名的右邊,有兩個(gè)放大鏡按鈕,一個(gè)用來普通過濾,一個(gè)用來排除過濾。

  2. 普通過濾,按鈕

.。

  3. 排除過濾,按鈕 

。 

Working with Filters

使用Filters工作

When you create a filter anywhere in Kibana, the filter conditions display in a green oval under the search text entry box:

當(dāng)你再Kibana的任何地方創(chuàng)建一個(gè)過濾器后,這個(gè)過濾器的狀態(tài)將在搜索輸入框下的綠色橢圓體內(nèi)展現(xiàn):

Hovering on the filter oval displays the following icons:

綠色橢圓體上的按鈕:

Enable Filter 
 使過濾器生效
Click this icon to disable the filter without removing it. You can enable the filter again later by clicking the icon again. Disabled filters display a striped shaded color, green for inclusion filters and red for exclusion filters.
點(diǎn)這個(gè)圖表,就可以在不溢出過濾器的情況下,使其不再工作。再次點(diǎn)這個(gè)按鈕,你可以使過濾器再次工作。未工作的過濾器展現(xiàn)為條狀陰影顏色,綠色是包含型過濾器,紅色是排除性過濾器。
Pin Filter 
  別針過濾器
Click this icon to pin a filter. Pinned filters persist across Kibana tabs. You can pin filters from theVisualize tab, click on the Discover or Dashboard tabs, and those filters remain in place. NOTE: If you have a pinned filter and you’re not seeing any query results, that your current tab’s index pattern is one that the filter applies to.
點(diǎn)這個(gè)按鈕來別住一個(gè)過濾器。別針型過濾器廣泛存在與Kibana的標(biāo)簽頁(yè)。你可以把過濾器別到可視化的標(biāo)簽,點(diǎn)擊Discover 或 Dashboard標(biāo)簽,然后這些標(biāo)簽還在工作,注意:如果你有一個(gè)別針型過濾器,而且你沒有看到任何請(qǐng)求結(jié)果,那么,你當(dāng)前標(biāo)簽的索引模式是這種過濾器應(yīng)用的一種模式。
Toggle Filter 
  切換過濾器
Click this icon to toggle a filter. By default, filters are inclusion filters, and display in green. Only elements that match the filter are displayed. To change this to an exclusion filters, displaying only elements that don’t match, toggle the filter. Exclusion filters display in red.
點(diǎn)這個(gè)按鈕,可以切換過濾器。一般情況下,過濾器是包括型過濾器,而且顏色是綠色的。只有符合過濾規(guī)則的結(jié)果被展示。為了把它轉(zhuǎn)化成排除性過濾器,只展示不符合的結(jié)果,需要切換過濾器。排除型過濾器的顏色是紅色的。
Remove Filter 
  移除過濾器
Click this icon to remove a filter entirely.
點(diǎn)這個(gè)按鈕可以移除一個(gè)過濾器。

To apply any of the filter actions to all the filters currently in place, click the 

 Global Filter Actionsbutton and select an action.

想要為當(dāng)前工作的過濾器應(yīng)用任何上面的行為,可以點(diǎn)擊Global Filter Actions按鈕,選擇一種行為。

Viewing Document Data

查看文檔數(shù)據(jù)

When you submit a search query, the 500 most recent documents that match the query are listed in the Documents table. You can configure the number of documents shown in the table by setting thediscover:sampleSize property in Advanced Settings. By default, the table shows the localized version of the time field specified in the selected index pattern and the document _source. You can add fields to the Documents table from the Fields list. You can sort the listed documents by any indexed field that’s included in the table.

當(dāng)你提交一個(gè)查詢請(qǐng)求,500個(gè)最近符合的文檔被列在Documents表中。你可以在列表中設(shè)置符合文檔的數(shù)目,設(shè)置方法是在Advanced Settings.設(shè)置discover:sampleSize。一般情況下,列表中展現(xiàn)了時(shí)間字段的局限化版本,被確定在選擇的索引模式和文件_source中。你可以從Fields列表為 Documents表增加字段。你可以用包含在表中的任何索引字段為文件排序。

To view a document’s field data, click the Expand button 

 to the left of the document’s entry in the first column (the first column is usually Time). Kibana reads the document data from Elasticsearch and displays the document fields in a table. The table contains a row for each field that contains the name of the field, add filter buttons, and the field value.

想要查看文件中的字段信息,可以在第一個(gè)圓柱體(它一般是Time),點(diǎn)擊Expand 按鈕到文件入口左側(cè)。Kibana從ES讀取文件數(shù)據(jù),然后展現(xiàn)在表中。表的每一行包含了每個(gè)字段的名字、添加過濾器按鈕和字段值。


  1. To view the original JSON document (pretty-printed), click the JSON tab.
  2. To view the document data as a separate page, click the link. You can bookmark and share this link to provide direct access to a particular document.
  3. To collapse the document details, click the Collapse button 
    .
  4. To toggle a particular field’s column in the Documents table, click the 
     Toggle column in table button.

 1. 想要查看原始的JSON文件,點(diǎn)JSON標(biāo)簽。

  2. 想要以分頁(yè)的形式查看文件,點(diǎn)擊鏈接。你可以把鏈接加書簽或者分享,來直接訪問特殊的文件。
  3. 想要折疊文件詳情,請(qǐng)點(diǎn)擊Collapse按鈕。
  4. 想要切換一個(gè)特殊字段在文件列表中的量,請(qǐng)點(diǎn)擊Toggle column in table標(biāo)簽。

Sorting the Document List

為文件列表排序

You can sort the documents in the Documents table by the values in any indexed field. If a time field is configured for the selected index pattern, by default the documents are sorted in reverse chronological order.

可以使用索引字段的值,為文件列表排序。如果一個(gè)時(shí)間字段被設(shè)置到索引模式中了,那么產(chǎn)生的結(jié)果是按照反時(shí)間順序排列的。

To change the sort order:

改變索引順序:

  • Click the name of the field you want to sort by. The fields you can use for sorting have a sort button to the right of the field name. Clicking the field name a second time reverses the sort order.
  • 點(diǎn)擊你想要的索引排序名。你可以用于排序的字段名在右邊有一個(gè)排序按鈕。點(diǎn)擊字段名涼子可以反排序。

Adding Field Columns to the Documents Table


By default, the Documents table shows the localized version of the time field specified in the selected index pattern and the document _source. You can add fields to the table from the Fields list or from a document’s expanded view.

To add field columns to the Documents table:

一般情況下,Documents列表中展現(xiàn)了時(shí)間字段的局限化版本,被確定在選擇的索引模式和文件_source中。你可以從Fields表或從文件的擴(kuò)展視圖,給列表中增加字段。

怎樣增加字段柱到Documents列表。

  1. Mouse over a field in the Fields list and click its add button 
    .
  2. Repeat until you’ve added all the fields you want to display in the Documents table.
  3. Alternately, add a field column directly from a document’s expanded view by clicking the 
    Toggle column in table button.

 1. 鼠標(biāo)在字段列表的一個(gè)字段上,點(diǎn)擊它的 add 按鈕。

 2. 重復(fù)操作,直到你把所有字段都加進(jìn)去了。

 3. 然后,增加一個(gè)字段住從文件的擴(kuò)展視圖,點(diǎn)擊Toggle column in table按鈕。

The added field columns replace the _source column in the Documents table. The added fields are also listed in the Selected Fields section at the top of the field list.

新添加的字段住會(huì)代替文件列表中的_source柱。在字段列表的上方,添加的字段也列在Selected Fields部分。

To rearrange the field columns in the table, mouse over the header of the column you want to move and click the Move button.

想要重新布置列表中的柱形,可以吧鼠標(biāo)放在你想要移動(dòng)的柱形上,點(diǎn)移動(dòng)按鈕。


Removing Field Columns from the Documents Table

移除

To remove field columns from the Documents table:

方法

  1. Mouse over the field you want to remove in the Selected Fields section of the Fields list and click its remove button 。點(diǎn)擊移除按鈕
  2. Repeat until you’ve removed all the fields you want to drop from the Documents table.直到全部移除

Viewing Field Data Statistics

查看統(tǒng)計(jì)結(jié)果

From the field list, you can see how many documents in the Documents table contain a particular field, what the top 5 values are, and what percentage of documents contain each value.

從字段列表,你需要文件列表中 包含了多少文件,5個(gè)關(guān)鍵字段是什么,占的比例又是多少。

To view field data statistics:

方法

  • Click the name of a field in the Fields list. The field can be anywhere in the Fields list—Selected Fields, Popular Fields, or the list of other fields.
  • 點(diǎn)擊字段列表中的字段名。字段可以在字段列表中的任何位置 — 選擇字段表,流行字段表,或者其它字段表。


To create a visualization based on the field, click the Visualize button below the field statistics.

小建議:想要查看基于字段的可視化結(jié)果,可以點(diǎn)擊字段統(tǒng)計(jì)結(jié)果下的Visualize按鈕。




備注:
材料來自elastic官網(wǎng)。
地址:
https://www.elastic.co/guide/en/kibana/current/discover.html

本站僅提供存儲(chǔ)服務(wù),所有內(nèi)容均由用戶發(fā)布,如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容,請(qǐng)點(diǎn)擊舉報(bào)
打開APP,閱讀全文并永久保存 查看更多類似文章
猜你喜歡
類似文章
Sqlite 數(shù)據(jù)庫(kù)使用
數(shù)據(jù)管理必看!Kendo UI for jQuery過濾器概述
標(biāo)準(zhǔn)SQL語(yǔ)法使用
MySQL自增字段創(chuàng)建 | mysql添加字段
mysql常用操作指令——ALTER語(yǔ)句用法
ABAP數(shù)據(jù)字典
更多類似文章 >>
生活服務(wù)
分享 收藏 導(dǎo)長(zhǎng)圖 關(guān)注 下載文章
綁定賬號(hào)成功
后續(xù)可登錄賬號(hào)暢享VIP特權(quán)!
如果VIP功能使用有故障,
可點(diǎn)擊這里聯(lián)系客服!

聯(lián)系客服