表
因为es是集群所以es_hosts是列表
from elasticsearch import Elasticsearch
ES_HOSTS = ["127.0.0.1:9200"]
ES_HTTP_AUTH = "******************"# 连接Es
es = Elasticsearch(hosts=ES_HOSTS ,http_auth=ES_HTTP_AUTH ,maxsize=60,timeout=30,max_retries=3,retry_on_timeout=True
)
index = "assets_distinguish"
创建表
# 检查索引是否存在,如果不存在则创建它
if not es.indices.exists(index=index):# 创建一个索引es.indices.create(index=index)
删除表
# 删除表 index;删完了记得再创建,后边要用到
#res = es.indices.delete(index=index)
#print(res)
增加
import random
item = {"ip_addr": "{}.{}.{}.{}".format(random.randint(0, 255), random.randint(0, 255), random.randint(0, 255), random.randint(0, 255)),"domain": "{}.cn".format(random.randint(0, 1000)),"geographic_location": ["北京", "上海", "广东", "深圳", "成都", "天津", "西安", ][random.randint(0, 5)],"discovery_time": datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"),}
res = es.index_name(index=index, body=item)
print("插入结果:", res)
查询
must= []
if discovery_time_start and discovery_time_start:must.append({'range': {'discovery_time': {"gte": discovery_time_start, "lte": discovery_time_end}}})
if ip_addr:must.append({"terms": {"ip_addr.keyword": [ip_addr]}})body = {"query": {"bool": {'must': must}},"sort": {"discovery_time": {"order": "desc"}},'from': (page - 1) * page_size,'size': page_size
}res = es.search(index=index_name, body=body)
删除
# 根据id删除
delete_by_id = {"query": {"match": {"_id": "srKjS5EBMKmoTl4VO9M8"}}}
result = es.delete_by_query(index=index, body=delete_by_id, )
# // 删除所有
delete_by_all = {"query": {"match_all": {}}}
result = es.delete_by_query(index=index, body=delete_by_id, )
