我想列出ElasticSearch服务器上的所有索引。我试了一下:
curl -XGET localhost:9200/
但它给了我这个:
{
"ok" : true,
"status" : 200,
"name" : "El Aguila",
"version" : {
"number" : "0.19.3",
"snapshot_build" : false
},
"tagline" : "You Know, for Search"
}
我想要一个所有索引的列表..
curl -XGET 'http://localhost:9200/_cluster/health?水平=指数'
这将输出如下所示
{
"cluster_name": "XXXXXX:name",
"status": "green",
"timed_out": false,
"number_of_nodes": 3,
"number_of_data_nodes": 3,
"active_primary_shards": 199,
"active_shards": 398,
"relocating_shards": 0,
"initializing_shards": 0,
"unassigned_shards": 0,
"delayed_unassigned_shards": 0,
"number_of_pending_tasks": 0,
"number_of_in_flight_fetch": 0,
"task_max_waiting_in_queue_millis": 0,
"active_shards_percent_as_number": 100,
"indices": {
"logstash-2017.06.19": {
"status": "green",
"number_of_shards": 3,
"number_of_replicas": 1,
"active_primary_shards": 3,
"active_shards": 6,
"relocating_shards": 0,
"initializing_shards": 0,
"unassigned_shards": 0
},
"logstash-2017.06.18": {
"status": "green",
"number_of_shards": 3,
"number_of_replicas": 1,
"active_primary_shards": 3,
"active_shards": 6,
"relocating_shards": 0,
"initializing_shards": 0,
"unassigned_shards": 0
}}
_stats/ indexes给出带有索引的结果。
$ curl -XGET "localhost:9200/_stats/indices?pretty=true"
{
"_shards" : {
"total" : 10,
"successful" : 5,
"failed" : 0
},
"_all" : {
"primaries" : { },
"total" : { }
},
"indices" : {
"visitors" : {
"primaries" : { },
"total" : { }
}
}
}
我使用_stats/indexes端点来获得一个json blob数据,然后用jq进行过滤。
curl 'localhost:9200/_stats/indexes' | jq '.indices | keys | .[]'
"admin"
"blazeds"
"cgi-bin"
"contacts_v1"
"flex2gateway"
"formmail"
"formmail.pl"
"gw"
...
如果你不想要引号,给jq添加一个-r标志。
是的,端点是索引,数据键是索引,所以他们也无法做出决定:)
我需要它来清理内部安全扫描(nessus)创建的这些垃圾索引。
PS:如果您打算从命令行与ES交互,我强烈建议您熟悉jq。