1.实用命令2
12.按指定的等号条件搜索记录
[root@192.168.1.1 ~]# curl -u elastic:elastic -k -XGET https://192.168.1.1:9200/te_bi_application/_search -H 'Content-Type: application/json' -d '
{
"query": {
"match": {
"id": "1879417527092670545"
}}}'
回显:
{"took":16,"timed_out":false,"_shards":{"total":3,"successful":3,"skipped":0,"failed":0},"hits":{"total":{"value":0,"relation":"eq"},"max_score":null,"hits":[]}}
13.查看索引别名
查看别名对应的索引
curl -u elastic:elastic -k -XGET https:// 192.168.1.1:9200/ te_bi_application/_alias
回显:
{"te_bi_application_v1.3":{"aliases":{"te_bi_application":{}}}}
14.创建索引别名
[root@192.168.1.1 ~]# ES关闭了https访问模式,使用http模式访问。先插入数据。并创建索引: pro_003.v1.0
curl -XPOST http://192.168.1.1:9200/pro_003.v1.0/_doc/1/?pretty -u elastic:elastic -k -H 'Content-Type: application/json' -d '
{
"id" : "1",
"name" : "pro_003_001",
"city" : "广州",
"course" : "oracle",
"teacher" : "xsq",
"pxdate": "20250311"
}'
回显:
{
"_index" : "pro_003.v1.0",
"_type" : "_doc",
"_id" : "1",
"_version" : 1,
"result" : "created",
"_shards" : {
"total" : 1,
"successful" : 1,
"failed" : 0
},
"_seq_no" : 0,
"_primary_term" : 1
}
增加别名:
curl -XPOST http://192.168.1.1:9200/_aliases -u elastic:elastic -k -H 'Content-Type: application/json' -d '
{
"actions": [
{"add": {"index": "pro_003.v1.0", "alias":"pro_003"}}
]
}'
回显:
{"acknowledged":true}
15.删除索引别名
先查看别名再删除别名。
[root@192.168.1.1 ~]#
curl -u elastic:elastic -k -XGET http://192.168.1.1:9200/pro_003.v1.0/_alias
回下:
{"pro_003.v1.0":{"aliases":{"pro_003":{}}}}
删除别名:pro_003;
[root@192.168.1.1 ~]#
curl -XDELETE http://192.168.1.1:9200/pro_003.v1.0/_alias/pro_003 -u elastic:elastic -k -H 'Content-Type: application/json'
回显:
{"acknowledged":true}
16.es的权限
ES中所有的权限名称如下:
manage_own_api_key,none,cancel_task,delegate_pki,grant_api_key,manage_autoscaling,
manage_enrich,manage_index_templates,manage_logstash_pipelines,manage_oidc,
manage_saml,manage_service_account,manage_token,monitor_ml,monitor_rollup,
monitor_snapshot,monitor_text_structure,monitor_watcher,read_ccr,read_ilm,
read_pipeline,read_slm,transport_client,create_snapshot,manage_ccr,manage_ilm,manage_ml,manage_rollup,manage_slm,manage_watcher,monitor_data_frame_transforms,monitor_transform,manage_api_key,manage_ingest_pipelines,manage_pipeline,manage_data_frame_transforms,manage_transform,manage_security,monitor,manage,all
17.创建只读账号
--创建具有只读权限的角色:read_only
curl -XPOST http://192.168.1.1:9200/_security/role/read_only -u elastic:elastic -k -H 'Content-Type: application/json' -d '
{
"indices": [
{
"names": [ "*" ],
"privileges": [ "read", "read_cross_cluster" ]
}
]
}'
回显:
{"role":{"created":true}}
根据只读角色创建只读用户:read_xsq
curl -XPOST http://192.168.1.1:9200/_security/user/read_xsq -u elastic:elastic -k -H 'Content-Type: application/json' -d '
{
"password" : "xsq#123",
"roles" : [ "read_only" ]
}'
回显:
{"created":true}
使用只读用户读取索引:pro_002
[root@192.168.1.1 config]#
curl -XGET 'http://192.168.1.1:9200/pro_002/_search?pretty' -H 'Content-Type: application/json' -u read_xsq:"xsq#123" –k
回显:
{
"took" : 4,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 1,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
{
"_index" : "pro_002",
"_type" : "_doc",
"_id" : "1",
"_score" : 1.0,
"_source" : {
"id" : "1",
"name" : "user001",
"city" : "广州",
"course" : "oracle",
"teacher" : "xsq1",
"pxdate" : "20250306"
}
}
]
}
}
使用只读用户写入索引:pro_002
[root@192.168.1.1 config]#
curl -XPOST http://192.168.1.1:9200/pro_002/_doc/2/?pretty -u read_xsq:xsq#123 -k -H 'Content-Type: application/json' -d '
{
"id" : "2",
"name" : "pro_002",
"city" : "广州",
"course" : "oracle",
"teacher" : "xsq",
"pxdate": "20250311"
}'
回显:
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "action [indices:data/write/index] is unauthorized for user [read_xsq] with roles [read_only], this action is granted by the index privileges [create_doc,create,index,write,all]"
}
],
"type" : "security_exception",
"reason" : "action [indices:data/write/index] is unauthorized for user [read_xsq] with roles [read_only], this action is granted by the index privileges [create_doc,create,index,write,all]"
},
"status" : 403
}
只读用户写入时报权限不足,说明我们创建只读用户生效。
18.创建ES读写用户
(1)创建读写权限的角色。
curl -X PUT "192.168.1.1:9200/_xpack/security/role/pro_rw" -H "Content-Type: application/json" -u elastic:elastic -d'
{
"indices": [
{
"names": [ "*" ],
"privileges": [ "all" ]
}
]
}'
回显:
{"role":{"created":true}}
(2)创建读写用户:pro_rw。
curl -X PUT "192.168.1.1:9200/_xpack/security/user/pro_rw" -H "Content-Type: application/json" -u elastic:elastic -d'
{
"password" : "pro#123",
"roles" : [ "pro_rw" ]
}'
回显:
{"created":true}
(3)使用读写用户访问数据库索引
写入数据:
curl -XPOST http://192.168.1.1:9200/pro_002/_doc/2/?pretty -u pro_rw:pro#123 -k -H 'Content-Type: application/json' -d '
{
"id" : "2",
"name" : "pro_002",
"city" : "广州",
"course" : "oracle",
"teacher" : "pro",
"pxdate": "20250311"
}'
回显:
{
"_index" : "pro_002",
"_type" : "_doc",
"_id" : "2",
"_version" : 1,
"result" : "created",
"_shards" : {
"total" : 1,
"successful" : 1,
"failed" : 0
},
"_seq_no" : 2,
"_primary_term" : 3
}
读取数据:
curl -XGET 'http://192.168.1.1:9200/pro_002/_search?pretty' -H 'Content-Type: application/json' -u pro_rw:"pro#123" -k
{
"took" : 245,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 2,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
{
"_index" : "pro_002",
"_type" : "_doc",
"_id" : "1",
"_score" : 1.0,
"_source" : {
"id" : "1",
"name" : "user001",
"city" : "广州",
"course" : "oracle",
"teacher" : "xsq1",
"pxdate" : "20250306"
}
},
{
"_index" : "pro_002",
"_type" : "_doc",
"_id" : "2",
"_score" : 1.0,
"_source" : {
"id" : "2",
"name" : "pro_002",
"city" : "广州",
"course" : "oracle",
"teacher" : "pro",
"pxdate" : "20250311"
}
}
]
}
}
19.删除用户
[root@192.168.1.1 ~]# 删除用户:readonly_xsq
curl -u elastic:elastic -X DELETE "192.168.1.1:9200/_security/user/readonly_xsq"
回显:
{"found":true}
如果用户不再需要时可以删除。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
