client = Elasticsearch([host1, host2], http_auth=(user, password), scheme="http", port=port)
response = client.search(index="complats*", body={"from": 0, "size": 10000, "query": {
"bool": {
"must": [
{
"query_string": {
"query": "tags:\"prod\" AND severity:\"INFO\" AND service:\"abc-service\" AND msg:\"* is processed\"",
"fields": [],
"type": "best_fields",
"default_operator": "or",
"max_determinized_states": 10000,
"enable_position_increments": "true",
"fuzziness": "AUTO",
"fuzzy_prefix_length": 0,
"fuzzy_max_expansions": 50,
"phrase_slop": 0,
"escape": "false",
"auto_generate_synonyms_phrase_query": "true",
"fuzzy_transpositions": "true",
"boost": 1.0
}
},
{
"range": {
"@timestamp": {
"from": "now-{}s".format((now.minute + 1) * 60),
"to": "now",
"include_lower": "true",
"include_upper": "true",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": "true",
"boost": 1.0
}
}})
value = response['hits']['total']['value']
print(value)
上面的查询已成功连接到elasticsearch,但每次返回的值都不正确或10000。这有什么问题吗?我读过某个地方的python中的elasticsearch模块有一个错误,该错误最大可以达到10000。还有其他人遇到这个问题吗?如果是,您如何解决?
提前致谢!
最佳答案
它不是python库错误,不能返回超过10000个结果,这是从Lucene继承的设置。如果您需要更多结果,则应使用search_after查询进行分页,或者使用scroll查询进行单个重搜索,这取决于您的用例。看看我的响应here,以查看使用python实现这些查询的示例
关于python - 用于Elastic Search的Python API-每次响应10000,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/59503012/