ES版本:5.5

经常会遇到线上批量设置某个字段的值;比如下面的示例:用前缀查询,更新某个字段的值;

查询的部分可以任何的过滤查询

action_status :需要更新的字段

1
2
3
4
5
6
7
8
9
10
11
12
13
POST myIndex/_update_by_query
{
"query": {
"prefix": {
"alarm_primary_message": {
"value": "IDS"
}
}
},
"script": {
"inline": "ctx._source['action_status'] = '3'"
}
}

结果

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
{
"took": 593,
"timed_out": false,
"total": 1173,
"updated": 1173,
"deleted": 0,
"batches": 2,
"version_conflicts": 0,
"noops": 0,
"retries": {
"bulk": 0,
"search": 0
},
"throttled_millis": 0,
"requests_per_second": -1,
"throttled_until_millis": 0,
"failures": []
}