- Elasticsearch 7.0 Cookbook(Fourth Edition)
- Alberto Paro
- 114字
- 2021-06-24 14:52:10
How it works...
When Elasticsearch is processing a document, if a field is an IP one, it tries to convert its value to a numerical form and generate tokens for fast value searching.
The IP has special properties:
- index: This defines whether the field must be indexed. If not, false must be used (true default).
- doc_values: This defines whether the field values should be stored in a column-stride fashion to speed up sorting and aggregations (true default).
The other properties (store, boost, null_value, and include_in_all) work as other base types.
The advantage of using IP fields over strings is faster speed in every range and filter and lower resource usage (disk and memory).