Aggregation of log time-series - median per minute?

marius · March 16, 2016, 4:08pm

Hi,

I am facing the problem that I have high throughput JSON logs. I don't want to store the logs with that accuracy, but the sender is not configurable.

I wonder if Logstash can do something for me to calculate the median of all logs per minute on a chosen field. And instead of forwarding all the Logs to Elasticsearch, it could write one log-line per minute.

Is there any times series aggregation in Logstash for that?

Best,
Marius

magnusbaeck · March 19, 2016, 2:45pm

Would the aggregate filter be helpful?

marius · March 20, 2016, 8:19am

Absolutely... I just did not find this in my google searches (wrong terms I guess). Thank you very much.

Topic		Replies	Views
How to aggregate web access logs every X seconds? Logstash	1	663	May 30, 2017
Aggregate logs Logstash	2	447	July 6, 2017
Aggregate plugin perfomance Logstash	5	970	July 6, 2017
Aggregate by time only Kibana	2	170	February 27, 2024
Suggestions for aggregating time series log data Elasticsearch	1	643	July 5, 2017

Aggregation of log time-series - median per minute?

Related topics