Hi all ES lovers,
I was wondering if it is somehow possible to apply bucket aggregation to the output of a pipeline aggregation.
I have the following usecase,
There is a software that runs over variable amount of time and generates logs, and each run has a unique ID. Using this ID, I can figure out the start (min aggregation on Timestamp) and stop (max aggregation on Timestamp) of the software run, and thereby the duration of run can be calculated in a sibling pipeline aggregation (stop-start). After doing this, is it possible to apply a bucket aggregation on the duration, to generate a histogram for visualizing the distribution of duration ?
Can such a thing be achieved using painless scripting or any other methods ?
Thank you all for your reply.