Calculate differences between documents in a query

mbby · January 22, 2024, 9:03am

I need to calculate the MTBF of our systems which are monitored using the observatiblity uptime feature of Elasticsearch.

Let's say that I've an index with the following values:
time, system-name, state
10:00, system1, up
10:05, system1, up
10:10, system1, down
10:15, system1, down
10:20, system1, up
10:25, system1, down
10:30, system1, down
10:35, system1, down
10:40, system1, up

How could I count the number of times the state switched from down to up (here: 2).
How could I get the time between two of those state changes (here: 10:35-10:15 = 0:20).

mbby · January 24, 2024, 1:12pm

So one of the questions is: is there a query which calculates difference between consecutive documents. E.g.:
time, spent money
10:00, 100
10:05, 105
10:10, 150

the result should be something like, 105-100=5, 150-105=45

mbby · February 6, 2024, 6:29am

It looks like this is not possible in an Elasticsearch query itself, right?

stephenb · February 6, 2024, 2:55pm

Perhaps

You can do serial differencing in Lens as well.

mbby · February 7, 2024, 7:23am

Thanks Stephen. Found that and tried it. Unfortunately this won't solve my initial problem of getting the distances between two state changes.

system · March 6, 2024, 7:24am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Calculate the time difference between consecutive documents Elasticsearch	20	12500	May 25, 2018
ElasticSearch Transform Find Time Difference across documents Elasticsearch	2	510	August 25, 2020
Calculate the timedifference between current time and future time Elasticsearch	3	1013	February 20, 2020
Calculating time between two events from same request id Kibana	4	495	April 17, 2024
Compare documents from two indexes Elasticsearch	4	2057	June 17, 2020

Calculate differences between documents in a query

Related Topics