Calculate differences between documents in a query

mbby · January 22, 2024, 9:03am

I need to calculate the MTBF of our systems which are monitored using the observatiblity uptime feature of Elasticsearch.

Let's say that I've an index with the following values:
time, system-name, state
10:00, system1, up
10:05, system1, up
10:10, system1, down
10:15, system1, down
10:20, system1, up
10:25, system1, down
10:30, system1, down
10:35, system1, down
10:40, system1, up

How could I count the number of times the state switched from down to up (here: 2).
How could I get the time between two of those state changes (here: 10:35-10:15 = 0:20).

mbby · January 24, 2024, 1:12pm

So one of the questions is: is there a query which calculates difference between consecutive documents. E.g.:
time, spent money
10:00, 100
10:05, 105
10:10, 150

the result should be something like, 105-100=5, 150-105=45

mbby · February 6, 2024, 6:29am

It looks like this is not possible in an Elasticsearch query itself, right?

stephenb · February 6, 2024, 2:55pm

Perhaps

You can do serial differencing in Lens as well.

mbby · February 7, 2024, 7:23am

Thanks Stephen. Found that and tried it. Unfortunately this won't solve my initial problem of getting the distances between two state changes.

system · March 6, 2024, 7:24am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Calculate the time difference between consecutive documents Elasticsearch	20	12514	May 25, 2018
Serial difference of timestamps between documents Elasticsearch	1	657	April 18, 2019
Time Difference between Documents Elasticsearch	2	2281	July 5, 2017
ElasticSearch Transform Find Time Difference across documents Elasticsearch	2	511	August 25, 2020
Difference between consecutive records using derivative aggregation Elasticsearch	1	589	April 11, 2018

Calculate differences between documents in a query

Related topics