Calculate duration between min and max @timestamp

lefagr · August 3, 2017, 5:49pm

Hello,

We currently using Elastic stack 5.5.1. We are building a security dashboard and we would like to have a visualisation which can calculate the difference between MIN metric: @timestamp and MAX metric: @timestamp
so we can have the duration of a potential attack.

As it shows in the screenshot I have already min @timestamp marked as start of an attack, max of @timestamp marked as end of the attack, now I'd like to somehow be able to find how long the attack last (min-max) and have it in a dashboard.

Brandon_Kobel · August 3, 2017, 6:49pm

@lefagr this isn't currently possible, the following issue discusses some other user's needs as well, please feel free to comment with your use-case.

system · August 31, 2017, 6:49pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.