Hi all
I am having an index which contains @timestamp, Status, System, Subsystem...
the Status has a value like 200, 400, 500
I would like to do a calculation every 5 mins [Sum(Status) where Status:400]/Sum(Status) *100
and build a graph based on HTTP 400 Error %
I have done the following in timelion : (.es(index=iislogs-*, timefield=log_timestamp,q='sc_status: (400 - 410)).divide (.es(index=iislogs-*, timefield=log_timestamp,q='sc_status: (200 - 510) '))).multiply(100)
I would like to use this value in a new index or something so that I could create Alert based on the value.
How can I achieve this? in Kibana? or logstash pipeline?
We are currently working on a system that will let you do exactly that. At this time there isn't a solution to my knowledge but keep an eye in the coming releases for a solution. The progress will be updated at this GitHub issue https://github.com/elastic/kibana/issues/24214.
Thanks Mike
That sounds very promising. I am sure this will be a very needed feature for a lot of other customers.
But for now, do you think there is a possibility to grab this out some how or the other as a Kibana Query or somehow so that I can programmatically implement to have a solution for me now.
BR, Ginu
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.