HI @MariumHassan this is my script
input {
elasticsearch {
hosts => "http://192.168.55.213:9200"
index => "test_index"
}
}
filter {
aggregate {
task_id => "%{logTimestamp}"
code => "
map['logTimestamp'] = event.get('logTimestamp');
map['timeDifference']= (Time.parse(event.get('logTimestamp')).to_f -
Time.parse(map['previousTime']).to_f).round(4);
map['previousTime'] = event.get('logTimestamp');
"
}
}
output {
elasticsearch {
document_id => "%{logTimestamp}"
document_type => "test_index1"
index => "test_index1"
codec => "json"
hosts => ["192.168.55.213:9200"]
}
}
When I am trying to execute this script it's giving error as
Aggregate exception occurred {:error=>#<TypeError: can't dup NilClass>, :code=>"\n\t map['logTimestamp'] = event.get('logTimestamp');\n map['timeDifference']= (Time.parse(event.get('logTimestamp')).to_f - Time.parse(map['previousTime']).to_f).round(4);\n\tmap['previousTime'] = event.get('logTimestamp');\n\t \n ", :map=>{"logTimestamp"=>"2018-02-15T08:40:10Z"}, :event_data=>{"logTimestamp"=>"2018-02-15T08:40:10Z", "@timestamp"=>2018-04-25T09:47:38.312Z, "@version"=>"1"}}
Can U suggest what changes I have to done to run script successfully?