hi team!
is that possible to calculate subtract the time between two logs by id in painless script???
log example is below:
plz point out to me if possible 
thanks so much
Scripted field run in the context of a single document, so can not act on information from different documents.
thank you @Christian_Dahlqvist
so it's still challenging flat-world to emulate real-world 
Also Scripted Metric Aggregation???
That may be able to do it, but as far as I recall Kibana does not yet support it. Another option would be to create an entity-centric index as described in this talk.
thank you
Scripted metric aggregations operate just as other aggregations: one document at a time. While it might be possible to stash data between map operations, the order would be inconsistent as documents move between Lucene segments.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.