hi team!
is that possible to calculate subtract the time between two logs by id in painless script???
log example is below:
plz point out to me if possible 
thanks so much
Scripted field run in the context of a single document, so can not act on information from different documents.
thank you @Christian_Dahlqvist
so it's still challenging flat-world to emulate real-world 
Also Scripted Metric Aggregation???
That may be able to do it, but as far as I recall Kibana does not yet support it. Another option would be to create an entity-centric index as described in this talk.
thank you
Scripted metric aggregations operate just as other aggregations: one document at a time. While it might be possible to stash data between map operations, the order would be inconsistent as documents move between Lucene segments.