Calculated fields

derekmizak · May 8, 2020, 4:29pm

Hi,

I have a log which looks more less like this:

23/03/2020 8:15, mary, pc1154, SessionStarted, SessionID 1, Tools3
23/03/2020 9:00, john, pc2345, SessionStarted, SessionID 2, Apps1
23/03/2020 9:10, SessionID 1, SessionTerminated
23/03/2020 9:30, SessionID 2, SessionTerminated

I want to produce a report which would show duration of each session in the following form:

username,   ClientMachineName,  DeliveryGroup,  SessionStartTime,   SessionEndTime,   SessionDuration
john,       pc2345,             Apps1,           23/03/2020 9:00,   23/03/2020 9:10,  0:10
mary,       pc1154,             Tools3,          23/03/2020 8:15,   23/03/2020 9:30   1:15

I can use python to manipulate it outside Elastic, produce new document like in the second log and and index it back in.
However, Do you know if there is any solution to do such a transformation natively in Elastic/Kibana?

jsanz · May 8, 2020, 4:41pm

Hi @derekmizak, have you checked Transformations? This mechanism is exactly meant to produce derivative indexes that pivot your datasets to produce updated metrics.

derekmizak · May 8, 2020, 7:18pm

Hi, @jsanz - thank you a lot - it is exactly what I was looking for. Once I am bit wiz in Transforms I will post some here as a sample. Thank you.

system · June 5, 2020, 7:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Calculate of time in kibana Kibana	3	276	June 19, 2018
Kibana, Is there a way to create session duration Kibana	4	551	May 18, 2020
Data tranformation Kibana	6	1257	July 6, 2017
Count sessions from events Kibana	3	2395	July 6, 2017
Creating new scripted field to showing time difference between 2 log lines Kibana	4	2203	November 27, 2020

Calculated fields

Related topics