Calculated fields

derekmizak · May 8, 2020, 4:29pm

Hi,

I have a log which looks more less like this:

23/03/2020 8:15, mary, pc1154, SessionStarted, SessionID 1, Tools3
23/03/2020 9:00, john, pc2345, SessionStarted, SessionID 2, Apps1
23/03/2020 9:10, SessionID 1, SessionTerminated
23/03/2020 9:30, SessionID 2, SessionTerminated

I want to produce a report which would show duration of each session in the following form:

username,   ClientMachineName,  DeliveryGroup,  SessionStartTime,   SessionEndTime,   SessionDuration
john,       pc2345,             Apps1,           23/03/2020 9:00,   23/03/2020 9:10,  0:10
mary,       pc1154,             Tools3,          23/03/2020 8:15,   23/03/2020 9:30   1:15

I can use python to manipulate it outside Elastic, produce new document like in the second log and and index it back in.
However, Do you know if there is any solution to do such a transformation natively in Elastic/Kibana?

jsanz · May 8, 2020, 4:41pm

Hi @derekmizak, have you checked Transformations? This mechanism is exactly meant to produce derivative indexes that pivot your datasets to produce updated metrics.

derekmizak · May 8, 2020, 7:18pm

Hi, @jsanz - thank you a lot - it is exactly what I was looking for. Once I am bit wiz in Transforms I will post some here as a sample. Thank you.

system · June 5, 2020, 7:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Calculate of time in kibana Kibana	3	274	June 19, 2018
Kibana, Is there a way to create session duration Kibana	4	550	May 18, 2020
Creating new scripted field to showing time difference between 2 log lines Kibana	4	2189	November 27, 2020
Transform Hour and date Kibana	4	529	March 16, 2021
Script Field in Kibana with Time Passed Since Timestamp Kibana	3	2330	July 6, 2017

Calculated fields

Related Topics