I am collecting log data and putting it into elastic search. Each document has 4 columns containing timestamp, key(not unique), Interface and Message. I need to calculate the time difference between two rows with same value in key column for a particular interface column value containing specific message. Is there a way i can do this and visualize in Kibana. Finally i want a visualization which shows the calculated time difference at one axis and unique set to keys to another. Please help me out here.
There are a number of threads on this from others asking the same thing, try a search and see what works for you.
If you can please suggest a link. That would be helpful. Thanks for the quick response.
It seems one cannot work on building logic for 2 different documents columns in Kibana rather they can use Scripted fields for logic building on different columns but for same same document . Is that right? How to perform calculations on two different documents columns?
This seems to be the only solution.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.