Hi all,
Im looking at ways to combine 2 distinct event logs only if their respective timestamps are the same. The 2 logs will be from different sources (2 different files). I am hoping to do this aggregation at time of ingestion, but I am also willing to do it after both files are already in Elasticsearch.
I've looked into both the elasticsearch filter and the aggregate filter, but they do not seem to be what I need. Any suggestions on where to start?
Thanks!