Hi All,

I am new to Kibana and wanted to check last 4 hours difference between two values which are in in a single field of same index.

Below is a small example

My Index have 5 fields ( datetime, state, errorcode, filename, os_type)

In state field i have 4 different values( picked, notpicked, completed, inprogress)

My requirement is : In last 4 hour i need to check state fields with picked & completed are how many with counts.

Please help me in sorting out this

Hi,
you can achieve this in few different ways:

• you can create a horizontal bar visualization with a term bucket aggregation and you can add than a filter on the visualization specifying only picked and completed
  
  

  Screenshot 2019-09-24 at 15.34.14.png2150×1608 255 KB
• similar to the horizontal bar you can have a data table with the same results if you prefer showing just the numbers

If you want the sum of the count of picket and completed, just disable the bucketing and keep the filter on.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.