Some jobs create log entries as following:
event time( start), uid and status;
event time( stop), uid and status;
The message if parsed and the fields are separated using Logstash and put into index.
I believe I could not show on Kibana, the average running time of job and top jobs that take more time even though they are put into same index.
Can I use ES as data store and use external BI tool to project such kind of visualization.
Or you can use this may be? https://www.elastic.co/guide/en/logstash/current/plugins-filters-aggregate.html
One could also use https://www.elastic.co/guide/en/logstash/current/plugins-filters-elapsed.html. Can calculate difference between timestamps in the log entries right.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.