Correlation or calculating time difference between log entries using BI tool with ES 6.5

ramvalleru · November 28, 2018, 9:42am

Some jobs create log entries as following:
event time( start), uid and status;
event time( stop), uid and status;

The message if parsed and the fields are separated using Logstash and put into index.

I believe I could not show on Kibana, the average running time of job and top jobs that take more time even though they are put into same index.

Can I use ES as data store and use external BI tool to project such kind of visualization.

dadoonet · November 28, 2018, 9:55am

ramvalleru · November 28, 2018, 10:42am

One could also use https://www.elastic.co/guide/en/logstash/current/plugins-filters-elapsed.html. Can calculate difference between timestamps in the log entries right.

Topic		Replies	Views
Logs Timestamp Kibana	3	3582	July 23, 2019
Elastic search as Timeseries and Kibana to visualize: Help Elasticsearch	1	654	July 5, 2017
Find function execution time based on start/end timestamps Kibana	4	3096	December 5, 2017
Query for correlating records Elasticsearch	2	819	July 5, 2017
Calculate time difference between two different record timestamps Elasticsearch	3	3092	July 18, 2018