Custom Scripted Field Requirement

Dear Team,

I have a requirement to capture hourly count. Basically i'm pulling the data from database through logstash and storing in elastic search and want to prepare dashboard in Kibana.

The count is pulled in such a way that I get count for entire day from 12 AM and the query is executed at 59th min. E.q. at 12.59 AM query fire and with get the "count_in_today" as 100, 1.59 AM "count_in_today" would be 135, 2.59 AM "count_in_today" would be 200 and so on.
I want to show data in kibana in hourly manner. 1 AM - Count 100, 2 AM - Count 35, 3 AM - Count 65.
I also have a field "hour_now" type number which gives hour in 24hrs format when query gets executed. E.g. at 12.59AM, "hour_now" = 0, at 1.59AM, "hour_now"=1

I don't find any way to segregate the data.

Regards,
Rebin

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.