I am pretty new to elastic search pattern and wonder if you can give me any hint if this is possible what I want.
I collect system logs over daily regression tests.
I generate a normalized hash key for every syslog payload which does not contain any dynamic number.
I tag all syslog traces with a "run" tag. Lets say "run1" and "run2"
Now I want to find the "difference" between the 2 runs and visualize it in kibana.
My pseudo filter code looks like:
filter out all elements with:
( document.hash (document.version) == document.hash(document.versionB) )
Is this possible with a filter rule?
Any hint is appreciated.