I have a log data where I have user activity getting logged in for a particular user on a particular timestamp. Now I was able to create a min and max of timestamp field for a particular user in a particular day. I wan to calculate a difference between the two (i.e. max timestamp field - min timestamp field for a particular day) to create a duration field. Could you please suggest how I can achieve this in Kibana
I'm assuming each document in your index looks something like this:
{
"username": "X",
"timestamp": YYYYMMDD...
}
How are you creating the min and the max? Are you storing them somewhere in Elasticsearch?
Yes, my data looks like the way u have mentioned in your post.
I am calculating the Max and Min of timestamp in kibana by using the max/min of metric aggregation ; i have not created any separate field in ES
Any solution for this???
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.