I have a set of logs which has the timestamp as attribute with a same ID for a particular transaction in kibana. I need to get the difference between the timestamps of the first log and the last log of the transaction. Can anyone help me with it ?
Hi, I think you can get what you are looking for with Scripted Fields in Kibana. It is possible to add a new field to the data that comes from computing of other fields in a document. There's a good blog post here which includes some examples of working with dates, and other great Painless tips.
Thanks Tim ! Will take a look into it
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.