I have multiple hosts reporting some fields every day. I need to find sources that got a change in a value of a particular field. Let's say yesterday "field1" was 0 and today 1.
In addition to that, I need to build a table of all the filtered sources together with some more fields that can help to understand why "field1" was changed:
Source|Field1|Field2|Field3|
where source in a list of those that changed field between day 1 and day 2.
Can you suggest a suitable tool in kibana? I couldn't find one myself
try filtering for this value of field1 in Discover and include the fields you need in the table. also, if you have it licensed, it also seems like you are describing machine learning features like anomaly detection
Hi Graham, thanks for the reply, but my biggest problem is to find those sources that changed the field1 value. And the field is not binary. So it could be 1->2, or 4->3, or god knows what...
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
