Hello, is there any existing feature or way to do this?
I need to see Data that has been newly added (fresh ID) in a specific time frame.
Example:
Time 12:00
Data:
Ex 1 - ID: 1 - Name: ...
Ex 2 - ID: 2 - Name: ...
Ex 3 - ID: 3 - Name: ...
Time 12:05
Data:
Ex 1 - ID: 1 - Name: ...
Ex 2 - ID: 2 - Name: ...
Ex 3 - ID: 3 - Name: ...
Ex 4 - ID: 4 - Name: ...
Ex 5 - ID: 5 - Name: ...
How can I make it, so if i choose the time 12:05 and only want to see the difference of the previous time to see this:
Time 12:05 (Difference)
Data:
Ex 4 - ID: 4 - Name: ...
Ex 5 - ID: 5 - Name: ...
There exists multiple ways to show Serial Diff of events via a unique ID - but it would only show the number 2 in my shown example. I need to see these 2 Ex files with all their attributes and not how many of them are different.
Thank you in advance!
You could implement this using a continuous transform. As group_by you can use the id and in the aggregation part use a min(timestamp) to write a first_seen field. Given this field you can query on the dest index for what you are aiming for.
Thank you for pointing me in that direction, i will have a look and try to implement this.
By the sounds of it, this will then timestamp an ID if it has been appeared to be then filtered and searched for.
Is there also a solution for the reverse of it? To see which unique id is not to be seen anymore?
Like this:
Time 12:00
Ex 1 - ID 1 - Name ..
Ex 2 - ID 2 - Name ..
Ex 3 - ID 3 - Name ..
Time 12:05
Ex 1 - ID 1 - Name ..
Ex 3 - ID 3 - Name ..
Thank you, This solved my original question.
It seems like It's not the full solution that I need and I need to look deeper into this and research myself first.
Thank you again for taking your time to help me!
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
