I was trying to find the difference between 2 timestamps in Kibana table see in the
I want to create a field calculating the time difference between 1st timestamp ie February 20th 2019, 14:06:11.868 and 2nd ie February 20th 2019, 14:06:14.856 and get a field lets say "time_diff" in the table.
How can this be achieved in ELK?
I want to create a field calculating the time difference between 1st timestamp ie February 20th 2019, 14:06:11.868 and 2nd ie February 20th 2019, 14:06:14.856 and get a field lets say "time_diff" in the table.
That is not possible in Kibana. I would recommend adding time_diff to the document at ingest (before insert, look up the previous document that relates to this one, calculate the diff, and add a new field containing that value). That way, the field will be available for use in Kibana.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
