I was trying to find the difference between 2 timestamps in Kibana table see in the
I want to create a field calculating the time difference between 1st timestamp ie February 20th 2019, 14:06:11.868 and 2nd ie February 20th 2019, 14:06:14.856 and get a field lets say "time_diff" in the table.
How can this be achieved in ELK?
I want to create a field calculating the time difference between 1st timestamp ie February 20th 2019, 14:06:11.868 and 2nd ie February 20th 2019, 14:06:14.856 and get a field lets say "time_diff" in the table.
That is not possible in Kibana. I would recommend adding time_diff to the document at ingest (before insert, look up the previous document that relates to this one, calculate the diff, and add a new field containing that value). That way, the field will be available for use in Kibana.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
