Group by the incoming records and return a list of records with specific event occurred

There is one field called "identity_number" and I am taking 30 days data as input and I need to make a list of group having same identity_number and then in each group, I need compare the price of most recent identy_number and mean of price of rest of the identity number and need to list all the identity_number which has price difference more than double.

e.g. I have 10,000 records in Kibana in last 30 days and I got 2 such groups.
1 group with 10 same identity_number and 2nd group with 8 same identity_number.

for the first group, price of most recent identity number is 100. and mean of price of rest of the 9 identity_number is 60, then skip this group, do nothing.

for the second group, price of most recent identity number is 100. and mean of price of rest of the 4 identity_number is 40,which is (100 > 200% (40) ) then list this identity_number.

So, is ihere any possible way to achieve this functinality in Kibana. If so, please let me know the way in brief.

Thank you so much in advance.

Hi @nisargtest1
I think the best way to achieve this at the moment is using Vega that provides you a more extended way to compute and transform your data: https://vega.github.io/vega-lite/docs/calculate.html
However, vega is not meant to render text in tabular/list form in the same way HTML table and list are conceived. It definitely can render text but you have to adapt a bit the output to your needs (this somehow resable a table and can maybe adapted to your case: https://vega.github.io/vega-lite/examples/layer_text_heatmap.html)
or you can render an horizontal bar chart with these filtered identity_numbers and their price means

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.