LOGSTASH - I would like to calculate time taken in seconds for two timestamps in the same event and store it in a different field say "e2e_latency_in_seconds".
The timestamps are in different format. I have successfully normalized them into one format and stored into elasticsearch however I am unable to create a new field using logstash plugin. Please help. I don't think I can use the elapsed plugin as it is for two different events but my case is just one event.
date{
match => [ "tds_audittimestamp", "UNIX_MS"]
target => "tds_audittimestamp"
}
date{
match => [ "trade_insertion_at_source", "yyyy/MM/dd HH:mm:ss.SSS" ]
timezone => "UTC"
target => "trade_insertion_at_source"
}
I have calculated using kibana scripted field but I want to achieve this in logstash as I cannot used scripted fields in Grafana.
