We are currently logging user-related status messages, where each entry includes a detailed timestamp and various status information (e.g., "unauthorized request at 11:22:33... Access denied", "authorized request at 99:88:77... Access granted"). While the content of these messages is semantically similar, they vary mainly by timestamps and return values.
Our goal is to deduplicate these status messages and collapse them to show only the latest or most relevant status per user. For example:
User 1
- ID: 1
- Message: "Unauthorized request at 11:22:33 44:55:66T9789. Access denied. Some common text."
User 1
- ID: 1
- Message: "Authorized request at 99:88:77 66:55:44T34524. Access granted. Logged into app."
... and so on.
We want to query based on user.id or user.name, group the messages, and return a count of the different types of status/messages, with one record per distinct status.
Would appreciate any insights or suggestions on how best to implement this approach.
Thanks!