I'm using ES 7.1.2. I have indices of log records of customer logins, one index per day. I want to find a list of all customers who have not logged in the prior month. I know how to execute two aggregations, one which returns a unique list of all customers searching all indices, and one which returns the same thing but searching just the prior month's indices. What i need to do is take the difference between these two lists. I can easily do this in python, sending two GET requests and processing the results. But I want to do this so that I can display the result in Kibana, so I was hoping to use a painless script. I'm new to painless scripting and looking through the documentation I don't see any examples like this. Is this possible?
Hello Ruth,
I think you can do using Kibana also, create an index pattern for your daily created index, and then try to create the visualization on top of it.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.