I am receiving logs every 5 minutes from many devices.
In the log, there is field called crc_error which holds numeric value
For a particular Device, if the value of the crc_error field increases consecutively for 3 logs (lets say at 12:00, 12:05 and 12:10) then a field with a warning message should be added to the log received at 12:10.
I want to compare the value of the field crc_error with the value of crc_error of the previous log. If the previous value is smaller than the current value then I want to compare the previous value with its previous value.
Please help me to achieve this using logstash.