How to compare to log line and add additional fields

Sanjeev7 · December 11, 2018, 4:06am

Hello
Sample Log -
2018-12-09 22:25:11,959162184: INFO : [serviceAd : 1] service: transaction started, transactionnum : 12345
2018-12-09 22:26:14,330574541: INFO : [serviceAd : 1] service: transaction ended, transaction : 12345
2018-21-09 22:27:15,076638900: INFO : [serviceAd : 1] service: transaction started, transaction : 6789
I have requirement where i need to show not processed transaction count in kibana, However i able to extract the transaction started and transactionnum from above log. looking your help

compare the transactionnum e.g. 12345 and transaction status like started or ended
if transaction started is not available in log with ended it means it incomplete transaction
incomplete transaction count display on kibana.

I dont know how to compare to line and hold that result for comparison. Please help me its urgent requirement

guyboertje · December 11, 2018, 10:53am

This is what the aggregate filter is for - but pay very special attention to the requirement that workers needs to be set to 1 so the same filter instance sees all the events.

The example in our docs is pretty close to what you need.

Sanjeev7 · December 12, 2018, 6:10pm

Thanks for reply as per example in url for aggregate filter is required to log should have in sequence.in my case its not possible that end task always come after start .
2. is possible to push more value in Map (like map['sql_duration']) if yes how to push and retrieve

system · January 9, 2019, 6:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.