Hi all,
I am exploring log files throught Kibana and I would like to extract the logs that are in error.
My problem is that in a day, a machine can be in error in the morning and not be in error in the afternoon. So I want to extract the error logs where the machine ID is not in the list of logs that are no longer in error.
If I had to do it in SQL it would be something like SELECT id WHERE status = 'ERROR' AND id NOT IN (SELECT id WHERE status = 'SUCCESS').
Is there a Kibana query or visualization that does this kind of thing ?