How to get difference of min timestamp and max timestamp?

samath_kumar · September 16, 2019, 7:12am

I am new to kibana and elastic search, i want a metrics for average , total , longest of the timespans generated by taking difference of max and min timestamp fields. First I got min and max timestamps from the visualization of data table in Kibana ,in which 2 metrics (min @timestamp, max @timestamp) are there having the aggregation of top hit and size 1 respectively, one is ascending (min timestamp) and the other descending(max timestamp). I also have a bucket with split rows which is grouping my data by the field contactId

.

My log data is like

{
"contactId":"XXXXX",
"TimeStamp":"XXXXX"
}

Brandon_Kobel · September 16, 2019, 4:04pm

Hey @samath_kumar, you can do this using Canvas and a Table using the Elasticsearch SQL data-source with SQL similar to the following:

SELECT CAST(MAX("@timestamp") AS DOUBLE) - CAST(MIN("@timestamp") AS DOUBLE) FROM "bar" GROUP BY "contactId"

samath_kumar · September 17, 2019, 8:58am

Glad it helped...Thank you @Brandon_Kobel

system · October 15, 2019, 8:58am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.