How to perform operations with different fields on multiple records

Hi, I am dealing with Json data which contain a key value.
2 different records will have the same key value (both get ingested at a different time) with one of them having a field "startTime" and the other having a field "endTime".

Is it possible to visualize this data by grouping based on the key and calculating the time difference between these 2 fields (startTime and endTime)? Perhaps like a Data table showing the key and time taken as 2 columns. If this is possible, can you please provide few pointers?

Thank you and any help is much appreciated.

I think this can be done with a scripted metric aggregation:

https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-metrics-scripted-metric-aggregation.html

Basically, you'd want to select the non-null startdate and enddate in two different scripted metrics.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.