Is there a way to query in Elasticsearch, when time series documents contain cumulative value, and I want to find out the incremental value of the field between current document and one that was created 10 seconds ago. For example say a field COUNT contains value 100 in the document with creation time stamp as 14:00:00 and the document created at 14:00:10 contains value 125. So increemental value is 25 (125 -100) , both documents are in same index and type.
Hi,
I think the Derivative Aggregation may help you.
https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations-pipeline-derivative-aggregation.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.