Hi,
I have 'setcount' and 'clearedcount' number fields which i added in logstash when it finds "set" in message field setcount is set to 1 and if it finds "clear" in message filed it sets clearedcount to 1.
each event will have either setcount or clearedcount.
I wanted to visualize something like setcount - clearedcount per host.
How can i acheive this in visualization.
Hi Pola,
You can use a scripted field here. Here is where you will add it:
Once you do you can use any basic chart to do your aggregation on it.
Thanks,
Bhavya
Thanks bhavyarm! I ended up in doing the same thing and it worked. Thanks for sharing.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
