Hi,
I am using ELK GA 5.0.0. I have a time entry like 06:52:02 and a delay entry (in seconds) like 1.016. I want to push another attribure to elasticsearch, by subtracting seconds from timefield, say 06:52:01 in this case. Is this possible?
Thank you.
With a ruby filter you could.
@warkolm , I am a beginner, could you kindly post the code?
Thanks in advance.. 
I don't know ruby, but if you have a search through the posts here you will find similar threads with examples.
Neither do I know ruby 
It will be really helpful if someone like @magnusbaeck or @theuntergeek or @Christian_Dahlqvist look into it
Please don't ping other people like that, if you aren't willing to do a search and spend some time, why would they provide you a direct answer?
We do like to help, but you need to help yourself as well.
You're welcome.. 'll try myself..
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.