Kibana 5.1 possible to calculate time difference and place it in a field in kibana at runtime?

asp · January 31, 2017, 3:41pm

Hi there,

I know I can do many cool stuff in logstash, for example calculating time differences and store it in a field.
Now my question, is it possible to do such stuff in kibana in realtime too?

Say, I have following timestamps in my event

@timestamp
timestampStart
timestampEnd

Is it possible to calculate a "virtual" field "timeDiff" in kibana by calculating timestampEnd-timestampStart?
I don't need to search by these fields, but aggregating on them would help.

Other familiar topic is, to convert for example a field which contains a value in seconds to hours to have a better overview in dashboards.

Is that possible? How?

Thanks, Andreas

thomasneirynck · January 31, 2017, 4:29pm

hi @asp

You would use a scripted field for that.

My response here - to a similar question - has some links to resources to help you get started Plot latency measure based on two time fields in an index

asp · January 31, 2017, 4:35pm

thanks for the fast response. I will take a deeper look

system · February 28, 2017, 4:36pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.