I don't think this is possible without using an external tool.
In both Logstash and Elasticsearch the events are independent from each other, what you want is to have the timestamp of one event dependent of the timestamp of the previous event.
I don't think this is possible without using an external tool.
In both Logstash and Elasticsearch the events are independent from each other, what you want is to have the timestamp of one event dependent of the timestamp of the previous event.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.