Hello! cisco gateway sends 4 log entries for one voip call. All four records have a common id. Is it possible to create such a query in the Kibana interface to create a table where each row will contain the following fields: timestamp, cdn, cgn, duration?
This is what it looks like in Kibana:
Hi, I've tried locally, this could work, the fact is that you have to specify the total number of IDs you are looking to show. Then you can use the Last Value to get the values you are looking for on each record. This last value will filter your records where the field exists so it will take the last available in term of timestamp.
I also noticed that your example reports 2 different duration time, in this case you probably could take the Avergage duration instead of the last value.
Not shown in my example, but you can do the same for the timestamp as well, add the Last Value will work
Thank you! This works great for me!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
