When utilizing Elasticsearch's Discover feature, I'm aiming to construct a query that fetches the maximum and minimum logs for each user, based on three fields: username, app name, and environment.
Currently, my query includes filters such as client name and caller class name, which successfully narrow down the logged-in logs I require. Is there a way to aggregate these logs with additional query logic to identify the earliest and latest logs within each distinct set defined by the combination of username, app name, and environment?
The main thing here is that I cannot use a visualization or lens. These do not allow for .csv POST URL's. I need to add the additional query logic within Discover so I can create a CSV post url.
Any insights or suggestions would be greatly appreciated. Thank you!
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
