Hi, I have two terms in a log that we will call X and Y from date format. I want to send a query that will show me all logs that the value of (X-Y) is greater than 3 (seconds). How can I do this?

If your 2 related dates (start, end) are held on the same JSON document then your problem is simpler. Either use a script at query time to subtract (slower, harder for Kibana end users) or Reindex your content performing the subtraction at insert time (using custom app logic or ingest pipeline) M…

Query checking difference of two terms in a log

Elastic Stack Elasticsearch

Mark_Harwood (Mark Harwood) September 5, 2017, 10:29am 10

Wrong forum

I found this in the logstash forum that looks relevant: Logstash Ruby filter to subtract difference between two timestamps in single event

1 Like

Topic		Replies	Views
Calculate duration between two events using dates Kibana	3	7298	August 16, 2019
Use difference between two numeric values as query criteria in kibana Kibana	7	319	December 19, 2023
Comparing two terms Kibana	15	27104	July 6, 2017
Calculating the difference between datetime cells for an average Kibana lens	9	755	October 17, 2023
Calculation time difference between two document Kibana	5	4860	April 29, 2019

Query checking difference of two terms in a log

Related Topics