Hi,
I have log file with transactions that have log records for start and stop of transactions.
It looks like this simplified.
:::<start|stop>::
I want to a measure the time between start and stop as the response time for a transaction with same id,
How do I do it in Elasticsearch and how do I visualize graph in Kibana ?.
If the start/stop records occur close enough together there's a Logstash feature that holds a window of the last N records and can be used to join stops with starts and calculate the duration. Try asking in the Logstash forum here.
If the transactions are longer running or you need robust delivery you might want to check out using entity centric indexing techniques : https://m.youtube.com/watch?v=yBf7oeJKH2Y
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.