Hi All,
Please suggest how to create the scripted field to have the difference of the time based on specific condition?
Problem statement- The message with unique message ID traverses to 4 states during batch execution
There are four states indexed at different time stamp say State 1>>State 2>>State 3>>State 4 , so how to find elapsed time by doing @time_State 4 -@time_State 1 applying condition on unique message ID for message journey.
Regards,
Prateek
What would you like the end result to look like? Milliseconds? A human readable string?
If you just want a number or millis or seconds, Lucene expressions would be a simple solution https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-scripting-expression.html#_date_field_api
If you'd like to produce a human readable string, Painless should provide the flexibility you need. There's a great blog post with some date math examples that should help get you started https://www.elastic.co/blog/using-painless-kibana-scripted-fields
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.