doc1: message: Reconciliation for plan 141 - Line 3 is completed
This is my case in a index
doc2: message: Reconciliation for plan 141 - Line 3 is started
doc3: message: Reconciliation for plan 141 - Line 3 is Failed
Each document will be having a "message" field with messages as described above.
In this case, I need to use scripted field in kibana to distinguish between which line is started and which lines are failed and which line is competed so that I can visualize and identify.
SO I need to write a query in scripted field in order to visualize. How to aggregate and how can i visualize it?
I would recommend extracting this into a separate fields at index time as it will require you to do much less work for every query and therefore scale and perform much better.
Nope.. There will be multiple documents that contain different Line. for example line 4, line 5, line 6 and so on. So I need to check which line has started, failed and completed.
message: Reconciliation for plan 141 Line 3 is completed
doc2:
message: Reconciliation for plan 141 Line 3 is started
doc3:
message: Reconciliation for plan 141 Line 3 is failed
doc4:
message: Reconciliation for plan 190 Line 10 is failed
doc5:
message: Reconciliation for plan 200 Line 17 is completed
.
.
.
It will keep on going like this.
In the above you can see that Line number and Plan id varies.
This is my case. When the "Line number" and "plan id" varies for every document and for every line number , it will show the the status as line 15 started, line 15 failed and similarly line 120 started, line 120 completed as you can see above in the message field.
In this case how can i aggregate all line numbers and how can i find the respective status?.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.