I have 2 indexes (sys-1-logs, sys-2-logs), I want to get the difference of count of both and plot on Kibana. Is this possible to do ? If yes then how to do it ?
Hello,
I think that you have to use the Timelion visualisation in Kibana
i'll show you an example that you can test in your environnement.
i'm using as time field "TIMESTAMP" , according to your case you can use the timefield which matches with your indexes
Timelion expression
.es(index=sys-1-logs,
timefield='TIMESTAMP',
q='message:*')
.subtract(.es(index=sys-2-logs,
timefield='TIMESTAMP',
q='message:*' )
.legend(columns=2, position=nw))
.title('Sub of counts')
Thanks a lot, it worked !!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.