Hi Elastic Team,
I want to be able to subtract the field @timestamp for two events. For exmample, i recieve 1 event by second, so, i would like to subtract the last event to arrive against the penultimate event to arrive.
How can i do this?
Thanks
Hello,
You can definitely use runtime fields or scripted fields to do it. But there might be other ways of getting the same data to look at. How were you planning to visualize this data?
Thanks
Bhavya
Hi bhavyram, i apreciate your answer,
I planning to show a gauge with ranges. My target is show how many transaction are above to 10seg for example.
1 transaction is two events that i identify by my log logic, so, i want to subtract those events.
Hi, Elatic team, @bhavyarm i apreciate if you give me an example how can i use the runtime fields. I had seen a lot of information, but i don't understand. I mean, we can create a runtime fields into a index, but i really don't understand the better how can i start.
If you can bring me some information will be great.
Thanks
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.