Here comes one use case. Suppose the logs are coming in the logstash but its stop getting logs for some time interval. I want to know this time lag.
For Example :
At certain point of time like at 14:37:46 , i got this log messages.
2015-10-14 14:37:46 TRACE Example 21 NO_MEMORY!
2015-10-14 14:37:46 DEBUG Example 22 unable to load for debugging!
2015-10-14 14:37:46 INFO Example 23 uplaodes successfully!
2015-10-14 14:37:46 WARN Example 26 permission denied!
2015-10-14 14:37:46 ERROR Example 27 NullPointerException!
2015-10-14 14:37:46 FATAL Example 28 NoConnectionPending
Now, after certain time interval like at 14:48:05 , i got another log messages.
2015-10-14 14:48:05 WARN Example 26 permission denied!
2015-10-14 14:48:05 ERROR Example 27 NullPointerException!
2015-10-14 14:48:05 FATAL Example 28 NoConnectionPending
2015-10-14 14:48:05 TRACE Example 21 NO_MEMORY!
2015-10-14 14:48:05 DEBUG Example 22 unable to load for debugging!
2015-10-14 14:48:05 INFO Example 23 uplaodes successfully!
2015-10-14 14:48:05 WARN Example 26 permission denied!
As one can see from the above logs that there is a time lag between the timestamps.So, i want to calculate this time difference so that in future i could analyze in Kibana and find out the reason why there comes time lag.