I have several different indices grabbing events that have definitive start and stop points (I have an eventKey field that says "started" or "ended"). Each field also has a unique eventId field so that all things that happen in a given event have the same ID. Is there a way via painless where if t…

This question looks like another case of "joining related records based on a high cardinality ID" See How to search relationship between log lines

Discuss the Elastic Stack

Using painless to calculate durations

Elastic Stack Elasticsearch

warkolm (Mark Walkom) February 13, 2018, 10:05pm 10

How to calculate delta value might also be useful.

Topic		Replies	Views
Time elapsed difference between two events tagged as start and stop Kibana painless	4	342	March 18, 2021
Elapsed time calculation between different events Elasticsearch	2	3617	July 9, 2019
[SOLVED] Measuring duration without using elapsed Logstash	3	865	December 28, 2016
Calculate time between different events with same ID Logstash	1	299	May 31, 2020
Measuring multiple event durations with elapsed plugin Logstash	2	621	December 15, 2017

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.

Using painless to calculate durations

Related topics