I have next request and I’m looking for help.
My logs contains fields operation_id and step.
Ex : Operation_id : 123, Step : 1, Timestamp1.1 Operation_id : 124, Step : 1, Timestamp1.2 Operation_id : 124, Step : 2, Timestamp2.2 Operation_id : 123, Step : 2, Timestamp2.1
My request is that I need to get Timestamp2.1 - Timestamp1.1 for Operation_id : 123
and Timestamp2.2 - Timestamp1.2 for Operation_id : 124.
Can I do that?
If yes, how? And if not, can I create some fields like $message.timestamp.hourOfDay and
$message.timestamp.dayOfYear as number so I can do that specific operation?
Is there any way to automaticaly group logs by operation_id?
In the end, I want to have a quick values list(table) widget as following :
Generic : Operation_id - ( Timestamp2.1 - Timestamp1.1 ) Example : 123 - 2 days 3 hours 124 - 4 hours
Is this possible?
Thank you for your time and help!