I could not find anything using Google. Therefore, I hope you could help me here:
Provide the following data:
{ timestamp: 123, id: abcd },
{ timestamp: 234, id: abcd },
{ timestamp: 543, id: abcd }
{ timestamp: 673, id: abcd }
I want to calculate the session length from this data in elastic search / kiban. A session is continuous if the timestamp interval between two ordered records is, for example, less than 200. According to the above data, it is necessary to create two sessions:
1: 234-123 = 111 < 200 | session 1, duration 111
2: 543-234 = 311 > 200 | session 2, duration ...
3: 673-543 = 130 < 200 | session 2, duration 130
How can I achieve this in elastic search?
Thanks in advance.
source
share