Hi all,
Before I start, I am a newbie at the ELK stack, so please bear with me.
Currently we are trying to visualize some logging which is being exposed from a database. As a database (data driven) developer, I would like to create a dashboard which shows me aggregated data. For example, the last time a unique error has occurred.
Unfortunately, the combination of last time and unique error means that the aggregation is based on a timestamp (last time) instead of an integer. But we are unable to create such a query. Can this even be done? If not, what is the best way to resolve this?
We can already make sure the creation is done with in the database itself before we expose the data/result. But in my opinion, this defeats the purpose!
Any help would be greatly appreciated!
forum,