Problem:
I have aggregated accesslog data from different webservers in a large
logstash index. My goal is to get the page *visits* out of the accesslog
hits.
A *visit* is defined as following: A visit results out of one or more hits
from a single ip address in a specific time frame. Due to different
products on the webservers each domain should be considered separately.
My questions are:
- Can this problem already be solved with build-in elasticsearch
features? If *yes*, how?
- If *no*:
- What kind of plugin would you suggest?
My own considerations lead from building a custom filter to retrieve just
the data I need, to build a plugin which analyses the accesslog index and
put the visit-data into a new index.
Maybe someone can help me? I appreciate every answer. Thank you for your
time!
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/1abed157-cdc2-4e0f-b314-a954c20b89f2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
