ES|QL INCREASE function
field- the metric field to calculate the value for
window-
the time window over which to compute the increase over time
Calculates the absolute increase of a counter field in a time window.
| field | window | result |
|---|---|---|
| counter_double | time_duration
|
double |
| counter_integer | time_duration
|
double |
| counter_long | time_duration
|
double |
TS k8s
| WHERE pod == "one"
| STATS increase_bytes_in = SUM(INCREASE(network.total_bytes_in)) BY cluster, time_bucket = TBUCKET(10minute)
| increase_bytes_in:double | cluster:keyword | time_bucket:datetime |
|---|---|---|
| 2453.5 | prod | 2024-05-10T00:00:00.000Z |
| 5828.87 | qa | 2024-05-10T00:00:00.000Z |
| 2591.440476190476 | staging | 2024-05-10T00:00:00.000Z |