So i have numerous logs regarding user accessing app to order food for delivery.
based on the session id, and user id, I'm able to find the first and last timestamp of each session and calculate the duration of it.
However, I also want to calculate the duration between user firstly access the app and the moment the user places order.
basically each step the users engages with the app, there's a specific API for it. so the moment the user places order , there's field called route_path: API/place_order. I simply want to find out the timestamp where user placed order using this route_path field and find difference, anyone could help? appreciate it.
the current query only finds the first and last timestamp for each session.
index="some jason file" stats earliest(_time) as first,latest(_time) as last values(user_id) as user_id by session_id | convert ctime(first) as First ctime(last) as Last |eval duration=last-first | eval difference=strftime(duration,"%m/%d-%Y %H:%M:%S") | eval entire_session_duration=tostring(duration, "duration") | eval entire_session_time = replace(entire_session_duration,"(?:()\+)?0?(\d+):0?(\d+):0?(\d+)"," \2h \3m \4s") | table user_id user_id session_id First Last entire_session_duration entire_session_time | search session_id!=""
↧