Dear Team, We are generating the Temporary ID based on the Parameter which is crossing beyond the Park Average. Here i have attached a scenario for a single Parameter. For each day alert Generating for a Particular Events. The code which we using,

index="alert_id" ID="KirvereGKA42SlipRingTemperatureHigh"
|dedup New_ID, Turbine, Alert_ID, Unique_ID, CreatedDate
|eval Today=strftime(relative_time(now(), "@d"), "%Y-%m-%d")
|eval Date_1 = strptime(CreatedDate,"%Y-%m-%d")
|eval Date_2 = strptime(Today,"%Y-%m-%d")
|eval Duration = round((Date_2 - Date_1)/86400)
|streamstats window=2 range(Date_1) as NDate by ID
|eval Dur_Str = round(NDate/86400)
|eval Combine = if(Dur_Str<=1,"Open","Closed")
|eval OpenDate = if(Combine="Open", CreatedDate, "")
|eval ClosedDate = if(Combine="Closed", CreatedDate, "")
| streamstats count as S_No by ID
|eval Close = case(Combine="Closed",S_No)
|eventstats values(eval(if(S_No >= Close, "Closed", "Open"))) as Status by S_No
|table S_No, Alert_ID, WindFarm, Turbine, Category, WindFarm, Parameter, WTG_value, farm_avg, CreatedDate, Duration, Dur_Str.

Output of the Code ,Please find the below screenshot for your reference.

From the above table we need to find the duration of the Particular Events, for that i have derived the day difference from today date and days difference between rows. What we want, you can see the above table from the below we are having the Events occurred from 20/07/2020(Open) to 26/07/2020(Closed) and its not happened till 03/08/2020. After that the same events happened on 04/08/2020(Open) to 31/08/2020(Closed) and its again started on 02/09/2020(Open) to till date. We need the output like the below table:

Please Help me on this, how to we derive OPEN and Closed Status of the Particular Events based on the Date?

Thanks in Advance.