So the thing is, if someone login, it'll the feed the first index for login information. And it'll feed the second index with the application dependent information. Both will get the identical timestamp.
So what we want is, to know which user successfully launched the dependent Applications through centrify login.
We cannot use the second index only because they might not have logged in in between and just launched something or did something else.
There is no application stored in the first index and no login information in the second index.
And if the ApplicationID is A , then display as "AppA" and if ApplicationID is B then display as "AppB"