Datadog syntax: Difference between revisions

From wikinotes
No edit summary
Line 10: Line 10:
= Example =
= Example =
<blockquote>
<blockquote>
Perform queries
<syntaxhighlight lang="yaml">
# there is the JSON query syntax (described here)
# and a UI-assisted JSON query syntax where the code is abstracted.
Notebooks:
  - New Notebook:
    - </>  # on the far right of the query, this toggles interactive "json-syntax" queries
</syntaxhighlight>
<syntaxhighlight lang="promql">
<syntaxhighlight lang="promql">
sum:my_metric{*}.as_count()  # sum counts per-sample of `my_metric`
sum:my_metric{*}.as_count()  # sum counts per-sample of `my_metric`
Line 16: Line 25:
</blockquote><!-- Example -->
</blockquote><!-- Example -->


= Basics =
= Components =
<blockquote>
== Entering Queries ==
<blockquote>
There is both a JSON query (all-text), and a UI-aided query.
 
<syntaxhighlight lang="yaml">
Notebooks:
  - New Notebook:
    - </>  # on the far right of the query, this toggles interactive "json-syntax" queries
</syntaxhighlight>
</blockquote><!-- Entering Queries -->
 
== Components ==
<blockquote>
<blockquote>
Queries have a <code>term</code> and an <code>operator</code>.
Queries have a <code>term</code> and an <code>operator</code>.
Line 44: Line 40:
</syntaxhighlight>
</syntaxhighlight>
</blockquote><!-- Components -->
</blockquote><!-- Components -->
</blockquote><!-- Basics -->


= Datatypes =
= Datatypes =

Revision as of 22:21, 5 May 2022

Documentation

facets https://docs.datadoghq.com/logs/explorer/facets/#manage-facets

Example

Perform queries 

# there is the JSON query syntax (described here)
# and a UI-assisted JSON query syntax where the code is abstracted.
Notebooks:
  - New Notebook:
    - </>  # on the far right of the query, this toggles interactive "json-syntax" queries

sum:my_metric{*}.as_count()  # sum counts per-sample of `my_metric`
sum:my_metric{env:prod}      # `my_metric`, where tag `env=prod`

Components

Queries have a term and an operator.

terms 

facet:  @host, @url           # provided by the application, applies to all metrics
tag:    status, perform_time  # assigned to your specific metric when emitted

tags

Datatypes

Metrics are assigned datatypes

Operators

You can do operator math. 

node.avail_memory / node.total_memory

*  # multiply
/  # divide
+  # add
-  # subtract

Filters

Glob/Wildcard

You can glob-match metrics. 

jobs:*{*}   # jobs.* with no tag matchers

Tag-Search

Tag-Search lets you conditionally match metrics by tag. 

AND  # metric with both tags
OR   # metric with either tag
-    # (AND|OR) exclude results with another matcher

perform_time{(env:prod AND env:staging)}
perform_time{(env:prod AND -user:test)}

Comparison/Ranges

Exclude records by numerical operators, or ranges 

foo.response_time:>100
foo.response_time:[100 TO 200]

Aggregation (Samples)

rollup lets you change the sample-size, to a time period in seconds. 

avg:perform_time{*}.rollup(avg, 60)  # average-perform time, within 60s windows
Retrieved from "http://willpittman.net:8080/index.php?title=Datadog_syntax&oldid=29699"