Datadog syntax: Difference between revisions
From wikinotes
(→Syntax) |
|||
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= Documentation = | |||
<blockquote> | |||
{| class="wikitable" | |||
|- | |||
| facets || https://docs.datadoghq.com/logs/explorer/facets/#manage-facets | |||
|- | |||
| functions || https://docs.datadoghq.com/dashboards/functions/#overview | |||
|} | |||
</blockquote><!-- Documentation --> | |||
= | = Example = | ||
<blockquote> | <blockquote> | ||
Perform queries | |||
<syntaxhighlight lang="yaml"> | <syntaxhighlight lang="yaml"> | ||
# there is the JSON query syntax (described here) | |||
# and a UI-assisted JSON query syntax where the code is abstracted. | |||
Notebooks: | Notebooks: | ||
- New Notebook: | - New Notebook: | ||
- </> # on the far right of the query, this toggles interactive "json-syntax" queries | - </> # on the far right of the query, this toggles interactive "json-syntax" queries | ||
</syntaxhighlight> | </syntaxhighlight> | ||
</blockquote><!-- | |||
<syntaxhighlight lang="promql"> | |||
sum:my_metric{*}.as_count() # sum counts per-sample of `my_metric` | |||
sum:my_metric{env:prod} # `my_metric`, where tag `env=prod` | |||
</syntaxhighlight> | |||
</blockquote><!-- Example --> | |||
= Components = | |||
<blockquote> | |||
Queries are composed of a <code>term</code> and an <code>operator</code>. | |||
terms | |||
<syntaxhighlight lang="yaml"> | |||
facet: @host, @url # provided by the application, applies to all metrics | |||
tag: status, perform_time # assigned to your specific metric when emitted | |||
</syntaxhighlight> | |||
operator | |||
<syntaxhighlight lang="yaml"> | |||
</syntaxhighlight> | |||
</blockquote><!-- Components --> | |||
= Datatypes = | = Datatypes = | ||
Line 20: | Line 51: | ||
</blockquote><!-- Datatypes --> | </blockquote><!-- Datatypes --> | ||
= | = Operators = | ||
<blockquote> | |||
You can do operator math. | |||
<syntaxhighlight lang="promql"> | |||
node.avail_memory / node.total_memory | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="promql"> | |||
* # multiply | |||
/ # divide | |||
+ # add | |||
- # subtract | |||
</syntaxhighlight> | |||
</blockquote><!-- Operators --> | |||
= Filters = | |||
<blockquote> | |||
== Glob/Wildcard == | |||
<blockquote> | <blockquote> | ||
You can glob-match metrics. | |||
<syntaxhighlight lang="promql"> | <syntaxhighlight lang="promql"> | ||
jobs:*{*} # jobs.* with no tag matchers | |||
</syntaxhighlight> | </syntaxhighlight> | ||
</blockquote><!-- | </blockquote><!-- Glob/Wildcard --> | ||
== Tag-Search == | |||
<blockquote> | |||
Tag-Search lets you conditionally match metrics by tag. | |||
<syntaxhighlight lang="promql"> | |||
AND # metric with both tags | |||
OR # metric with either tag | |||
- # (AND|OR) exclude results with another matcher | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="promql"> | |||
perform_time{(env:prod AND env:staging)} | |||
perform_time{(env:prod AND -user:test)} | |||
</syntaxhighlight> | |||
</blockquote><!-- Tag-Search --> | |||
= | == Comparison/Ranges == | ||
<blockquote> | <blockquote> | ||
Exclude records by numerical operators, or ranges | |||
<syntaxhighlight lang="promql"> | <syntaxhighlight lang="promql"> | ||
foo.response_time:>100 | |||
foo.response_time:[100 TO 200] | |||
</syntaxhighlight> | </syntaxhighlight> | ||
</blockquote><!-- Joins --> | |||
</blockquote><!-- Comparison/Ranges --> | |||
= Aggregation (Samples) = | |||
<blockquote> | |||
rollup lets you change the sample-size, to a time period in seconds. | |||
<syntaxhighlight lang="promql"> | <syntaxhighlight lang="promql"> | ||
avg:perform_time{*}.rollup(avg, 60) # average-perform time, within 60s windows | |||
</syntaxhighlight> | |||
You cannot use numeric filters on aggregated samples, but there are helpful functions. | |||
<syntaxhighlight lang="promql"> | |||
cutoff_min(avg:perform_time{*}.rollup(avg, 60), 10) # only show samples that exceed 10 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
</blockquote><!-- | </blockquote><!-- Aggregation (Samples) --> | ||
= Functions = | |||
<blockquote> | |||
Several functions are available. See docs | |||
https://docs.datadoghq.com/dashboards/functions/#overview | |||
</blockquote><!-- Functions --> |
Latest revision as of 22:48, 5 May 2022
Documentation
facets https://docs.datadoghq.com/logs/explorer/facets/#manage-facets functions https://docs.datadoghq.com/dashboards/functions/#overview
Example
Perform queries
# there is the JSON query syntax (described here) # and a UI-assisted JSON query syntax where the code is abstracted. Notebooks: - New Notebook: - </> # on the far right of the query, this toggles interactive "json-syntax" queriessum:my_metric{*}.as_count() # sum counts per-sample of `my_metric` sum:my_metric{env:prod} # `my_metric`, where tag `env=prod`
Components
Queries are composed of a
term
and anoperator
.terms
facet: @host, @url # provided by the application, applies to all metrics tag: status, perform_time # assigned to your specific metric when emittedoperator
Datatypes
Metrics are assigned datatypes
Operators
You can do operator math.
node.avail_memory / node.total_memory* # multiply / # divide + # add - # subtract
Filters
Glob/Wildcard
You can glob-match metrics.
jobs:*{*} # jobs.* with no tag matchersTag-Search
Tag-Search lets you conditionally match metrics by tag.
AND # metric with both tags OR # metric with either tag - # (AND|OR) exclude results with another matcherperform_time{(env:prod AND env:staging)} perform_time{(env:prod AND -user:test)}Comparison/Ranges
Exclude records by numerical operators, or ranges
foo.response_time:>100 foo.response_time:[100 TO 200]
Aggregation (Samples)
rollup lets you change the sample-size, to a time period in seconds.
avg:perform_time{*}.rollup(avg, 60) # average-perform time, within 60s windowsYou cannot use numeric filters on aggregated samples, but there are helpful functions.
cutoff_min(avg:perform_time{*}.rollup(avg, 60), 10) # only show samples that exceed 10
Functions
Several functions are available. See docs