Datadog syntax

From wikinotes

Documentation

facets https://docs.datadoghq.com/logs/explorer/facets/#manage-facets

Example

sum:my_metric{*}.as_count()  # sum counts per-sample of `my_metric`
sum:my_metric{env:prod}      # `my_metric`, where tag `env=prod`

Basics

Entering Queries

There is both a JSON query (all-text), and a UI-aided query. 

Notebooks:
  - New Notebook:
    - </>  # on the far right of the query, this toggles interactive "json-syntax" queries

Components

Queries have a term and an operator.

terms 

facet:  @host, @url           # provided by the application, applies to all metrics
tag:    status, perform_time  # assigned to your specific metric when emitted

tags

Datatypes

Metrics are assigned datatypes

Filters

Glob/Wildcard

You can glob-match metrics. 

jobs:*{*}   # jobs.* with no tag matchers

Tag-Search

Tag-Search lets you conditionally match metrics by tag. 

AND  # metric with both tags
OR   # metric with either tag
-    # (AND|OR) exclude results with another matcher

perform_time{(env:prod AND env:staging)}
perform_time{(env:prod AND -user:test)}

Comparison/Ranges

Exclude records by numerical operators, or ranges 

foo.response_time:>100
foo.response_time:[100 TO 200]

Aggregation (Samples)

rollup lets you change the sample-size, to a time period in seconds. 

avg:perform_time{*}.rollup(avg, 60)  # average-perform time, within 60s windows
Retrieved from "http://willpittman.net:8080/index.php?title=Datadog_syntax&oldid=29697"