Datadog syntax
From wikinotes
Documentation
facets https://docs.datadoghq.com/logs/explorer/facets/#manage-facets
Example
sum:my_metric{*}.as_count() # sum counts per-sample of `my_metric` sum:my_metric{env:prod} # `my_metric`, where tag `env=prod`
Basics
Entering Queries
There is both a JSON query (all-text), and a UI-aided query.
Notebooks: - New Notebook: - </> # on the far right of the query, this toggles interactive "json-syntax" queriesComponents
Queries have a
term
and anoperator
.terms
facet: @host, @url # provided by the application, applies to all metrics tag: status, perform_time # assigned to your specific metric when emittedtags
Datatypes
Metrics are assigned datatypes
Operators
You can do operator math.
node.avail_memory / node.total_memory* # multiply / # divide + # add - # subtract
Filters
Glob/Wildcard
You can glob-match metrics.
jobs:*{*} # jobs.* with no tag matchersTag-Search
Tag-Search lets you conditionally match metrics by tag.
AND # metric with both tags OR # metric with either tag - # (AND|OR) exclude results with another matcherperform_time{(env:prod AND env:staging)} perform_time{(env:prod AND -user:test)}Comparison/Ranges
Exclude records by numerical operators, or ranges
foo.response_time:>100 foo.response_time:[100 TO 200]
Aggregation (Samples)
rollup lets you change the sample-size, to a time period in seconds.
avg:perform_time{*}.rollup(avg, 60) # average-perform time, within 60s windows