Simple Query¶
Query data from different sources and display it in charts by selecting aggregation functions, grouping tags, Labels, and filtering conditions.
Data Source¶
Includes a series of data combinations from Metrics, Logs, Basic Objects, Resource Catalog, Events, APM, RUM, Network, Profile, and Cloud Billing.
| Source | Description |
|---|---|
| Metrics | Requires selecting a Measurement and Metrics. One Measurement can contain multiple Metrics. |
| Other Types | Basic Objects, Resource Catalog: Requires selecting a Class and Attribute/Label; Logs, Events, APM, RUM: Requires selecting a Source and Attribute/Label. |
When Logs are the data source
Different indexes can be selected to correspond to the log content, with default being the default index.
For more details, refer to Log Indexes.
Multiple Queries¶
Select multiple query conditions, and data is displayed grouped by the selected filtering items. Click the AS button to add an alias for each query condition, making it easier to distinguish the display of query results. If you want the added alias to be directly displayed on the chart, click the Legend on the right > Position, and select Bottom or Right.
Label Filtering¶
Prerequisite
Label properties have been set for hosts in Infrastructure > Hosts.
In fx > Label Filtering, select or deselect host Label properties for filtering display.
Add Filter¶
Click the icon to add filtering conditions for the current query.
Multiple filtering conditions can be added under a single query, with each condition having AND and OR as the two possible value relationships.
| Filter Condition | Description | Supported Filter Condition Types |
|---|---|---|
= |
Equal to | Integer, Float, String |
!= |
Not equal to | Integer, Float, String |
>= |
Greater than or equal to | Integer, Float, String |
<= |
Less than or equal to | Integer, Float, String |
> |
Greater than | Integer, Float, String |
< |
Less than | Integer, Float, String |
match |
Contains | String |
not match |
Does not contain | String |
wildcard |
Fuzzy match (supports log-type data except Metrics) | String |
not wildcard |
Fuzzy non-match (supports log-type data except Metrics) | String |
Filter Query¶
After adding filtering conditions, multiple types of value can be selected:
- View Variables:
{{variable_name}} View variable xx value; - Subquery:
{{letter}} xx query result(❗️ Only visible when selectinginandnot infilter conditions); -
Time:
#{startTime} Start time of the chart query#{endTime} End time of the chart query
-
Other optional values.
Functions¶
Click the fx icon to add function calculations for Metrics and other data sources for this query.
Rollup Function¶
Slices data into specified time intervals and calculates and returns data for each interval.
Note
- In time series charts, after selecting this function and aggregation method, go to Advanced Configuration to select the time interval;
- In non-time series charts, after selecting this function, you can choose aggregation methods including
avg,sum,min, etc., and time intervals (interval) including auto, 10s, 20s, 30s, 1m, 5m, 10m, 30m, 1h, 6h, 12h, 1d, 7d, 30d; - Only supports Metrics data queries; other data queries in simple chart mode do not support selecting the Rollup function;
- The Rollup function does not support adding multiple instances.
For more details, refer to Rollup Function.
Transformation Functions¶
Also known as outer functions. The functions supported in UI mode are as follows:
Transformation Function (Outer Function) |
Description |
|---|---|
cumsum |
Cumulative sum of the processed set |
abs |
Calculates the absolute value of each element in the processed set |
log2 |
Calculates the base-2 logarithm of each element in the processed set; the set must have more than one row, otherwise returns a null value |
log10 |
Calculates the base-10 logarithm of each element in the processed set; the set must have more than one row, otherwise returns a null value |
moving_average |
Calculates the moving average of the processed set; the window size must be no less than the number of rows in the processed set, otherwise returns a null value |
difference |
Calculates the difference between adjacent elements in the processed set; the set must have more than one row, otherwise returns a null value |
derivative |
Calculates the derivative of adjacent elements in the processed set; the time unit for derivation is seconds (s) |
non_negative_derivative |
Calculates the non-negative derivative of adjacent elements in the processed set; the time unit for derivation is seconds (s) |
non_negative_difference |
Calculates the non-negative difference between adjacent elements in the processed set; the set must have more than one row, otherwise returns a null value |
series_sum |
When grouping produces multiple series, merges them into 1 series based on time points. Sums multiple series at the same time point; the processed set must have more than one row, otherwise returns a null value |
rate |
Calculates the rate of change of a certain metric over a specified time range, suitable for slowly changing counters. Time unit is seconds (s) |
irate |
Calculates the rate of change of a certain metric over a specified time range, suitable for rapidly changing counters. Time unit is seconds (s) |
In DQL mode, more outer functions are supported. Refer to DQL Outer Functions.
Aggregation Functions¶
UI mode supports selecting aggregation methods to return result values.
| Aggregation Function | Description |
|---|---|
last |
Returns the value of the latest timestamp |
first |
Returns the value of the earliest timestamp |
avg |
Returns the average value of the field. Has exactly one parameter, which is the field name |
min |
Returns the minimum value |
max |
Returns the maximum value |
sum |
Returns the sum of the field values |
P50 |
Returns the 50th percentile value of the field |
P75 |
Returns the 75th percentile value of the field |
P90 |
Returns the 90th percentile value of the field |
P99 |
Returns the 99th percentile value of the field |
count |
Returns the total count of non-null field values |
count_distinct |
Counts the number of distinct values in the field |
difference |
Returns the difference between consecutive time values in a field |
derivative |
Returns the rate of change of a field in a series |
non_negative_derivative |
Returns the non-negative rate of change of values in a field within a series |
In DQL mode, more aggregation functions are supported. Refer to DQL Aggregation Functions.
Window Function¶
Uses the selected time interval as the window (record set) and performs statistical calculations for each record combined with aggregation functions. Supports selecting 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 3 hours, 6 hours, 12 hours, 24 hours.
Note
The window function query result does not change the number of records; the current number of records remains the same after executing the function result.
No Data Filling¶
Sets the method for filling null data, displayed as fill in the query after setting. Includes three types:
| Function | Description |
|---|---|
| Previous Value Filling (previous) | Converts null data to the previous value. |
| Linear Filling (linear) | Fills null data after linear function calculation. |
| Value Filling | Allows custom filling value. |
Advanced Functions¶
Advanced functions are mainly used for further function calculations on data queried by DQL and for intuitive time series chart display.
For more details, refer to Advanced Functions.
Hide Query¶
Click the icon to hide the query result of that item on the chart.
As shown in the figure below, the system loading data only displays the 1m and 15m query results. The 5m system loading query result has been hidden and cannot be viewed on the chart.
