Don't group by stream in metric query

Hi,
I am pretty new to loki but familiar with grafana in combination with influxdb. With influxdb an aggregation is always done over all tags combined. If I want to do split it by tag I have to group by the tag.

With Loki it seems to be the opposite. An aggregation is done separately for each stream. But I didn’t find a way to do it for all combined.

Example:
I have a log from an application (frigate) where I extract some labels (compose_project, compose_service, container_name, level, module).

I want a graph that shows me the total number of log messages for that application. So I set the label filter to compose_project=“frigate” and use the count_over_time aggregation.
The raw query is: count_over_time({compose_project="frigate"} [$__interval])
This gives me a result for every stream. How do I combine them into one value?

image1760×873 69.4 KB

This seems like such a basic thing to do, but I couldn’t figure it out =(

My guess:

sum(
  count_over_time(
    {compose_project="frigate"}[$__interval]
  )
)

Thanks for your answer!
I tried this before because from the description in the documentation it sounded like it could be the solution. Unfortunately, it isn’t really what I want either. It is now combined into one field, but the points are the same.

sum(count_over_time({compose_project="frigate"} [$__interval]))

image1389×532 19.5 KB

I tried to change the time range, but that confuses me even more.
sum(count_over_time({compose_project="frigate"} [1m]))

image1398×563 20.6 KB

Summing by level also doesn’t help.
sum by(level) (count_over_time({compose_project="frigate"} [$__interval]))

image1388×525 20.2 KB

Here are the logs messages if that helps:

image947×615 100 KB

Okay looks like (as I suspected) I was only confused because it works differently than with influxdb. I expected one point for each time range that I set, e.g. 1h or 1m.