Hi,
I am pretty new to loki but familiar with grafana in combination with influxdb. With influxdb an aggregation is always done over all tags combined. If I want to do split it by tag I have to group by the tag.
With Loki it seems to be the opposite. An aggregation is done separately for each stream. But I didn’t find a way to do it for all combined.
Example:
I have a log from an application (frigate) where I extract some labels (compose_project, compose_service, container_name, level, module).
I want a graph that shows me the total number of log messages for that application. So I set the label filter to compose_project=“frigate” and use the count_over_time aggregation.
The raw query is: count_over_time({compose_project="frigate"} [$__interval])
This gives me a result for every stream. How do I combine them into one value?
Thanks for your answer!
I tried this before because from the description in the documentation it sounded like it could be the solution. Unfortunately, it isn’t really what I want either. It is now combined into one field, but the points are the same.
Okay looks like (as I suspected) I was only confused because it works differently than with influxdb. I expected one point for each time range that I set, e.g. 1h or 1m.
