GRAFANA Loki - How to obtain a value deppending on a patterns. Unwrap is necessary?

Grafana Loki
1

Hi
I would like to obtain a graph from the log with the max, min and the average in a interval time configurable (by default: five seconds).

A log extract:
Oct 2 08:54:28 server1-mngt tag_PrePrueba_access_log: 2023-10-02 08:51:25 10.51.204.249 5.336 POST 964bfa50-d5bf-4b38-832f-a6c51214ce7a-0005f963 /Cliente/MediaInstanceWS/v1.9 200 “OK” 571
Oct 2 08:54:28 server1-mngt tag_PrePrueba_access_log: 2023-10-02 10:58:58 10.51.204.249 24.258 POST 3c6dda72-62a9-427e-9d7b-8a01a1ad3d7d-000058f5 / Cliente /CrearContactosWS/v1.0 200 “OK” 958
Oct 2 08:54:28 server1-mngt tag_PrePrueba_access_log: 2023-10-02 09:44:45 10.51.204.249 23.235 POST 3c6dda72-62a9-427e-9d7b-8a01a1ad3d7d-00005b49 / Cliente /CrearContactosWS/v1.0 200 “OK” 958
Oct 2 08:54:28 server1-mngt tag_PrePrueba_access_log: 2023-10-02 16:16:10 10.51.204.249 0.052 GET 964bfa50-d5bf-4b38-832f-a6c51214ce7a-0004e3ff / Cliente /UserWebService/v1.1 200 “OK” 166
Oct 2 08:54:28 server1-mngt tag_PrePrueba_access_log: 2023-10-02 08:51:25 10.51.204.249 7.452 POST da83da21-ca33-4ee9-a7f1-633fefc50707-001570db / Cliente /MediaInstanceWS/v1.8 200 “OK” 7174
Oct 2 08:54:28 server1-mngt tag_PrePrueba_access_log:: 2023-10-02 13:10:18 10.51.204.249 0.052 GET 964bfa50-d5bf-4b38-832f-a6c51214ce7a-0004e3ff / Cliente /UserWebService/v1.1 200 “OK” 166

The labels created are:
month: Oct
day: 2
loki_hour: 08:54:28
server: server1-mngt
log: tag_PrePrueba_access_log
date: 2023-10-02
time: 08:51:25
ip: 10.51.204.249
response_time: 5.336
method:POST
petid: 964bfa50-d5bf-4b38-832f-a6c51214ce7a-0005f963
ws: /Cliente/MediaInstanceWS/v1.9
statusid : 200 “OK”
size:571

I would like to obtain
The first approach:
{host=" server1-mngt "}|~ \t([0-9]{1,}\.[0-9]{1,})\t | pattern <month> <day> <loki_hour> <server> <_>:<date> <time> <ip> <response_time> <method> <petid> <ws> <statusid> <size> | response_time >= 5

with this information I’ve obtained all the ws which need 5 s or more to obtain the data.

Modifying the query:
sum by(ws) (count_over_time({host=“server1-mngt”} |~ \t([0-9]{1,}\.[0-9]{1,})\t | pattern <month> <day> <loki_hour> <server> <_>:<date> <time> <ip> <response_time> <method> <petid> <ws> <statusid> <size> | response_time >= 5 [$__interval])):

image
image1906×742 75.7 KB

But the data I want to obtain is not to count the number but to obtain the min max and average for the ws itself. Something like this:

image
image886×280 33.3 KB

The data for those values.
I don’t know exactly what the query is correctly to obtain this or if it is possible to obtain with the information and the logs I have.

Regards

2

Hi…

I think you can try to change the count_over_time to sum_over_time

Regards,
Fadjar

3

Using this sintax:
sum by(ws) (sum_over_time({host=“sc02osbapt2-mngt”} |~ \t([0-9]{1,}\.[0-9]{1,})\t | pattern <month> <day> <loki_hour> <server> <_>:<date> <time> <ip> <response_time> <method> <petid> <ws> <statusid> <size> | response_time >= 5 [$__range]))
It shows nothing:

image
image1545×583 30.6 KB

And with the sintaxis:
count by(ws) (sum_over_time({host=“sc02osbapt2-mngt”} |~ \t([0-9]{1,}\.[0-9]{1,})\t | pattern <month> <day> <loki_hour> <server> <_>:<date> <time> <ip> <response_time> <method> <petid> <ws> <statusid> <size> | response_time >= 5 [$__range]))

These values are the min max and average for the number of recurrences not the data itself.

If I tray to obtain the data only for the minimun:
min by(ws) (min_over_time({host=“server1”} |~ \t([0-9]{1,}\.[0-9]{1,})\t | pattern <month> <day> <loki_hour> <server> <_>:<date> <time> <ip> <response_time> <method> <petid> <ws> <statusid> <size> | unwrap response_time [$__interval]))
It shows this:

image
image1560×588 71.5 KB

I have the same problem. I can’t show in the graph the minimun for the time the Webservice takes.

Is there any option to obtain this information?

4

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.