Loki Query for Counting Logs by Status Code

shaharnik1 · December 15, 2024, 9:11am

Hi everyone,

I’m having trouble writing a Loki query in Grafana that returns the total number of logs for each status code (e.g., how many 200 status logs, how many 304 status logs, etc.). I’ve tried several queries, but most of them don’t compile correctly.

Here’s an example of what I’ve tried:

sum by (status) (count_over_time({job="nginx"}[1h]))

I’m using Loki as my data source and need to group the logs by the status label. Can anyone help me figure out what’s wrong with my query or suggest a better approach?

Thanks in advance for your help!

tonyswumac · December 15, 2024, 5:32pm

Please provide a sample of your logs.

shaharnik1 · December 16, 2024, 7:26am

172.20.0.1 - - [14/Dec/2024:16:39:35 +0000] “GET / HTTP/1.1” 304 0 “-” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36” “-”

tonyswumac · December 16, 2024, 9:40pm

Try this:

sum by (status) (
  count_over_time(
    {job="nginx"} | pattern `<ip> <_> <_> [<time>] "<method> <path> <protocol>" <status> <_> "<_>" "<_>" "<_>"`
    [1h]
  )
)

simulator: Simple LogQL simulator | Grafana Loki documentation

Topic		Replies	Views
Loki - Grafana query help Grafana	0	251	March 6, 2020
LogQL Group dynamic request in one line Grafana Loki loki	2	457	December 22, 2023
Simple Daily Log Count Grafana Loki	1	778	October 20, 2022
Sum total number of items returned by a LogQL qery Grafana loki , query-help	14	32	September 2, 2024
`sum(count_over_time({...}[$__range])) group by (...)` counts an entry where there is none Grafana Loki	1	362	October 20, 2023

Loki Query for Counting Logs by Status Code

Related topics