Split series based on log lines values

Grafana Loki
1

Hello, I have got logs like:
info url: ‘/endpoint1’ responseTime: 80
info url: ‘/endpoint2’ responseTime: 89
info url: ‘/endpoint1’ responseTime: 1200
info url: ‘/endpoint1’ responseTime: 83

I want to make a panel to visualize an histogram of my line logs counts, splitting them in two series normal responses (responseTime<100) and slow responses (responseTime>=100). How can I do it?

Similar to:

image
image496×814 12.4 KB

2 
{<SELECTOR>}
  | pattern "<_> <_> <_> <_> <response_time>"
  | response_time < 100 # or >= 100
1 Like
3

Thx Tony, I´m sorry but I don´t understand… this way you can do a query with all needed logs or two queries, one of them with slow and normal responses. What I don´t know how to make a bar viz. showing these two series, or these two queries in a combined way like picture before.

4

There are two ways you can do this:

  1. Do two queries, and use Grafana transformation to combine them (not sure if this is strictly needed) before graphing with bar chart.
  2. You can make it into one query by creating a label based on whether it’s bigger or smaller than 100, then aggregate based on that label. For example:
{<SELECTOR>}
  | pattern "<_> <_> <_> <_> <response_time>"
  | label_format response_time_bigger_than_100="{{ if .response_time >= 100 }}true{{else}}false{{end}}"

Then you can aggregate on the response_time_bigger_than_100 label.