This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Compare two dql query count value

Go to solution
biswajit-roy76
Visitor

‎23 Jul 2024 08:36 AM - last edited on ‎24 Jul 2024 07:06 AM by Community Team

I want to compare two logs count value in dql . How can I achieve that?

Labels:
0 Kudos
Reply
3 REPLIES 3

Go to solution
MaciejNeumann
Community Team
Community Team

‎20 Nov 2024 09:59 AM

Hello @biswajit-roy76,

Could you provide more context to your question so our DQL experts can investigate your specific use case?

If you have any questions about the Community, you can contact me at maciej.neumann@dynatrace.com
0 Kudos
Reply

Go to solution
mosharref_hossn
Helper

‎20 Nov 2024 03:48 PM

You can "append" the search result for another log source and count at the end. 

Example: 

fetch logs
| filter dt.system.bucket == "infra_logs"
| append [
    fetch logs
    | filter dt.system.bucket == "app_logs" 
  ] 
| summarize count(), by:{dt.system.bucket}
0 Kudos
Reply

Go to solution
Tiit_Hallas
Dynatrace Helper
Dynatrace Helper

‎25 Nov 2024 10:40 AM

You could use a countIf aggregation function in DQL summarize command, e.g. : 

fetch logs
| summarize messages=countif(log.source == "/var/log/messages"), syslog=countif(log.source == "/var/log/syslog")
| fieldsAdd syslog_is_larger = syslog > messages

 

I had a life once. Then I bought my first computer ...
0 Kudos
Reply
Ask a question

Featured Posts