This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Create a 'timeseries-chart' of totals

Go to solution
Chiel
Visitor

‎12 May 2025 08:03 AM - last edited on ‎12 May 2025 08:32 AM by Community Team

Hi All,

I'd like to create a 'timeseries-chart' of totals, for example total number of cars per type, per month. Using 'interval=30d' gives me a 'sliding window' of totals per 30 days, not per month and not starting the first of every month. I want to get an overview of totals for Januari, Februari, Match etc.

Does anyone know how to do this?

Regrads, Chiel

Labels:
0 Kudos
Reply
4 REPLIES 4

Go to solution
marco_irmer
Champion

‎12 May 2025 10:41 PM

This is possible, but requires some steps. Suppose your starting point is timeseries data with interval=24h. In this case, you would use three additional steps:

  1. Transform your timeseries data to generate a separate record for each day. You can start with this DQL snippet and adapt to your needs.
  2. Use the getMonth function to extract the month of the year into a new field. 
  3. Use the summarize command to generate totals by month and use this data as the basis for your visualization.
0 Kudos
Reply

Go to solution
Chiel
Visitor
In response to marco_irmer

‎13 May 2025 07:38 AM

Hi Marco,

Thanks for your reply. 

As you describe it, it worked, but how do you visualize this?

....

| fieldsAdd month = getMonth(timestamp)
| summarize countDistinct(serverName), by:{month,currentOSVersion}

 

monthcurrentOSVersioncountDistinct(serverName)
4Microsoft Windows Server 2016 Stand141
4
Microsoft Windows Server 2019 Standard
163
5
Microsoft Windows Server 2019 Standard
139
5Microsoft Windows Server 2019 Stand164
5
Microsoft Windows Server 2022 Standard
211

 

Because there is no 'real' timestamp anymore in the output, it is not possible to make a bar chart or something like that. The maketimeseries command would be the most obvious for my initial question, but then you cannot make totals per month.

0 Kudos
Reply

Go to solution
krzysztof_hoja
Dynatrace Champion
Dynatrace Champion
In response to Chiel

‎13 May 2025 09:52 PM

getMonth() gives you only month number, which will not be nicely cartable on x-axis where we want to see actual time.

 

let's start with simpler example where the source is not a metric, but event/logs/etc. If we introduce grouping by timeframes defined as full months using @ time alignment operator then bars will reflect full months:

fetch bizevents
| summarize count(), by: { event.provider, timeframe = timeframe(from: timestamp@M, to:timestamp@M+1M) }

 

krzysztof_hoja_0-1747168896378.png

 

When the source is a metric, steps described by @marco_irmer are correct, but I would use technique I described above.

timeseries { req=sum(dt.service.request.count), timestamp=start() } , by:{http.response.status_code}
| fieldsAdd d=record(timestamp=timestamp[], req=req[])
| expand d
| summarize req=sum(d[req]), by: { http.response.status_code=toString(http.response.status_code), 
  timeframe = timeframe(from: d[timestamp]@M, to:d[timestamp]@M+1M) }

 

krzysztof_hoja_1-1747169435534.png

additionally by using start() function in timeseries, we immediately have timestamp of datapoint

Reply

Go to solution
Chiel
Visitor
In response to krzysztof_hoja

‎14 May 2025 08:20 AM

This is what I was looking for. Thanks a lot!

0 Kudos
Reply
Ask a question

Featured Posts