This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
DQL
Questions about Dynatrace Query Language
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Creating a MTTD tile in DT dashboard

sarfarazx01a
Visitor

‎30 Sep 2025 11:52 AM

Hi All,

I'm working on a tile for Mean Time To Detect (MTTD) to detect the problem when it occurs first. I wrote a DQL query, but I think the query is not giving the correct results. Can anyone please assist me on this.

fetch events
| filter event.kind == "DAVIS_PROBLEM"
| fieldsAdd time
| fieldsAdd detection_time = toDuration(timestamp - event.start)
//| summarize mean_detection_time = avg(detection_time)

0 Kudos
Reply
3 REPLIES 3

p_devulapalli
Leader

‎02 Oct 2025 02:20 AM

@sarfarazx01a Depending on your definition of MTTD you can use something like below to calculate MTTD for each of the problems . 

fetch events
| filter event.status_transition == "CREATED" AND event.kind == "DAVIS_PROBLEM"
| fieldsAdd `PRB_MTTD` = timestamp - event.start

 

Phani Devulapalli
Reply

sarfarazx01a
Visitor
In response to p_devulapalli

‎08 Dec 2025 02:27 PM

Hi @p_devulapalli ,

Thank you for the query, but the query doesn't give the correct MTTD. In my environment, a problem detected at 19:30 and it gave a MTTD as 9.06 min but the problem started analysis at 19:27 so the MTTD would be 3 min, am i correct with the below scenario?
Kindly suggest

19:27 Analysis timeframe start. Davis evaluates performance across timeframe (for example, 3 of 5 minutes show anomalous performance). No event reported at this time.
19:39 Earliest event in analysis timeframe reported, backdated to analysis timeframe start. Problem is in processing state awaiting completion of topology analysis. Problem is raised and pushed to Dynatrace web UI and Problems API.
19:39 Davis completes processing of the problem. Alerts are delivered via alerting profiles.
Thanks,
Sarfaraz

 

0 Kudos
Reply

t_pawlak
Champion
In response to sarfarazx01a

‎09 Dec 2025 08:02 AM

Hi @sarfarazx01a 

Yes — based on how Dynatrace works internally, your 3-minute interpretation is conceptually correct, but from a DQL perspective the platform only exposes the analysis window start and the problem creation time.

So in practice, the only universally reliable MTTD you can calculate in DQL is:

MTTD = problem creation time – analysis start time

Try this:

fetch events
| filter event.kind == "DAVIS_PROBLEM"
| filter event.status_transition == "CREATED"
| fields
    problem_id = event.id,
    problem_created = timestamp,
    analysis_start = event.start
| fieldsAdd
    MTTD = problem_created - analysis_start
| summarize
    avg_MTTD = avg(MTTD),
    min_MTTD = min(MTTD),
    max_MTTD = max(MTTD)

t_pawlak_0-1765267312164.png

 

0 Kudos
Reply
Ask a question

Featured Posts