This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Get all problems for a specific tag ("Application") on a service and a specific tag on a host ("Environment")

jmoormann
Newcomer

‎20 Oct 2023 08:10 PM - last edited on ‎02 Oct 2024 01:38 PM by Community Team

Been trying to work out a DQL to get all the problems from events where the service with the problem is filtered on a custom tag called "Application", and where the host the service runs on is filtered on a custom tag called "Environment".

Been working with support, but they suggested asking here for additional help. So far I have this query:

fetch events
| filter event.kind == "DAVIS_PROBLEM" 
| lookup sourceField:runs_on[dt.entity.host], lookupField:id, fields:{host.name = entity.name}
| fieldsAdd entity.type, lifetime, tags
| filter matchesValue(entity_tags,"Application:ContractHub")
| filter event.status != "CLOSED"
| summarize Problems = count()

 However, I am getting a syntax error on the lookup section:

There aren't enough parameters for command `lookup`. 1 mandatory parameter is missing: lookupTable. lookupTable: Sub-query for records with fields to add or overwrite in the input.

I don't see a "lookupTable" argument in the docs (https://www.dynatrace.com/support/help/platform/grail/dynatrace-query-language/commands#lookup), so not sure what to change

Thanks!

Reply
2 REPLIES 2

ChadTurner
DynaMight Legend
DynaMight Legend

‎17 Nov 2024 10:01 PM

While this is an older posting, there is a new Problems Page that I recommend you take a look at as it might help you solve your issues. 

-Chad
0 Kudos
Reply

Fin_Ubels
Dynatrace Champion
Dynatrace Champion

‎17 Nov 2024 10:27 PM

While I'm not sure what the docs had at the time of the original post there are some great examples of how to use the lookup command now which can be found here: https://docs.dynatrace.com/docs/platform/grail/dynatrace-query-language/commands/correlation-and-joi...

As for specifically what is wrong with the above mentioned query, you need to specify a table to fetch from. So it would look something like:

| lookup [fetch dt.entity.host], sourceField:runs_on[dt.entity.host], lookupField:id, fields:{host.name = entity.name}

When doing a lookup, you are running a whole other DQL command and then using the source/lookup field to match records together. So within the [] you can do much more than just the fetch as well.

0 Kudos
Reply
Ask a question

Featured Posts