This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
DQL
Questions about Dynatrace Query Language
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

New riddle for the enthusiasts, who can give me the answer?

henk_stobbe
DynaMight Leader
DynaMight Leader

‎27 Oct 2025 07:26 PM

Hello I found more, but this is a simple example

Why gives: 

fetch logs | sort content | dedup content | summarize count()

A different value then:

fetch logs  | dedup content | sort content | summarize count()

KR Henk

@zanting

Labels:
Reply
4 REPLIES 4

m3tomlins
Helper

‎27 Oct 2025 08:47 PM - edited ‎28 Oct 2025 12:27 AM

FUN!

"The original order of the records is not preserved. Therefore, by default the sequence of records that are chosen during deduplication is random. If you want to pick a particular record out of the duplicates, you can use the sort parameter." (docs)

  - sorting first ensures the order of records sequenced into the deduplication algorithm, potentially more predictable
  - deduplication first on a randomized order seems less predicatable to me

How does this compare internally to using the sort option included in the dedup function?
        |  dedup {fieldA, fieldB}, sort {fieldA asc, fieldB desc}




 

Dynatrace AllStar | Community Champion | @m3tomlins | @performacology | Dynatracer at FreedomPay
0 Kudos
Reply

p_devulapalli
Leader

‎28 Oct 2025 02:25 AM

@henk_stobbe I think the count returned should be same for both the queries , unless they are executed at different intervals . As they are logs which are continuously ingested even less than a second difference can give you a different count 

Phani Devulapalli
Reply

henk_stobbe
DynaMight Leader
DynaMight Leader
In response to p_devulapalli

‎29 Oct 2025 01:17 PM

Hello,

Problem (at my end) is that every part of the "pipeline" seems to have its own limits (-;  so you can loose data in every step. Not sure how to prevent this when using multiple steps.

So starting with 9999 log lines, after the sort you can end up with 8888 (as an example),

KR Henk

0 Kudos
Reply

m3tomlins
Helper
In response to henk_stobbe

‎29 Oct 2025 02:22 PM

This is true in multiple languages, not just DQL.

The limits on each step in the query are applied from the configuration in the tile/segment.

This would be different from a "| limit {n}" applied at the end of the processing.

For your riddle, however - I think it's good to remember how the dedup function works in DQL: it is not sorted by default and on a large query, sorting before dedup can improve performance quite a lot.


Dynatrace AllStar | Community Champion | @m3tomlins | @performacology | Dynatracer at FreedomPay
0 Kudos
Reply
Ask a question

Featured Posts