SLIDE 1
LogQL in 5 minutes Cyril Tovena What is LogQL ? What is LogQL ? - - PowerPoint PPT Presentation
LogQL in 5 minutes Cyril Tovena What is LogQL ? What is LogQL ? - - PowerPoint PPT Presentation
LogQL in 5 minutes Cyril Tovena What is LogQL ? What is LogQL ? Language to query logs from Loki. Heavily inspired by PromQL. Distributed grep. | 4 Selecting time series with PromQL http_request_duration_seconds_count{
SLIDE 2
SLIDE 3
What is LogQL ?
SLIDE 4
| 4
What is LogQL ?
Language to query logs from Loki. Heavily inspired by PromQL. Distributed grep.
SLIDE 5
| 5
Selecting time series with PromQL
http_request_duration_seconds_count{ cluster=”us-central1”, job=~”dev/loki-.*” }
Metric name Label matchers
SLIDE 6
| 6
Selecting log streams with LogQL
{ cluster=”us-central1”, job=~”dev/loki-.*” } |= “trace_id=7ca877dbda” |~ "SeriesStore." Label matchers Filter expressions Log stream selector:
SLIDE 7
| 7
Filter expressions
- |= Log line contains string.
- != Log line does not contain string.
- |~ Log line matches regular expression.
- !~ Log line does not match regular expression.
SLIDE 8
| 8
Counting logs with Range Vectors
rate({ cluster=”us-central1” } |~ “error: .*" [5m]) count_over_time({ cluster=”us-central1” } |= “org_id=5842" [1m])
SLIDE 9
| 9
Vector aggregations
sum by(job, instance) ( rate({ cluster=”us-central1” } |= “error" [5m]) ) topk(5, count_over_time({ cluster=”us-central1” } |= “error" [5m]) ) sum, min, max, topk, bottomk, avg , etc..
SLIDE 10
Demo
SLIDE 11
| 11
LogQL Future
- Improve query performance.
- Alert and rules evaluation.
- Extracting metrics.
- Log transformation (JSON, Logfmt, ..).
SLIDE 12
Thank you ! Questions ? https://grafana.slack.com/
SLIDE 13
| 13
Range Vec.. what ?
/api/v1/query_range?query=count_over_time({app=”foo”}[10s]) &start=10 &end=70 &step=20s 10s 10s 10s 10s