I am new to Grafana and really struggle with it.
I have 2 query A and B (B is hour()), and I set up an alert condition: if query(A, 1m, now) > 0 and query(B, 1m, now) is within 0 and 2 (means it only alerts between 0AM - 2AM UTC).
It works and only alert at the time I choose, but when alert, it fires both result of query A and query B. I do not want query B to appear in the alerting. (since it is just a condition for timing).
How do I hide the matches of query B? Or if not, is there any alternative to timing without writing a new query hour()?
Related
My question : is it possible to have a trigger on that item that will be activated if there's a difference of xx% between the two last queries ?
Example :
Query at 01:00 -> 2000 users connected
Query at 01:10 -> 2100 users, difference is positive, we don't care
Query at 01:20 -> 2050 users, -50 users, around 2-3%, no big deal
Query at 01:30 -> 800 users, around 60% less connections, there's something wrong here
Is it possible to have a trigger that activates when the difference is, let's say, 20% negative ?
You can use the abschange function:
The amount of absolute difference between last and previous values
to alert for both positive and negative changes.
Or you can use the last function to get the latest values you need:
For example:
last() is always equal to last(#1)
last(#3) - third most recent value (not three latest values)
In both cases you need to compute the % value in your trigger with the usual proportion:
older_value:100 = newer_value:x
I have a non-occurring event pattern to detect if a certain condition happens, then alert me if that condition doesn't change within a time limit. The below query could be described as "If value 1 appears for a user, alert me if there is not a new value for that user within 5 seconds":
define stream inStream(name string, value int);
partition with (name of inStream)
begin
from every in=inStream[ value == 1 ]
-> not inStream[ not(value == 1) ] for 5 sec
select in.name, in.value
insert into outStream;
end;
This query works exactly as expected: if I don't receive a value different than 1 within 5 seconds then the query is triggered. The issue arises when there are duplicate events with the value of 1.
If I send the event {name: "bob", value: 1} every second for 10 seconds, I would like to see the query triggered twice, once at 5 seconds, and once at 10 seconds. Right now however I see the query being triggered every second starting at 5 seconds in. Essentially the query (working as it should) is starting the 5 second timer for every event with value 1 it sees. However I would like it to not start that timer (or not output at least) if there is already a timer running.
I attempted to solve this with the following query (simply adding an 'output' line):
define stream inStream(name string, value int);
partition with (name of inStream)
begin
from every in=inStream[ value == 1 ]
-> not inStream[ not(value == 1) ] for 5 sec
select in.name, in.value
output first every 5 sec
insert into outStream;
end;
I also tried output last and output all.
The queries above did not work as expected: in the case of all and last no events at all were output, in the case of first only a single event was output, not the subsequent ones after the first 5 second block passed.
Is there any way to achieve what I would like? I have a hunch that using time windows or output is the way to solve it, but so far have not been able to get it to work.
The second query in the original question ends up working as expected. I was previously on Siddhi 4.1.4. After upgrading to Siddhi 5.0.0 the query works as I wanted it to.
I am trying to write a Siddhi query to detect if an event didn't happen prior to another within a time limit. The query I have to detect if 'X' didn't ever happen prior to 'Y' in the entire life of the siddhi application is:
from stream[value == 'Y']
and not stream[value == 'X']
I assumed adding a time constraint would work:
from stream[value == 'Y']
and not stream[value == 'X'] for 5 min
However, the 'for' statement never has any effect that I can see. This query is still triggered whether 'X' was 4 minutes ago or 6 minutes ago. I understand that a similar effect can be achieved by checking if 'Y' comes after 'X' within a time limit, but for my purposes I need to know the other way around.
Is this possible with Siddhi? If so can someone please provide a sample query that could achieve this?
Based on your comment I am composing below answer.
Sequence construct in Siddhi will guarantee that no one can enter the state flow at a random point. As an example let's take below sample sequence query.
from every e1=InputStream[state='X'], e2=InputStream[state'Y']
select e1.state as initialState, e2.state as finalState
insert into NextStream;
So in here we are mandating X followed by a consecutive Y. If Y occurs before X sequence construct will handle that and discard Y. So whatever goes into NextStream is guaranteed to satisfy x -> Y state transition.
More relaxed construct of sequence is pattern. It is same as sequence while relaxing the consecutive arrival requirement. Hope this helps!!
I am trying to use the SingleStat Plugin of Grafana to add an online/offline indicator to one of my dashboards.
So what I have so far is this with an influxdb datasource:
What I am missing is the option to define a timerange for this query. Lets say I want the count() of the last 30min. If the count is 0 I know that the server is offline. If the count is > 0 he is online. (For example my server adds a new entry every 20min. So if I donĀ“t have an entry in the last 30min I know he must be offline)
So is it possible to get define a query with a timerange? When yes how ?
UPDATE
This is what I have so far now. But I get an error now which says a.form is undefined. Alos if I have a entry in the last 35min it doesnst switch to online.
The singlestat panel uses, by default, the timerange of the dashboard it is placed on.
For your case, make use of the 'override relative time' on the Time range tab and set it to "30m".
When using the count as you described, turn coloring on and set the threshold to 1. This will change the coloring when no entry is present (count is 0) in the last 30 minutes.
I want to set the default range on a date filter to show me the last 10 days - so basically looking at the lastDate (max date) in the data and default filtering only on the last 10 days (maxDate - 10)
How it looks now:
I still would want to the see the entire range bar on the dashboard and give the user the ability to modify the selected range if he wants to. The maxDate changes after every data refresh so it has to be some sort of a condition that is applied to the filter.
How I want it to look (by default after every refresh of data - new dates coming in):
Any suggestions on how this can be done? I know I can use the relative date and show the data for last 10 days but that would modify the filter and create a drop down which I don't want.
Any suggestions are welcome!
One simple approach that does most of what you want is the following:
Create an integer valued parameter with a range from 1 to some max
you choose, say 100. Call it say num_days.
Show the parameter control on your dashboard as a slider, and give
it a nice title like "Number of days to display"
Create a boolean calculated field called Within_Day_Range defined as:
datediff('minute', [My_Date_Field], now()) < [num_days] * 24 * 60
Put Within_Day_Range on the filter shelf and select the value true.
This lets the user easily select how many days in the past to include, and works to the granularity of minutes (i.e. the last two days really means the last 48 hours, not starting at midnight yesterday). Adjust the calculated field if you want different behavior.
The main drawback of this approach as described so far is that it doesn't display the earliest date possible in the database because that is filtered out. Quick filters do an initial query to get the bounds, which has a performance cost -- so using the approach described here can avoid that query and thus load faster.
If you really need that information on your dashboard, you could create a different worksheet to get just the min([My_Date_Field]) and display that near your parameter control.