Distribution Widget

The Distribution visualization shows data aggregated across one or several tags, such as hosts. Unlike the heatmap, a distribution graph’s x-axis is quantity rather than time.

This visualization displays only a single query; additional queries are disregarded.

Note: Outlier detection cannot be performed for this visualization.

Distribution graph for JVM heap average by host

Setup

Configuration

  1. Choose the data to graph.The Distribution visualization supports metrics, live processes, APM request latency, log events, and RUM events. Note: This visualization type is useful only when data is aggregated across tag keys, such as for each host.
  2. Make a selection in the “avg/max/min/sum by/” control to see your data across the associated tags.
  3. Customize your graph with the available options.

Options

Percentile markers

With APM request distributions, you can add percentile markers on the x-axis.

Marker control preferences

X-axis and Y-axis controls

Axis controls are available through the UI and the JSON editor.

They allow you to:

  • Clip the x and y-axes to specific ranges.
  • Automatically change x-axis bounds based on a percentile or an absolute value threshold. This threshold can be applied to one or both ends of the graph (lower and upper) to remove “outlier” bins.
  • Change the y-axis scale from linear to log.
Distribution axis control preferences

Full screen

In addition to the standard full screen options, you can use x-axis controls to zoom in to a specific percentile.

API

This widget can be used with the Dashboards API. See the following table for the widget JSON schema definition:

Expand All

Field

Type

Description

custom_links

[object]

A list of custom links.

is_hidden

boolean

The flag for toggling context menu link visibility.

label

string

The label for the custom link URL. Keep the label short and descriptive. Use metrics and tags as variables.

link

string

The URL of the custom link. URL must include http or https. A relative URL must start with /.

override_label

string

The label ID that refers to a context menu link. Can be logs, hosts, traces, profiles, processes, containers, or rum.

legend_size

string

DEPRECATED: (Deprecated) The widget legend was replaced by a tooltip and sidebar.

markers

[object]

List of markers.

display_type

string

Combination of:

  • A severity error, warning, ok, or info
  • A line type: dashed, solid, or bold In this case of a Distribution widget, this can be set to be x_axis_percentile.

label

string

Label to display over the marker.

time

string

Timestamp for the widget.

value [required]

string

Value to apply. Can be a single value y = 15 or a range of values 0 < y < 10.

requests [required]

[object]

Array of one request object to display in the widget.

See the dedicated Request JSON schema documentation to learn how to build the REQUEST_SCHEMA.

apm_query

object

The log query.

compute

object

Define computation for a log query.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

group_by

[object]

List of tag prefixes to group by in the case of a cluster check.

facet [required]

string

Facet name.

limit

int64

Maximum number of items in the group.

sort

object

Define a sorting method.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

order [required]

enum

Widget sorting methods. Allowed enum values: asc,desc

index

string

A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes

multi_compute

[object]

This field is mutually exclusive with compute.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

search

object

The query being made on the logs.

query [required]

string

Search value to apply.

apm_stats_query

object

The APM stats query for table and distributions widgets.

columns

[object]

Column properties used by the front end for display.

alias

string

A user-assigned alias for the column.

cell_display_mode

enum

Define a display mode for the table cell. Allowed enum values: number,bar

name [required]

string

Column name.

order

enum

Widget sorting methods. Allowed enum values: asc,desc

env [required]

string

Environment name.

name [required]

string

Operation name associated with service.

primary_tag [required]

string

The organization's host group name and value.

resource

string

Resource name.

row_type [required]

enum

The level of detail for the request. Allowed enum values: service,resource,span

service [required]

string

Service name.

event_query

object

The log query.

compute

object

Define computation for a log query.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

group_by

[object]

List of tag prefixes to group by in the case of a cluster check.

facet [required]

string

Facet name.

limit

int64

Maximum number of items in the group.

sort

object

Define a sorting method.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

order [required]

enum

Widget sorting methods. Allowed enum values: asc,desc

index

string

A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes

multi_compute

[object]

This field is mutually exclusive with compute.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

search

object

The query being made on the logs.

query [required]

string

Search value to apply.

log_query

object

The log query.

compute

object

Define computation for a log query.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

group_by

[object]

List of tag prefixes to group by in the case of a cluster check.

facet [required]

string

Facet name.

limit

int64

Maximum number of items in the group.

sort

object

Define a sorting method.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

order [required]

enum

Widget sorting methods. Allowed enum values: asc,desc

index

string

A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes

multi_compute

[object]

This field is mutually exclusive with compute.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

search

object

The query being made on the logs.

query [required]

string

Search value to apply.

network_query

object

The log query.

compute

object

Define computation for a log query.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

group_by

[object]

List of tag prefixes to group by in the case of a cluster check.

facet [required]

string

Facet name.

limit

int64

Maximum number of items in the group.

sort

object

Define a sorting method.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

order [required]

enum

Widget sorting methods. Allowed enum values: asc,desc

index

string

A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes

multi_compute

[object]

This field is mutually exclusive with compute.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

search

object

The query being made on the logs.

query [required]

string

Search value to apply.

process_query

object

The process query to use in the widget.

filter_by

[string]

List of processes.

limit

int64

Max number of items in the filter list.

metric [required]

string

Your chosen metric.

search_by

string

Your chosen search term.

profile_metrics_query

object

The log query.

compute

object

Define computation for a log query.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

group_by

[object]

List of tag prefixes to group by in the case of a cluster check.

facet [required]

string

Facet name.

limit

int64

Maximum number of items in the group.

sort

object

Define a sorting method.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

order [required]

enum

Widget sorting methods. Allowed enum values: asc,desc

index

string

A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes

multi_compute

[object]

This field is mutually exclusive with compute.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

search

object

The query being made on the logs.

query [required]

string

Search value to apply.

q

string

Widget query.

query

 <oneOf>

Query definition for Distribution Widget Histogram Request

Option 1

object

A formula and functions metrics query.

aggregator

enum

The aggregation methods available for metrics queries. Allowed enum values: avg,min,max,sum,last,area,l2norm,percentile

data_source [required]

enum

Data source for metrics queries. Allowed enum values: metrics

name [required]

string

Name of the query for use in formulas.

query [required]

string

Metrics query definition.

Option 2

object

A formula and functions events query.

compute [required]

object

Compute options.

aggregation [required]

enum

Aggregation methods for event platform queries. Allowed enum values: count,cardinality,median,pc75,pc90,pc95,pc98,pc99,sum,min,max,avg

interval

int64

A time interval in milliseconds.

metric

string

Measurable attribute to compute.

data_source [required]

enum

Data source for event platform-based queries. Allowed enum values: logs,spans,network,rum,security_signals,profiles,audit,events,ci_tests,ci_pipelines

group_by

[object]

Group by options.

facet [required]

string

Event facet.

limit

int64

Number of groups to return.

sort

object

Options for sorting group by results.

aggregation [required]

enum

Aggregation methods for event platform queries. Allowed enum values: count,cardinality,median,pc75,pc90,pc95,pc98,pc99,sum,min,max,avg

metric

string

Metric used for sorting group by results.

order

enum

Direction of sort. Allowed enum values: asc,desc

default: desc

indexes

[string]

An array of index names to query in the stream. Omit or use [] to query all indexes at once.

name [required]

string

Name of the query for use in formulas.

search

object

Search options.

query [required]

string

Events search string.

storage

string

Option for storage location. Feature in Private Beta.

Option 3

object

APM resource stats query using formulas and functions.

data_source [required]

enum

Data source for APM resource stats queries. Allowed enum values: apm_resource_stats

env [required]

string

APM environment.

group_by

[string]

Array of fields to group results by.

name [required]

string

Name of this query to use in formulas.

operation_name

string

Name of operation on service.

primary_tag_name

string

Name of the second primary tag used within APM. Required when primary_tag_value is specified. See https://docs.datadoghq.com/tracing/guide/setting_primary_tags_to_scope/#add-a-second-primary-tag-in-datadog

primary_tag_value

string

Value of the second primary tag by which to filter APM data. primary_tag_name must also be specified.

resource_name

string

APM resource name.

service [required]

string

APM service name.

stat [required]

enum

APM resource stat name. Allowed enum values: errors,error_rate,hits,latency_avg,latency_distribution,latency_max,latency_p50,latency_p75,latency_p90,latency_p95,latency_p99

request_type

enum

Request type for the histogram request. Allowed enum values: histogram

rum_query

object

The log query.

compute

object

Define computation for a log query.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

group_by

[object]

List of tag prefixes to group by in the case of a cluster check.

facet [required]

string

Facet name.

limit

int64

Maximum number of items in the group.

sort

object

Define a sorting method.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

order [required]

enum

Widget sorting methods. Allowed enum values: asc,desc

index

string

A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes

multi_compute

[object]

This field is mutually exclusive with compute.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

search

object

The query being made on the logs.

query [required]

string

Search value to apply.

security_query

object

The log query.

compute

object

Define computation for a log query.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

group_by

[object]

List of tag prefixes to group by in the case of a cluster check.

facet [required]

string

Facet name.

limit

int64

Maximum number of items in the group.

sort

object

Define a sorting method.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

order [required]

enum

Widget sorting methods. Allowed enum values: asc,desc

index

string

A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes

multi_compute

[object]

This field is mutually exclusive with compute.

aggregation [required]

string

The aggregation method.

facet

string

Facet name.

interval

int64

Define a time interval in seconds.

search

object

The query being made on the logs.

query [required]

string

Search value to apply.

style

object

Widget style definition.

palette

string

Color palette to apply to the widget.

show_legend

boolean

DEPRECATED: (Deprecated) The widget legend was replaced by a tooltip and sidebar.

time

object

Time setting for the widget.

live_span

enum

The available timeframes depend on the widget you are using. Allowed enum values: 1m,5m,10m,15m,30m,1h,4h,1d,2d,1w,1mo,3mo,6mo,week_to_date,month_to_date,1y,alert

title

string

Title of the widget.

title_align

enum

How to align the text on the widget. Allowed enum values: center,left,right

title_size

string

Size of the title.

type [required]

enum

Type of the distribution widget. Allowed enum values: distribution

default: distribution

xaxis

object

X Axis controls for the distribution widget.

include_zero

boolean

True includes zero.

max

string

Specifies maximum value to show on the x-axis. It takes a number, percentile (p90 === 90th percentile), or auto for default behavior.

default: auto

min

string

Specifies minimum value to show on the x-axis. It takes a number, percentile (p90 === 90th percentile), or auto for default behavior.

default: auto

scale

string

Specifies the scale type. Possible values are linear.

default: linear

yaxis

object

Y Axis controls for the distribution widget.

include_zero

boolean

True includes zero.

label

string

The label of the axis to display on the graph.

max

string

Specifies the maximum value to show on the y-axis. It takes a number, or auto for default behavior.

default: auto

min

string

Specifies minimum value to show on the y-axis. It takes a number, or auto for default behavior.

default: auto

scale

string

Specifies the scale type. Possible values are linear or log.

default: linear

{
  "custom_links": [
    {
      "is_hidden": false,
      "label": "Search logs for {{host}}",
      "link": "https://app.datadoghq.com/logs?query={{host}}",
      "override_label": "logs"
    }
  ],
  "legend_size": "string",
  "markers": [
    {
      "display_type": "error dashed",
      "label": "Error threshold",
      "time": "string",
      "value": "y = 15"
    }
  ],
  "requests": [
    {
      "apm_query": {
        "compute": {
          "aggregation": "avg",
          "facet": "@duration",
          "interval": 5000
        },
        "group_by": [
          {
            "facet": "resource_name",
            "limit": 50,
            "sort": {
              "aggregation": "avg",
              "facet": "@string_query.interval",
              "order": "desc"
            }
          }
        ],
        "index": "days-3,days-7",
        "multi_compute": [
          {
            "aggregation": "avg",
            "facet": "@duration",
            "interval": 5000
          }
        ],
        "search": {
          "query": ""
        }
      },
      "apm_stats_query": {
        "columns": [
          {
            "alias": "Requests",
            "cell_display_mode": "number",
            "name": "Reqs",
            "order": "desc"
          }
        ],
        "env": "prod",
        "name": "rack.request",
        "primary_tag": "datacenter:*",
        "resource": "CartsController",
        "row_type": "service",
        "service": "web-store"
      },
      "event_query": {
        "compute": {
          "aggregation": "avg",
          "facet": "@duration",
          "interval": 5000
        },
        "group_by": [
          {
            "facet": "resource_name",
            "limit": 50,
            "sort": {
              "aggregation": "avg",
              "facet": "@string_query.interval",
              "order": "desc"
            }
          }
        ],
        "index": "days-3,days-7",
        "multi_compute": [
          {
            "aggregation": "avg",
            "facet": "@duration",
            "interval": 5000
          }
        ],
        "search": {
          "query": ""
        }
      },
      "log_query": {
        "compute": {
          "aggregation": "avg",
          "facet": "@duration",
          "interval": 5000
        },
        "group_by": [
          {
            "facet": "resource_name",
            "limit": 50,
            "sort": {
              "aggregation": "avg",
              "facet": "@string_query.interval",
              "order": "desc"
            }
          }
        ],
        "index": "days-3,days-7",
        "multi_compute": [
          {
            "aggregation": "avg",
            "facet": "@duration",
            "interval": 5000
          }
        ],
        "search": {
          "query": ""
        }
      },
      "network_query": {
        "compute": {
          "aggregation": "avg",
          "facet": "@duration",
          "interval": 5000
        },
        "group_by": [
          {
            "facet": "resource_name",
            "limit": 50,
            "sort": {
              "aggregation": "avg",
              "facet": "@string_query.interval",
              "order": "desc"
            }
          }
        ],
        "index": "days-3,days-7",
        "multi_compute": [
          {
            "aggregation": "avg",
            "facet": "@duration",
            "interval": 5000
          }
        ],
        "search": {
          "query": ""
        }
      },
      "process_query": {
        "filter_by": [],
        "limit": "integer",
        "metric": "system.load.1",
        "search_by": "string"
      },
      "profile_metrics_query": {
        "compute": {
          "aggregation": "avg",
          "facet": "@duration",
          "interval": 5000
        },
        "group_by": [
          {
            "facet": "resource_name",
            "limit": 50,
            "sort": {
              "aggregation": "avg",
              "facet": "@string_query.interval",
              "order": "desc"
            }
          }
        ],
        "index": "days-3,days-7",
        "multi_compute": [
          {
            "aggregation": "avg",
            "facet": "@duration",
            "interval": 5000
          }
        ],
        "search": {
          "query": ""
        }
      },
      "q": "host:X tags:Y",
      "query": {
        "data_source": "metrics",
        "name": "query1",
        "query": "histogram:trace.Load{*}"
      },
      "request_type": "histogram",
      "rum_query": {
        "compute": {
          "aggregation": "avg",
          "facet": "@duration",
          "interval": 5000
        },
        "group_by": [
          {
            "facet": "resource_name",
            "limit": 50,
            "sort": {
              "aggregation": "avg",
              "facet": "@string_query.interval",
              "order": "desc"
            }
          }
        ],
        "index": "days-3,days-7",
        "multi_compute": [
          {
            "aggregation": "avg",
            "facet": "@duration",
            "interval": 5000
          }
        ],
        "search": {
          "query": ""
        }
      },
      "security_query": {
        "compute": {
          "aggregation": "avg",
          "facet": "@duration",
          "interval": 5000
        },
        "group_by": [
          {
            "facet": "resource_name",
            "limit": 50,
            "sort": {
              "aggregation": "avg",
              "facet": "@string_query.interval",
              "order": "desc"
            }
          }
        ],
        "index": "days-3,days-7",
        "multi_compute": [
          {
            "aggregation": "avg",
            "facet": "@duration",
            "interval": 5000
          }
        ],
        "search": {
          "query": ""
        }
      },
      "style": {
        "palette": "string"
      }
    }
  ],
  "show_legend": false,
  "time": {
    "live_span": "5m"
  },
  "title": "string",
  "title_align": "string",
  "title_size": "string",
  "type": "distribution",
  "xaxis": {
    "include_zero": false,
    "max": "string",
    "min": "string",
    "scale": "string"
  },
  "yaxis": {
    "include_zero": false,
    "label": "string",
    "max": "string",
    "min": "string",
    "scale": "string"
  }
}

Further Reading

Additional helpful documentation, links, and articles:

DistributionsDOCUMENTATION more more Building Dashboards using JSONDOCUMENTATION more more Widget JSON schemaDOCUMENTATION more more Request JSON schemaDOCUMENTATION more more QueryingDOCUMENTATION more more