Generate Metrics from Ingested Logs

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Overview

Datadog’s Logging without Limits* lets you dynamically decide what to include or exclude from your indexes. Log-based metrics are a cost-efficient way to summarize log data from the entire ingest stream. This means that even if you use exclusion filters to limit indexes to operationally critical logs, you can still visualize trends and anomalies over all of your log data at full granularity for 15 months.

With log-based metrics, you can record a count of logs that match a query or summarize a numeric value contained in a log, such as request duration.

Generate a log-based metric

To generate a new log-based metric, go to the Configuration page of your Datadog account and select the Generate Metrics tab, then the New Metric+ button.

Add a new log-based metric

Input a query to filter the log stream: The query syntax is the same as for the Log Explorer Search. Only logs ingested with a timestamp within the past 20 minutes are considered for aggregation.
Select the field you would like to track: Select * to generate a count of all logs matching your query or enter a log attribute (e.g., @network.bytes_written) to aggregate a numeric value and create its corresponding count, min, max, sum, and avg aggregated metrics. If the log attribute facet is a measure, the value of the metric is the value of the log attribute.
Add dimensions to group by: By default, metrics generated from logs will not have any tags unless explicitly added. Any attribute or tag dimension that exists in your logs can be used to create metric Tags. Log-based metrics are considered custom metrics. Avoid grouping by unbounded or extremely high cardinality attributes like timestamps, user IDs, request IDs, or session IDs to avert impacting your billing.
Name your metric: Log-based metric names must follow the naming metric convention.

Note: Data points for Log-based metrics are generated at ten second intervals.

Update a log-based metric

After a metric is created, only these fields can be updated:

Stream filter query: to change the set of matching logs to be aggregated into metrics.
Aggregation groups: to update the tags or manage the cardinality of the generated metrics.

To change the metric type or name, a new metric must be created.

Recommended usage metrics

Usage metrics are estimates of your current Datadog usage in near real-time. They enable you to:

Graph your estimated usage.
Create monitors around your estimated usage.
Get instant alerts of spikes or drops in your usage.
Assess the potential impact of code changes on your usage in near real-time.

Log Management usage metrics come with three tags that can be used for more granular monitoring:

Tag	Description
`datadog_index`	Indicates the routing query that matches a log to an intended index.
`datadog_is_excluded`	Indicates whether or not a log matches an exclusion query.
`service`	The service attribute of the log event.

An extra status tag is available on the datadog.estimated_usage.logs.ingested_events metric to reflect the log status (info, warning, etc.).