Advanced Filtering
Incident Management is now generally available! Incident Management is now generally available!

Advanced Filtering

Overview

Regardless of whether you’re using the Metrics Explorer, monitors, dashboards, or notebooks to query metrics data, you can filter the data to narrow the scope of the timeseries returned. Any metric can be filtered by tag(s) using the from dropdown to the right of the metric.

Filter with tags

You can also perform advanced filtering with Boolean or Wildcard tag value filters.

Boolean filtered queries

The following syntax is supported for Boolean filtered metric queries:

  • !
  • ,
  • NOT, not
  • AND, and
  • OR, or
  • IN, in
  • NOT IN, not in

Boolean filtered query examples

avg:system.cpu.user{env:staging AND (availability-zone:us-east-1a OR availability-zone:us-east-1c)} by {availability-zone}
Example 1
avg:system.cpu.user{env:shop.ist AND availability-zone IN (us-east-1a, us-east-1b, us-east4-b)} by {availability-zone}
Example 2

Wildcard filtered queries

Tag value prefix and suffix wildcard matching is supported:

  • pod_name: web-*
  • cluster:*-trace.

Wildcard filtered query examples

avg:system.disk.in_use{!device:/dev/loop*} by {device}
Example 1
sum:kubernetes.pods.running{service:*-canary} by {service}
Example 2

Further Reading

Additional helpful documentation, links, and articles:

Metrics ExplorerDOCUMENTATION more more Metrics SummaryDOCUMENTATION more more Metrics DistributionsDOCUMENTATION more more