When using the Metrics Explorer, monitors, or dashboards to query metrics data, you can filter the data to narrow the scope of the timeseries returned. Any metric can be filtered by tag(s) using the from field to the right of the metric.
You can also perform advanced filtering with Boolean or Wildcard tag value filters. For queries outside of metrics data such as logs, traces, Network Monitoring, Real User Monitoring, Synthetics, or Security, see the Log Search Syntax documentation for configuration.
The following syntax is supported for Boolean filtered metric queries:
!,NOT, notAND, andOR, orIN, inNOT IN, not inWhen including or excluding multiple tags:
AND logicOR logicFor more information on tags, see the Getting Started With Using Tags guide.
Note: Symbolic boolean syntax (!, ,) cannot be used with functional syntax operators (NOT, AND, OR, IN, NOT IN). The following query is considered invalid:
avg:mymetric{env:prod AND !region:us-east}
To use the examples below, click the code icon </> to see the query editor in the UI, and then copy and paste the query example into the query editor.
avg:system.cpu.user{env:staging AND (availability-zone:us-east-1a OR availability-zone:us-east-1c)} by {availability-zone}
avg:system.cpu.user{env:shop.ist AND availability-zone IN (us-east-1a, us-east-1b, us-east4-b)} by {availability-zone}
avg:system.cpu.user{env:prod AND location NOT IN (atlanta,seattle,las-vegas)}
Tag value prefix and suffix wildcard matching is supported:
pod_name: web-*cluster:*-traceNote: Prefix and suffix wildcard matching in the same filter is not supported.
avg:system.disk.in_use{!device:/dev/loop*} by {device}
sum:kubernetes.pods.running{service:*-canary} by {service}
Add an exclusion function to your query to:
Functions do not delete datapoints from Datadog, but they do remove datapoints from your visualizations.
Additional helpful documentation, links, and articles:
