Advanced Filtering

Advanced Filtering

Overview

Regardless of whether you’re using the Metrics Explorer, monitors, dashboards, or notebooks to query metrics data, you can filter the data to narrow the scope of the timeseries returned. Any metric can be filtered by tag(s) using the from dropdown to the right of the metric.

Filter with tags

You can also perform advanced filtering with Boolean or Wildcard tag value filters.

Boolean filtered queries

The following syntax is supported for Boolean filtered metric queries:

  • !
  • ,
  • NOT, not
  • AND, and
  • OR, or
  • IN, in
  • NOT IN, not in

Note: Symbolic boolean syntax (!, ,) cannot be used with functional syntax operators (NOT, AND, OR, IN, NOT IN). The following query is considered invalid: avg:mymetric{env:prod AND resource_name NOT IN (!resource_name:A, !resource_name:B)}

Boolean filtered query examples

avg:system.cpu.user{env:staging AND (availability-zone:us-east-1a OR availability-zone:us-east-1c)} by {availability-zone}
Example 1
avg:system.cpu.user{env:shop.ist AND availability-zone IN (us-east-1a, us-east-1b, us-east4-b)} by {availability-zone}
Example 2
avg:system.cpu.user{env:prod AND location NOT IN (atlanta,seattle,las-vegas)}
Example 3

Wildcard filtered queries

Tag value prefix and suffix wildcard matching is supported:

  • pod_name: web-*
  • cluster:*-trace

Note: Prefix and suffix wildcard matching in the same filter is not supported.

Wildcard filtered query examples

avg:system.disk.in_use{!device:/dev/loop*} by {device}
Example 1
sum:kubernetes.pods.running{service:*-canary} by {service}
Example 2

Further Reading

Additional helpful documentation, links, and articles:

Metrics ExplorerDOCUMENTATION more more Metrics SummaryDOCUMENTATION more more Metrics DistributionsDOCUMENTATION more more