datadog aggregate-logs

aggregate events into buckets and compute metrics and timeseries

Description

aggregate events into buckets and compute metrics and timeseries

Synopsis

datadog aggregate-logs
    [--site <site>]
    --aggregation <aggregation>
    [--interval <interval>]
    [--metric <metric>]
    [--type <type>]
    [--query <query>]
    [--index <index>]
    [--from <from>]
    [--to <to>]
    [--storage_tier <storage_tier>]
    [--cursor <cursor>]

Arguments

`site` - (string)

     Site where this command will be executed
     Example: --site "site-1"
     Default: input.site      Attributes: optional

`aggregation` - (string)

     An aggregation function
     Example: --aggregation "count"
     Default: _None_      Attributes: required

Validation:
allowed values: count, cardinality, pc75, pc90, pc95, pc98, pc99, sum, min, max, avg, median

`interval` - (string)

     The time buckets' size (only used for type=timeseries) Defaults to a resolution of 150 points
     Example: --interval "interval-1"
     Default: _None_      Attributes: optional

`metric` - (string)

     The metric to use
     Example: --metric "metric-1"
     Default: _None_      Attributes: optional

`type` - (string)

     The type of compute
     Example: --type "total"
     Default: _None_      Attributes: optional

Validation:
allowed values: timeseries, total

`query` - (string)

     Search query following logs syntax.
     Example: --query "query-1"
     Default: _None_      Attributes: optional

`index` - (string)

     For customers with multiple indexes, the indexes to search Defaults to '*' which means all indexes
     Example: --index "index-1"
     Default: _None_      Attributes: optional

`from` - (time)

     Minimum timestamp for requested logs
     Example: --from "15 min ago"
     Default: 15 min ago      Attributes: optional

`to` - (time)

     Maximum timestamp for requested logs
     Example: --to "2019-10-12T07:20:50.52Z"
     Default: _None_      Attributes: optional

`storage_tier` - (string)

     Specifies the storage type to be used
     Example: --storage_tier "indexes"
     Default: _None_      Attributes: optional

Validation:
allowed values: indexes, online-archives

`cursor` - (string)

     List following results with a cursor provided in the previous query
     Example: --cursor "cursor-1"
     Default: _None_      Attributes: optional

Examples

Input:

!datadog aggregate-logs --aggregation "avg" --index "main" --query "*"

Output:

BUCKET-BY     BUCKET-COMPUTES
bucketBy1     bucketCompute1
bucketBy2     bucketCompute2

Access Control

To use this command, you need access to the following:

Field	Value
Action	"read"
Service Type	"datadog"
Service Instance
Namespace
Object Type	"log"
Object ID

Please see Access Control for details.

datadog aggregate-logs

Description

Synopsis

Arguments

site - (string)

aggregation - (string)

interval - (string)

metric - (string)

type - (string)

query - (string)

index - (string)

from - (time)

to - (time)

storage_tier - (string)

cursor - (string)