I have some log lines in Loki,
[10-Oct-2023 08:22:19 UTC] [1270628]: INFO SEND: Sending 235 emails…
[10-Oct-2023 08:23:19 UTC] [1270628]: INFO SEND: Sending 220 emails…
[10-Oct-2023 08:24:19 UTC] [1270628]: INFO SEND: Sending 442 emails…
and I’m trying to create a simple line chart. My progress is:
{filename="/var/log/php/error_cli.log"} |~ INFO SEND: Sending \d+ |
pattern <_> <_> INFO: GMAIL_SEND: Sending <cnt> <_>
and I’m stuck here. I don’t know how do display those fixed cnt (did I even obtain this correctly?) values on the chart, without any aggregation. Just a fluctuating line over time, showing at each point values like 235, 220, 442
Some help would be greatly appreciated
You cannot extract value to be directly plotted at graph: since generally there is no guarantee in time between log records with those value, Grafana expects you to aggregate your values. If your logs are incoming with guaranteed one minute interval, and you'll select time range for you dashboard appropriately, you'll see you initial values even after aggregation.
To aggregate over one of the labels in Loki, you need to use
unwrapcommand, for aggregation functionsum_over_timeto treat said label as value.More on unwrapping labels here.
Here is demo of similar query