...
Count of All Fingerprints
...
Track System Behavior Changes: The count of different fingerprints over time helps track the diversity of behaviors or events in your system. If the number of distinct fingerprints increases, this could mean that new behaviors or error types are emerging. For example, if a feature is added or updated, it might introduce new types of log patterns, and tracking these patterns over time helps you understand how the system is evolving.
...
Identify Unexpected Usage Patterns: By tracking how the variety of user-related fingerprints changes over time, you can also spot unexpected usage patterns. For example, if a certain feature starts generating a wide variety of logs (e.g., new queries or interactions), it might mean that users are adopting the feature in ways you didn’t anticipate, and it could require further optimization or user support.
Spot New Problems Early: A sudden increase in the count of different kinds of fingerprints might indicate that new issues are emerging in your system. For example, if new error patterns appear or previously rare issues start becoming more frequent, tracking the diversity of fingerprints over time can help you detect these problems early, allowing you to mitigate them before they escalate.
Count of All Logs Grouped by Level
Use Cases:
Spot Spikes in Errors or Warnings: If the count of ERROR or WARN logs increases suddenly, it’s a signal that something might have gone wrong. Whether it’s a bug in the system, an overload of requests, or a failing component, monitoring the log counts over time by severity level helps you quickly detect issues as they arise. This allows you to react proactively, possibly preventing system outages or service degradation.
Monitor System Usage Trends: INFO logs often provide general operational details, such as how many users are accessing the system, how many transactions are happening, or how many requests are being made. By grouping logs by level over time, you can track normal system behavior, identifying whether the system is performing as expected or if usage has significantly increased.
Count of All Fingerprints Grouped by Source
...
Use Cases:
Source-Level Diagnosis: Grouping fingerprints by source allows you to understand which parts of your system are generating specific log patterns. For example, if a certain error fingerprint is seen predominantly from a specific service (such as an authentication service), this could indicate that service is the source of the issue. Without grouping by source, you may miss the root cause.
Resource Allocation and Scaling: If one particular source (like an API gateway or database) is generating a disproportionate number of fingerprints, it may indicate a bottleneck or resource contention issue. Understanding this allows for more targeted scaling or resource allocation to that part of the system to ensure overall system health.
Faster Troubleshooting: When logs are grouped by source, it becomes much easier to identify which part of the system is responsible for certain issues. If you know that certain fingerprints correspond to recurring problems (e.g., database errors, network issues, etc.), tracking those patterns by source helps you focus on the right area quickly.
Count of all fingerprints group by source
Count of All Fingerprints Grouped by Source
Count of all logs group by level
Count of all fingerprints
Count of all fingerprints group by source
avg of Duration facet
avg of duration facet by source
error rate formula example
advanced functions
anomaly
outlier
forecast
arithmetic operator(log) to scale down y axis values
trig (skip for now)