Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

InfluxDB Group By Field (Not Tag) and Get Top 10

Tags:

influxdb

i am very new to influxdb.

I have a dataset like this; (Every row/point is a connection)

time                           dest_ip         source_ip    
----                           -------         ---------  
2018-08-10T11:42:38.848793088Z 211.158.223.252 10.10.10.227 
2018-08-10T11:42:38.87115392Z  211.158.223.252 10.10.10.59 
2018-08-10T11:42:38.875289088Z 244.181.55.139  10.10.10.59 
2018-08-10T11:42:38.880222208Z 138.63.15.221   10.10.10.59  
2018-08-10T11:42:38.886027008Z 229.108.28.201  10.10.10.227   
2018-08-10T11:42:38.892329728Z 229.108.28.201  10.10.10.181 
2018-08-10T11:42:38.896943104Z 229.108.28.201  10.10.10.59 
2018-08-10T11:42:38.904005376Z 22.202.67.174   10.10.10.227
2018-08-10T11:42:38.908818688Z 138.63.15.221   10.10.10.181  
2018-08-10T11:42:38.913192192Z 138.63.15.221   10.10.10.181

dest_ip and source_ip are field, not tag.

  1. Is it possible to group by dest_ip all connection records somehow and get top 10 records with counts?

  2. Is it possible to group by dest_ip and source_ip together and get top 10 records with counts too?

  3. Or any other solution to get top 10 source_ip to dest_ip relations according to connection counts?

like image 909
Mete Gergen Avatar asked Aug 10 '18 20:08

Mete Gergen

People also ask

What is difference between tag and field in InfluxDB?

InfluxDB lets you specify fields and tags, both being key/value pairs where the difference is that tags are automatically indexed. Because fields are not being indexed at all, on every query where InfluxDB is asked to find a specified field, it needs to sequentially scan every value of the field column.

What is the difference between flux and InfluxQL?

InfluxQL lets you group by tags or by time intervals, but nothing else. Flux lets you group by any column in the dataset, including _value . Use the Flux group() function to define which columns to group data by.

How do I retrieve data from InfluxDB?

To perform a query send a GET request to the /query endpoint, set the URL parameter db as the target database, and set the URL parameter q as your query. You may also use a POST request by sending the same parameters either as URL parameters or as part of the body with application/x-www-form-urlencoded .

What is group key in flux?

Group keys Every table has a group key – a list of columns for which every row in the table has the same value.

1 Answers

Currently InfluxDB only supports tags and time interval in GROUP BY clause; as you can see the syntax of group by clause (for more information refer to InfluxDB documention):

SELECT <function>(<field_key>) FROM_clause WHERE <time_range> GROUP BY time(<time_interval>),[tag_key]

But if you insert dest_ip and source_ip as tags instead of fields, you achieve all your mentioned desires with InfluxQL query language.

like image 94
m.ghoreshi Avatar answered Nov 15 '22 11:11

m.ghoreshi
Sign in to Comment

Related questions

How many points in an InfluxDB measurement?
Multiple WHERE in InfluxDB don't return result
How to filter grafana dashboard with greater than and less than operators?
Install InfluxDB without root access
Grafana / Influxdb: Sum of value recorded by different clients
SUM(LAST()) on GROUP BY
Streaming InfluxDB data
Failed to connect to http://localhost:8086, Please check your connection settings and ensure 'influxd' is running
InfluxQL : Influx DB conversion of a field from String to integer
Configuring timezones in InfluxDB

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!