Building Queries


+ Transcript:

Pierre Tessier [Sales Engineer|Honeycomb]:

Hi, I’m Pierre Tessier. In this video, we’re going to talk about building queries in Honeycomb. When you start building a query, you’re going to get a screen that looks like this. These five boxes across the top; visualize, aware, group by, order by, and limit. Let’s go through each one, starting off with visualize when you click inside, you’re going to be presented with various options to aggregate the data; count, sum, and whenever you see three dots, you’re going to be prompted for an additional piece of info, such as x-field. You have other things like your percentiles, all the way through P999, and even a Honeycomb special Heatmap visualization. These other options down here are the field names themselves. Selecting on these you’re going to be asked which aggregation to select. Let’s go and just do a simple count over everything.

Let me do this and run it. Let me get a count for all of the events sent into our platform. Now, when you want to start interacting with the data, you might have questions about which fields are available to you. Inside of the query, over on the right-hand side, you can go ahead and click on this little I-info panel here to open the dataset details, and you get presented with a list of every single field available to you, their data type and any descriptions as well. I can see here I’ve got a field called app.platform. I know that field gets things like iOS, Android, stuff like that. Let’s go ahead and filter on that because we care about the iOS platform right now. As I start typing, it’s going to give me a list of items available. Go ahead and describe platform equals here and go ahead and type iOS.

When we hit run, it’s going to go and filter the data just for platform iOS. Continuing on this journey, we’re going to go ahead and group this by name. Name is the name of the endpoint when users are hitting our services. Now our chart starts getting a lot more interesting. Hovering over any line will give you the exact data point for every single series inside of that time slice, as well as the average events per second. If you’re doing a sum or an average, you’re going to see different aggregations here accordingly. Also, below we’ll have a table of all the available series that appeared inside of our chart, and you could hover over this table to highlight which line it is. The number here at the end represents all the data points inside the chart over the course of the entire time window.

The next item is order by, and this automatically got count descending because we did a group right here on name. I could change this and say, maybe we want to look at this by name ascending instead and we’ll take the count off. When it’s run, now, all my data is now ordered inside of the table by the endpoint itself. Put this back to account descending, because the next item here is a limit. Let’s go ahead and limit our data to just three rows instead, and when you do that we’ll see we get just three series returned inside of our chart. Let me return back to all the data from that. Now to visualize information Honeycomb presents you with four different tabs; Results, BubbleUp, Traces, and we’ll cover BubbleUp and Traces in two separate other videos, and the last one here is Raw Data.

Clicking on Raw Data will return all the actual raw data inside of the query itself with a handy little way to filter only the fields that we might be interested in as we’re looking at that information. I’m going to go ahead and pick a couple more right here as well. You can go ahead and scroll through all this data, as you’ve seen through it, and right here you’ll notice that we’re also, when we scroll and we hover over, we get this little tiny three-item or three-dot item selector right here. Go ahead and pick on that. We’re presented with options of what to do more. This is available anywhere inside of Honeycomb when you’re looking at data related to a query. My options here are to filter on this field or to group against it. I’m going to go ahead and select group, and when it does that, I can return to my results tab and my charts a lot busier, because we’re grouping on the availability zone as well.

Let’s go back to raw data. Maybe this time I want to do more than one item at once. You could put the query into what we call query edit mode, just click on any of the fields. Now you’re going to edit. You can do multiple actions against your query before running it again. Maybe here, I want to group against status code. Let’s go ahead and select that. We’re really interested in inside of the ticket’s endpoint. Let’s select that and make this one here our filter. Now for you keyboard warriors, shift enter will go ahead and run the query, so you don’t have to reach over and hit that run query button. When we go back to the results tab, we’re now filtered on just those items we selected. Also, down here, when I hover over any of the items, you’ll see that familiar three-dot item. In this case, we get a couple more items like copy, will only show the events inside of this entire group line.

Over the top of our chart, we have a time picker. I can go ahead and select this and I’ll say, “Hey, let’s go look at the last eight hours instead,” do that. We’re now eight hours back. Next to the time picker is also a time shifter. We could hit this to shift backward in time for whatever our time slice is. The time picker itself has got all your kind of popular time slices you might want and care about, including a custom option. When you go to the custom option, you could type in free form here. Anything you want. Maybe you want to look at the last 19 minutes of data, go ahead and type that in, hit enter, and you’ll get the last 19 minutes of data. That’s building queries inside of Honeycomb. Make sure you watch the other videos we have, where we go into the visualizations and their options in detail as well as BubbleUp and Traces.

If you see any typos in this text or have any questions, reach out to