Reputation: 1279
How do I group by count of a field in InfluxDB?
I have some data in InfluxDB that is connected events for certain TCP connections. So the measurement is connection_events with tags being: mac_address of connecting system, and some other metadata. The value is just connected=true|false
What I want to do is something like this:
select count(mac_address), mac_address
from connection_events
where count(mac_address) > X
group by mac_address
In other words, I want to see results like:
28,ABCD
14,EFGH
3,XYZQ
However, InfluxDB doesn't like this kind of query. I can't figure out how to parse through the dataset of connection events and aggregate them by mac address.
Upvotes: 5
Views: 13149
Answers (1)
Reputation: 1836
Functions in InfluxQL are not valid outside the SELECT clause, and there are as yet no subqueries or a HAVING clause.
However, you can accomplish what you need by using Continuous Queries
Use a CQ to calculate the count(mac_address) and store that in a new measurement foo. CREATE CQ... SELECT COUNT(mac_address) AS count INTO foo FROM connection_events GROUP BY time(5m), * Then for your graph you can query select count from foo where count > X group by mac_address.
Upvotes: 7
Related Questions
- InfluxDB Count with Group By field
- InfluxDB 1.8 schema design for industrial application?
- Measure failed SMTP logins with Telegraf and InfluxDB
- Downscaling data while keeping host tag separate
- Merging time series in influxdb 0.9.x
- influxdb query for grafana with grouped data
- a data structure to query number of events in different time interval