Creating Filters

Last updated on 27 March, 2023

Dexda has a common filter component that lets you define a query filter in a consistent way across functionality like charts, rules and action groups. When building queries and aggregations to limit results, you have a set of fields to choose from. Available fields vary depending on the selected data source – events, alerts, or insights, used as input.

The following describes how to create a filter. For more information about the filter concept and available fields and operators, see About Filters.

Creating a Filter

The following example shows how to add a filter when creating an “Uncorrelated Alerts” counts ticker type of chart to a dashboard. The input source here is the ID of the alert, and the aggregation key is of type COUNT. The chart should display the current number of uncorrelated alerts related to a payment service.

  1. Under Filter, select Add expression.
  2. Select the field to filter on, in this example “Escalation”. Start typing to get suggestions from the list of available fields.
  3. Select the desired operator, in this example “Not equals”. Note: IN, CONTAINS and their counter parts are list operators and can take multiple values. Use ?? to add additional values to the list.
  4. Enter the desired value, in this example “closed”.
  5. Select Add.
  6. Select the fork icon to create an AND node, and select the filter icon. You can also create an OR node by selecting the “Or” toggle.
  7. Select the “Description” field.
  8. Select the CONTAINS operator.
  9. Enter a value, in this example “paymentservice”.
  10. Select Add.

Note: When configuring a new filter for a chart, a default condition that limits the event time window to 24 hours is always added. This is to protect against excessive query times caused by unlimited queries.

In This Article