Creating Filters
Last updated on 27 March, 2023Dexda has a common filter component that lets you define a query filter in a consistent way across functionality like charts, rules and action groups. When building queries and aggregations to limit results, you have a set of fields to choose from. Available fields vary depending on the selected data source – events, alerts, or insights, used as input.
The following describes how to create a filter. For more information about the filter concept and available fields and operators, see About Filters.
Creating a Filter
The following example shows how to add a filter when creating an “Uncorrelated Alerts” counts ticker type of chart to a dashboard. The input source here is the ID of the alert, and the aggregation key is of type COUNT. The chart should display the current number of uncorrelated alerts related to a payment service.

- Under Filter, select Add expression.
- Select the field to filter on, in this example “Escalation”. Start typing to get suggestions from the list of available fields.
- Select the desired operator, in this example “Not equals”. Note: IN, CONTAINS and their counter parts are list operators and can take multiple values. Use ?? to add additional values to the list.
- Enter the desired value, in this example “closed”.
- Select Add.
- Select the fork icon to create an AND node, and select the filter icon. You can also create an OR node by selecting the “Or” toggle.
- Select the “Description” field.
- Select the CONTAINS operator.
- Enter a value, in this example “paymentservice”.
- Select Add.
Note: When configuring a new filter for a chart, a default condition that limits the event time window to 24 hours is always added. This is to protect against excessive query times caused by unlimited queries.