Data count order by

steffenalex · November 2, 2020, 10:31pm

Hello.
I am new to this.

I have a pretty simple issue but cant solve it. I am getting data from my firewall directly into InfluxDB.

Data structure:
timestamp, country, country_short, city, destIP, sourceIP, destPort, sourcePort, and more

Now I am looking for the count of rows by country during the given dashboard time frame. I would like to know how many connection I had during the given timeframe per country.
Later I would like to use this in a pie chart.

result should look like:

country, count
US 100
CN 10
UK 50

and so on. Without any timestamps.

I tried a lot but I cant get this to work.

Example:
data = from(bucket:“mybucket”)
|> range(start: -30m)
data
|> group(columns: [“country”], mode: “by”)
|> count()

but the result is just:
_start Value
2020-11-02 17:23:57 123456

Any suggestions?
Thanks a lot in advance.

Anaisdg · November 4, 2020, 8:35pm

Hello @steffenalex,
Welcome!
Hmm I’m not sure. Is there anyway you can export some of your data, so that I can try it? Alternatively, can you please take screens shots of the raw data view for your data before and after your flux transformation please?

steffenalex · November 5, 2020, 1:25am

Hello.

Thanks for your answer.
Here are the screenshots.

Screenshot 1 is the raw data which I believe is important for my problem
Screenshot 2 is the flux transformation I used
Screenshot 3 is the table of the result of the code used in 2.
Screenshot 4 is the code in my original post, just the count of entries.

Please note, that the 23 in each row is false and doesn’t reflect reality.

post_pic2

Anaisdg · November 9, 2020, 9:57pm

I’m not sure this is odd. The final query you show in screen shot 3 should be correct. I’m sharing this with the flux team in case they have any answers. Otherwise you might consider submitting a bug or asking on the grafana community.
Finally, can you check that your column name doesn’t have any trailing or leading white spaces?

steffenalex · November 17, 2020, 12:14am

Hello.
Thanks a lot for your help.
I will try to post this in the Grafana community. I am guessing they might say, since this seems to be a flux issue to come here.

I checked for white spaces and anything out of the ordinary but I was not able to find anything. So we are good here and there seems to be a deeper issue.

jonathan · December 2, 2020, 8:46pm

I think for what you are doing this query is what you are looking for. But, you might want to try changing the column name. I think your column name might be AccessBlock.country rather than just country. Your results seem to be consistent with that.

from(bucket:“mybucket”)
|> range(start: -30m)
|> group(columns: [“AccessBlock.country”], mode: “by”)
|> count()

Topic		Replies	Views
Counting from string values Fluxlang flux	2	519	October 21, 2022
Group by using flux InfluxDB 2 influxdb , flux	1	374	May 9, 2022
Using Pivot in Flux on InfluxDB data - what am I doing wrong? Fluxlang influxdb , flux	6	904	November 20, 2022
Count values for percentage Fluxlang grafana , flux	2	441	July 8, 2021
Could someone help me with migrating InfluxQL query to Flux? Please :) Fluxlang	1	325	August 18, 2021

Data count order by

Related Topics