Open
Description
This feature introduces a "secondary aggregation" capability that allows performing calculations on already aggregated data. Currently, users can only apply one level of aggregation in a query, but there are scenarios that require processing data in multiple stages.
Examples
Database Performance Analysis
Imagine tracking database query performance across multiple users. You might want to:
- First find the maximum memory usage per user in each time interval
- Then sum these maximums across all users
The SQL equivalent would be:
SELECT SUM(max_memory_usage)
FROM (
SELECT MAX(db.query.memory_usage)
FROM logs/traces
GROUP BY db.query.user, interval
)
GROUP BY intervalInfrastructure Monitoring
Consider monitoring CPU usage across a fleet of servers. You might want to:
- First calculate the average CPU usage for each host
- Then count how many hosts have an average above 50%
This type of analysis requires two distinct aggregation steps:
- Primary aggregation: Calculate average CPU per host
- Secondary aggregation: Count hosts meeting the threshold
This enhancement would enable these more sophisticated analytical queries that weren't possible with single-level aggregation.