Did you know?
Glossary Grafana Alloy

An open-source, vendor-neutral telemetry collector designed to replace Grafana Agent, fully compatible with OpenTelemetr...

Associated courses : Alloy

[TP] Lab - Advanced analysis with Grail, DQL and Entity Selectors

  1. Home
  2. Observability
  3. Dynatrace: from discovery to expertise
  4. Grail - data lakehouse built for observability data

[TP] Lab - Advanced analysis with Grail, DQL and Entity Selectors


In this lab, we will review Grail, leverage Entity Selectors in DQL queries, and export everything to a dashboard and a notebook.

What you will learn in this TP :
  • Understand the role of Grail
  • Apply DQL best practices

Review of Grail and DQL


What you will learn in this section :
  • Understand the role of Grail
  • Apply DQL best practices

Before starting, let's review Grail and best practices for building your DQL queries.
  1. What is Grail?
    Grail is Dynatrace's data lakehouse. Unlike traditional databases, Grail is designed specifically for observability. It stores logs, metrics, traces, and business events (bizevents) in a unified way, without requiring strict schemas or prior indexing (schema-on-read). This allows massive data querying with topological context (Smartscape) always preserved.
  2. Best practices for DQL queries
    To write high-performance queries in DQL (Dynatrace Query Language), you must follow a few golden rules:
    • Filter early: Use the filter command as early as possible in your query to reduce the data volume processed in subsequent pipelines.
    • Time selectivity: Always limit the time range of your search (directly via the timeframe selector or in the query).
    • Leverage Entity Selectors: Use the entitySelector() function to benefit from dynamic context instead of hardcoding static IDs.
    • Use limit(): When writing and testing, end your queries with limit 10 to speed up response times.

Creating DQL queries

You will create 5 DQL queries that leverage the `entitySelector()` function to dynamically target your entities.
  1. Query 1: Production host logs
    Write a DQL query to retrieve logs only for hosts bearing the 'ENV:PROD' tag. You must use an Entity Selector.
  2. Query 2: Events related to Java services
    Write a query to list and count recent events related to services running the 'Java' technology.
  3. Query 3: CPU usage via Timeseries
    Grail also allows querying metrics. Display the average CPU usage (metric `builtin:host.cpu.usage`) for all hosts belonging to a Management Zone named 'MZ_Finance'.
  4. Query 4: Search for a specific team's errors
    Retrieve logs containing the word 'error' for process groups (PROCESS_GROUP) owned by the backend team (tag 'owner:backend').
  5. Query 5: Business events (Bizevents) by application
    Retrieve the latest business events (bizevents) generated, but limit this search only to monitored applications of type APPLICATION (Web or Mobile).

Export to Notebook and Dashboard

The goal here is to save, document, and visualize the result of your queries for your teams.
  1. Creating the Notebook
    Execute your DQL queries in the Notebooks application. Format your document and save it following the naming standard: `formation-` (for example: `formation-martin`).
  2. Pin to a Dashboard
    Create a new dashboard named `formation-`. Pin at least 3 of your DQL results to this dashboard.

Difficulty level: (3/5)

Recommended Articles

License consumption types

Understand the evolution of billing in Dynatrace: the difference between the ...

Grafana Alloy: The importance of Self-Monitoring

Discover why and how to configure Grafana Alloy so that it monitors itself, c...

Grafana Alloy: Understanding and exploiting the User Interface (UI)

Discover how to enable, secure, and use Grafana Alloy's built-in web interfac...

Grafana Alloy: Introduction and Architecture

Discover the fundamental concepts of Grafana Alloy, the transition from the s...

Grafana Alloy: Syntax and Configuration (Alloy Language: River)

As part of a Grafana training or observability training, master the declarati...

Grafana Alloy: Metrics Collection (Prometheus & Ecosystem)

Learn how to configure Grafana Alloy to collect, transform, and forward metri...

Grafana Alloy: Log Management with Loki

Discover how to configure Grafana Alloy to read log files, journald, or netwo...

Grafana Alloy: Trace Management with Tempo

Dive into distributed trace processing. Learn how to ingest OTLP, Jaeger, or ...

Grafana Alloy: Continuous Profiling with Pyroscope

Discover how to configure continuous profiling in your environments using Gra...

Grafana Alloy: Advanced Deployment and Clustering

Learn how to manage large-scale Grafana Alloy deployments. Configure Clusteri...

Grafana Assistant: AI at the service of observability

Discover Grafana Assistant, the artificial intelligence integrated into Grafa...

Grafana Alloy vs Dynatrace ActiveGate: Which to choose?

Comparison between Grafana Alloy and Dynatrace ActiveGate. Understand the fun...

Course Glossary

AIOps (Artificial Intelligence for IT Operations)

The use of artificial intelligence and machine learning to automate and improve IT operations (e.g., anomaly detection, reducing alert noise).

OpenTelemetry

An open source framework providing standards, APIs, and SDKs to collect and export observability data (traces, metrics, logs) in an agnostic way.

Have you finished?
Previous session See the correction Next session