Skip to main content

Why can count(x > 5) not return 0?

When using the count aggregation operator you may have noticed that it sometimes returns nothing rather than 0. Why is this?
To explain, let's start with an example instant vector:
x{l="foo"} 2
x{l="bar"} 4
If you were to evaluate count(x) you would get {}: 2, which is to say a single sample with no labels and the value 2. This is what you'd expect.
If you were to evaluate count by (l)(x) you would get an instant vector with two elements, {l="foo"}: 1 and {l="bar"}: 1. This all seems fine so far.
Now what if you do count by (l)(x > 3)? This makes the result a single sample of {l="bar"}: 1. This is as the sample with l="foo" would be filtered away, and the count aggregator would only be applied to the l="bar" sample. count can't invent a label out of nowhere after all.
The same applies to count(x > 5). The instant vector returned by x > 5 is empty so the result of the count is also going to be an empty instant vector.

The good news is that there is a way to get a 0 in this situation, by taking advantage of the bool modifier of comparison operators. Unlike normal comparison operators which filter if the comparison fails, the bool modifier will  return a 0 if the comparison fails and a 1 if it succeeds. Then you can add these up using sum.
So sum(x > bool 5) would return {}: 0. Similarly sum by (l)(x > bool 3) would return an instant vector with two elements, {l="foo"}: 0 and {l="bar"}: 1.


Labels:

Comments

Post a Comment

https://gengwg.blogspot.com/

Popular posts from this blog

CKA Simulator Kubernetes 1.22

  https://killer.sh Pre Setup Once you've gained access to your terminal it might be wise to spend ~1 minute to setup your environment. You could set these: alias k = kubectl                         # will already be pre-configured export do = "--dry-run=client -o yaml"     # k get pod x $do export now = "--force --grace-period 0"   # k delete pod x $now Vim To make vim use 2 spaces for a tab edit ~/.vimrc to contain: set tabstop=2 set expandtab set shiftwidth=2 More setup suggestions are in the tips section .     Question 1 | Contexts Task weight: 1%   You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl . Finally write a second command doing the same thing into ...
Post a Comment
Read more

OWASP Top 10 Threats and Mitigations Exam - Single Select

Last updated 4 Aug 11 Course Title: OWASP Top 10 Threats and Mitigation Exam Questions - Single Select 1) Which of the following consequences is most likely to occur due to an injection attack? Spoofing Cross-site request forgery Denial of service   Correct Insecure direct object references 2) Your application is created using a language that does not support a clear distinction between code and data. Which vulnerability is most likely to occur in your application? Injection   Correct Insecure direct object references Failure to restrict URL access Insufficient transport layer protection 3) Which of the following scenarios is most likely to cause an injection attack? Unvalidated input is embedded in an instruction stream.   Correct Unvalidated input can be distinguished from valid instructions. A Web application does not validate a client’s access to a resource. A Web action performs an operation on behalf of the user without checkin...
2 comments
Read more