Consultar dados do OpenTelemetry

info

Beta

Este recurso está em versão Beta.

Esta página fornece exemplos de consultas SQL para dados OpenTelemetry ingeridos em tabelas Delta pelo Zerobus Ingest OTLP. Para obter detalhes sobre os esquemas das tabelas e as colunas, consulte a referência de tabelas do OpenTelemetry para Zerobus Ingest.

Nos exemplos abaixo, substitua <catalog>.<schema>.<prefix> pelo prefixo do nome do seu catálogo, esquema e tabela.

Colunas como attributes, resource.attributes, instrumentation_scope.attributes e body (logs) são armazenadas como VARIANT. Use a sintaxe :key::type para extrair valores. Por exemplo, attributes:['http.method']::string retorna o atributo http.method como uma string.

nota

Consultar colunas VARIANT requer o Databricks Runtime 15.3 ou superior. Para obter melhores resultados na fragmentação de variantes, utilize Databricks Runtime 17.2 ou superior.

vãos

As consultas a seguir retornam dados da tabela spans, que armazena dados de rastreamento distribuído.

SQL

-- Recent spans with duration and attributes
SELECT
  time,
  service_name,
  name,
  (end_time_unix_nano - start_time_unix_nano) / 1000000 AS duration_ms,
  status.code AS status_code,
  attributes:['http.method']::string AS http_method,
  attributes:['http.status_code']::int AS http_status
FROM <catalog>.<schema>.<prefix>_otel_spans
WHERE time > current_timestamp() - INTERVAL 1 HOUR
ORDER BY time DESC
LIMIT 100;

-- Filter spans by attribute value
SELECT *
FROM <catalog>.<schema>.<prefix>_otel_spans
WHERE attributes:['http.status_code']::int = 200
  AND time > current_timestamp() - INTERVAL 1 HOUR;

-- Slowest operations by service
SELECT
  service_name,
  name,
  COUNT(*) AS call_count,
  AVG((end_time_unix_nano - start_time_unix_nano) / 1000000) AS avg_duration_ms,
  PERCENTILE_APPROX((end_time_unix_nano - start_time_unix_nano) / 1000000, 0.95) AS p95_duration_ms
FROM <catalog>.<schema>.<prefix>_otel_spans
WHERE time > current_timestamp() - INTERVAL 1 HOUR
GROUP BY service_name, name
ORDER BY avg_duration_ms DESC;

-- Spans by service name, environment, and SDK version
SELECT
  service_name,
  resource.attributes:['deployment.environment']::string AS environment,
  instrumentation_scope.attributes:['otel.library.version']::string AS sdk_version,
  COUNT(*) AS span_count
FROM <catalog>.<schema>.<prefix>_otel_spans
WHERE time > current_timestamp() - INTERVAL 1 HOUR
GROUP BY service_name, environment, sdk_version;

logs

As consultas a seguir retornam dados da tabela de logs, que armazena registros de log estruturados e seus níveis de severidade.

SQL

-- Recent logs with body and attributes
SELECT
  time,
  service_name,
  severity_text,
  body::string AS message,
  attributes:['exception.type']::string AS exception_type
FROM <catalog>.<schema>.<prefix>_otel_logs
WHERE time > current_timestamp() - INTERVAL 1 HOUR
ORDER BY time DESC
LIMIT 100;

-- Error logs by service
SELECT
  service_name,
  severity_text,
  COUNT(*) AS log_count
FROM <catalog>.<schema>.<prefix>_otel_logs
WHERE severity_text IN ('ERROR', 'WARN')
  AND time > current_timestamp() - INTERVAL 1 HOUR
GROUP BY service_name, severity_text
ORDER BY log_count DESC;

-- Structured log body
SELECT
  time,
  service_name,
  body:message::string AS message,
  body:error.code::int AS error_code
FROM <catalog>.<schema>.<prefix>_otel_logs
WHERE time > current_timestamp() - INTERVAL 1 HOUR
  AND body:error.code IS NOT NULL;

métricas

As consultas a seguir retornam dados da tabela de métricas, que armazena medições de gauge, soma e histograma.

SQL

-- Recent metrics with values
SELECT
  time,
  service_name,
  name,
  metric_type,
  COALESCE(gauge.value, sum.value) AS value
FROM <catalog>.<schema>.<prefix>_otel_metrics
WHERE time > current_timestamp() - INTERVAL 1 HOUR
ORDER BY time DESC
LIMIT 100;

-- Gauge metrics over time
SELECT
  date_trunc('minute', time) AS minute,
  name,
  AVG(gauge.value) AS avg_value,
  MAX(gauge.value) AS max_value
FROM <catalog>.<schema>.<prefix>_otel_metrics
WHERE metric_type = 'gauge'
  AND time > current_timestamp() - INTERVAL 1 HOUR
GROUP BY 1, 2
ORDER BY minute;

-- Gauge attributes (attributes are nested inside each metric-type struct)
SELECT
  time,
  name,
  gauge.value,
  gauge.attributes:['host.name']::string AS host
FROM <catalog>.<schema>.<prefix>_otel_metrics
WHERE metric_type = 'gauge'
  AND time > current_timestamp() - INTERVAL 1 HOUR;

-- Filter metrics by resource attribute
SELECT
  time,
  name,
  gauge.value
FROM <catalog>.<schema>.<prefix>_otel_metrics
WHERE resource.attributes:['deployment.environment']::string = 'production'
  AND metric_type = 'gauge'
  AND time > current_timestamp() - INTERVAL 1 HOUR;

Próximos passos

• Referência de tabelas do OpenTelemetry para Zerobus Ingest: Referência para esquemas de tabelas e definições de colunas para tabelas de spans, logs e métricas.
• Configure os clientes OpenTelemetry (OTLP) para enviar dados ao Unity Catalog: Configure um SDK ou Collector do OpenTelemetry para enviar dados ao Zerobus Ingest.
• Tratamento de erros de ingestão do Zerobus: Solução de problemas e códigos de erro comuns.