Manage time

  • Latest Dynatrace
  • Tutorial

With the timeframe, you can define the period from which your data is being queried. If you don't specify the timeframe, the default -2h is applied, meaning that the data being fetched is from the last two hours.

There are several ways to define the timeframe for your queries.

Define timeframe in the DQL query

You can define a custom timeframe in the DQL queries: in the query input, use the fetch command with the timeframe or from and to parameter to override your manual settings from the timeframe selector.

Define timeframe in the timeframe selection

You can define an ad-hoc timeframe, use an existing timeframe, or create a custom timeframe in the timeframe selection section next to the Run Run button.

timeframe selector

The timeframe selection is disabled when you define the timeframe in the DQL query.

Define timeframe from the results

You can create a custom timeframe from a selection in the results.

  1. Select multiple values from a field of timestamp type (use the shift key to select multiple values).

  2. Right-click and select Add to custom timeframes.

    This selects the min() and max() values from the selected range and creates a new custom timeframe for your case.

Add to custom timeframes

Define timeframe in the query summary

You can define a custom timeframe in the query summary shown below the query input after you execute a query.

  1. In the query summary, select the timeframe.
  2. Enter a name and select Save.

create custom timeframe from query analysis

Set the reference time

To speed up investigations, you can keep track of the time between events you're analyzing and the time when an incident occurred by adding the time perspective to your queries.

  1. In the results table, right-click on the timestamp field of the event for which you want to create the reference time.
  2. Select Set as reference time.

A virtual column with the timestamp offset is added to the nodes in the query tree. The offset displays the time difference between the reference time created and the timestamp of the event in the results table in the specific record.

Once you create a reference time, you can

  • Display it for every column with the timestamp type
  • Replace the reference time at any time and the offset will be recalculated based on the new reference value
  • Use the reference time to create timestamp-specific filters directly from the reference time menu next to the case title

manage time reference

Related tags
Threat Observability