Skip to content

roundTime - Rounds the time to some interval

Rounds the time of the event into some time interval.

NOTE: This is functionally equivalent to timestamp / inverval

Syntax

roundtime(sourceTimestamp: timestamp, timeInterval: interval): timestamp

Arguments

Name Type Required Description
sourceTimestamp timestamp true The timestamp to round
timeInterval interval true The interval that represents the desired precision of the timestamp

Example - Grouping timestamps by one hour buckets

Consider the following documents:

{
    "ts": 1728763337,
    "action": "CREATE"
},
{
    "ts": 1728751234,
    "action": "CREATE"
},
{
    "ts": 1728734567,
    "action": "UPDATE"
},
{
    "ts": 1728763312,
    "action": "DELETE"
}

We can to see how many CREATE operations happened per hour. To do this, we can convert the timestamp into one hour buckets, and then group by the result.

filter action == "CREATE"
| groupby roundTime(ts, '1h') as time_bucket agg count() as create_count

This will result in the following documents:

{
    "time_bucket": 1728763200000000000,
    "create_count": 2
},
{
    "time_bucket": 1728748800000000000,
    "create_count": 1
},
{
    "time_bucket": 1728734400000000000,
    "create_count": 1
}

Another way to write this query is using a simple division:

filter action == "CREATE"
| groupby (ts / 1h) as time_bucket agg count() as create_count
Previous Previous roundInterval
Next subtractInterval Next
Home
User Guides User Guides
DataPrime DataPrime
Integrations Integrations
OpenTelemetry OpenTelemetry
Developer Portal Developer Portal