Skip to content

Build a Dynamic Table Widget

Customize records of peak traffic

Use a dynamic table widget to track your largest error responses per day and highlight spikes with visual rules. This tutorial guides you through a projected query, demonstrating how to format bytes and highlight high counts using column rules in the table widget.

image.png

What you need

  • Permission to create and edit dashboards in Custom Dashboards.
  • A project that sends logs with severity, http_resp_bytes, and timestamp fields.
  • A dashboard where you can add a new dynamic widget.

Step 1: Create the dynamic table widget

  1. Open your dashboard, select Add Widget and drag a new Dynamic widget into the dashboard.

  2. In the Query Builder, select DataPrime as the data source and paste this projected query:

    source logs
| filter $m.severity == ERROR
| groupby $m.timestamp / 10m as bucket.ts agg count() as bucket.count, max($d.http_resp_bytes) as bucket.maxBytes
| groupby bucket.ts / 1d as day max_by(bucket.count, bucket) as bucket
| choose day.formatTimestamp('%d-%m-%Y') as day,
         bucket.count as count,
         bucket.maxBytes as largestBytes,
         bucket.ts.formatTimestamp('%d-%m-%Y %H:%M') as ts

    This query identifies the busiest 10-minute time buckets based on error count per day, and then returns its timestamp, error count, and largest response size.

  3. Run the query and switch the visualization to Table.

    Note

    The query defines the column names and order in the table. To add new columns or change order, update the query directly. Column Management settings is disabled for projected queries. Learn more about column management.

  4. Confirm that the table shows four columns:

    • day : The calendar day for the bucket.
    • count: The number of error events in the 10-minute bucket with the highest error volume.
    • largestBytes: The largest http_resp_bytes value in that day.
    • ts: The timestamp of that peak bucket.

How the projected query works

  • The first groupby aggregates errors into 10-minute time buckets and calculates two metrics per bucket: bucket.count and bucket.maxBytes.
  • The second groupby rolls those buckets up to a per-day view and uses max_by(bucket.count, bucket) to keep only the 10-minute bucket with the highest error count for each day.
  • The final choose projects exactly four fields (day, count, largestBytes, ts) into the result. Projected queries expose only these fields to the widget, so the table’s columns always match the projection.

Step 2: Add a rule for the largestBytes column

Use a rule to align the largestBytes column and show values as bytes with three decimal places.

  1. In the widget’s Settings, go to RULES LIST, then select Add rule.
  2. Name the rule Format largest error size.
  3. Under Apply on column, select Name and select the largestBytes column. The rule now targets only that column.
  4. In Rule properties, add the following property configuration:
  5. Units property:
    • Select a Bytes unit so the widget formats values like 4.680 KiB.
    • Set Decimal mode with 3 decimal places so small differences in payload size are visible but still readable.

Step 3: Add a threshold rule for the count column

Next, add a rule that highlights days with unusually high error counts in the count column.

  1. In the RULES LIST, select Add rule.
  2. Name the rule Highlight error spikes.
  3. Under Apply on column, select the count column.
  4. In Rule properties, add the following property configuration:
  5. Threshold property:
    • 0–3000: base style (no label)
    • 3000–4000: warning label at 60%
    • 4000 and up: critical label at 90%
  6. Save the rule. The table uses the thresholds to change the background or badge style for the count cells, so days with error spikes stand out immediately.

Threshold rules evaluate the numeric value in the cell. Applying formatting or units to other columns doesn't affect thresholds.

Analyze the table

  • Scan the count column first to spot highlighted days with the highest error volume.
  • Look at largestBytes for those days to understand whether large responses correlate with error spikes.
  • Use the ts column to drill into the exact 10-minute window where errors peaked, for example by opening an Explore query or a custom action from the row.

Best practices

  • Keep projected queries narrow. Use choose to include only the columns you need in the table, which keeps rule configuration focused and column management predictable.
  • Use Units on any column that represents bytes, durations, or percentages so tables follow consistent measurement styling across dashboards.
  • Use Column alignment to right-align numbers and left-align text so mixed data types remain readable.
  • In production dashboards you can combine Units, Alignment, and Thresholds to take full advantage of column customization.
  • Name rules and add descriptions so other team members can understand why a rule exists and which behavior it controls.
Was this helpful?
Previous Overview
Next Create and Manage Custom Actions
Home
User Guides
DataPrime
Integrations
OpenTelemetry
Developer Portal