timeseries count of Grafana Loki logs grouped by error type

Question

I want a view similar to this:

with a different colour/line for each error type

I tried 2 approaches and failed

1st Approach - transformers

1. I first query all by requests and present the verb

   {job="myJob", filename="/server.log"} |= `exception_type` | json | line_format 
   `{{.exception_type}}`
   

2. Then I use a Format Time transformer, where I set the formatting to YYYYMMDD-HH

3. Then I use the Group By transformer, where I group by my now grouped by hour Time as well as line which contains the exception_type

   • I also add a calculate on the "Id" column and select count
   • lastly I add a calculate on the "Time" to get the first value

At this point I have a few of the columns I need, but no way for the Timeseries ingest this format.

2nd Approach - multiple count_over_time stacks

I could technically stack a bunch of these (one for each error type), but that seems less than ideal; both because I don't have a comprehensive list of error types, and because the maintenance surface area is larger than I'd like

sum(count_over_time({job="myjob", filename="server.log"} | json | exception_type =~ "Could not create folder" [$__interval]))

The image I provided works because it's hitting an SQL DB (Postgres) which has a group by and a query that looks like this: