What is aggregation in PromQL (sum, avg, by, without)? [Basic]
Answer
Aggregation in PromQL combines series using functions such as sum, avg, min, max, count, topk, and quantile. The by clause keeps selected labels; without drops selected labels and groups by the rest.
Technical explanation
sum by (service) groups all matching series into one result per service.
sum without(instance, pod) removes replica-level labels while keeping the other labels.
Correct aggregation is essential to avoid double counting or accidentally hiding a bad instance.
Hands-on example
Examples: sum(rate(http_requests_total[5m])) by (service) gives RPS per service. sum without(pod, instance) (rate(container_cpu_usage_seconds_total[5m])) aggregates away pod identity. topk(10, sum by (pod) (rate(container_cpu_usage_seconds_total[5m]))) finds top CPU consumers.
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More Observability interview questions
- What is observability, and how is it different from traditional monitoring? [Basic]
- What are the three pillars of observability (metrics, logs, traces)? [Basic]
- What is the difference between monitoring and observability in practice? [Basic]
- What are the four golden signals of monitoring? [Basic]
- What is the difference between the USE method and the RED method? [Basic]
- When would you use the USE method versus the RED method? [Basic]
- What is an SLI, an SLO, and an SLA, and how do they relate? [Basic]
- How do you choose good SLIs for a service? [Basic]