库斯托 | 用 where 子句总结 count() 多列
tec*_*n23 3 kql azure-data-explorer
我试图在 Kusto 查询中获取多个事物的数量,但无法正常工作。假设我有一个这样的示例表:
let SampleTable = datatable(Department:string, Status:string, DateStamp:datetime)
[
"Logistics", "Open", "05-01-2019",
"Finance", "Closed", "05-01-2020",
"Logistics", "Open", "05-01-2020"
];
我这样查询:
SampleTable
| summarize closedEntries = count() by (Status | where Status == "Closed"),
openEntries = (Status | where Status == "Open"),
recentDates = (DateStamp | where DateStamp > "12-31-2019"),
Department
预期成绩:
但这会产生错误“名称‘状态’未引用任何已知的列、表、变量或函数。” 和 DateStamp 相同的错误。我也试过使用扩展和连接,但它很混乱。
您可以使用countif()聚合功能:https : //docs.microsoft.com/en-us/azure/data-explorer/kusto/query/countif-aggfunction
datatable(Department:string, Status:string, DateStamp:datetime)
[
"Logistics", "Open", "05-01-2019",
"Finance", "Closed", "05-01-2020",
"Logistics", "Open", "05-01-2020"
]
| summarize closedEntries = countif(Status == "Closed"),
openEntries = countif(Status == "Open"),
recentDates = countif(DateStamp > datetime(12-31-2019))
by Department
| 归档时间: |
|
| 查看次数: |
3166 次 |
| 最近记录: |