Home > Software engineering >  how to use variables in KQL?
how to use variables in KQL?

Time:10-26

I am trying to write a query with variable on KQL. This is it's 1st part: enter image description here

I want to use it in other query to add a column containing a percentage of each event in total number. In other words Percentage = EventNumber / totalEvents.

This is my 2nd query:

enter image description here

But I am getting an error when I am trying to combine my queries. Can you help my in fixing that?

enter image description here

CodePudding user response:

you could try using toscalar(): https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/toscalarfunction

for example:

let total_events = toscalar(
    T
    | where Timestamp > ago(7d)
    | count
);
T
| where Timestamp > ago(7d)
| summarize count() by Event
| extend percentage = 100.0 * count_ / total_events

in addition, you can materialize the results of a sub-query and re-use them using the as operator: https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/asoperator

for example:

T
| where Timestamp > ago(7d)
| summarize count() by Event
| as hint.materialized=true TT
| extend percentage = 100.0 * count_ / toscalar(TT | summarize sum(count_))

Page link:https//www.codepudding.com/Softwareengineering/166337.html

Prev:Rename a variable each time the code is run (python)?
Next:Error using "n-of" command with a breed in Netlogo
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding