Versions Compared

Old Version 2

changes.mady.by.user Omry Koschitzky

Saved on

compared with

New Version Current

changes.mady.by.user Omry Koschitzky

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Displays the sum of the values in a specified column in the search query results.

Syntax

sum <column[column_name>name]

Required Arguments

column_name

...

For each event in the search query results that has the specified column_name with a numeric value, add adds the value to the cumulative sum, and when you have reached it reaches the last event, display  displays the sum.

Examples

Example

...

1:  

...

* in log.access | sum Bytes Sent 

 Returns the sum Returns the sum of the values in the column Bytes Sent in the events from access log.

Example 2:  

http in log.iis log| sum time-taken | group by c-ip 

From the events from log.iss log that have the text http in their column values, calculates the sum of the values in the time-taken column per each c-ip column value.