Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Synopsis

Calculates the maximum of the values in a specified column in the search query results.

Syntax

max [column_name]

Required Arguments

column_name

Syntax: <character string>

Description: The name of a column header that has numeric values

Optional Arguments

None

Description

From all the search query results, returns the maximum value in the specified column_name.

Examples

Example 1:  

* in log.access | max Bytes Sent 

Returns the maximum value of the column Bytes Sent in the events from access log.

Example 2:  

http in log.iis log| max time-taken | group by c-ip 

From the events from log.iss log that have the text http in their column values, calculates the maximum value in the time-taken column per each c-ip column value. 

  • No labels