GitHubContribute in GitHub: Edit online

count() (aggregation function)

Returns a count of the records per summarization group (or in total, if summarization is done without grouping).

  • Can be used only in context of aggregation inside summarize
  • Use the countif aggregation function to count only records for which some predicate returns true.

Syntax

count()

Returns

Returns a count of the records per summarization group (or in total, if summarization is done without grouping).

Example

This example simply aggregates events by their severity.

events 
    | project severity, original_time
    | where original_time > ago(24h)
    | where severity > 6 
    | summarize EventCount=count() by EventSeverity=severity
    | order by EventSeverity desc

Results

EventSeverity EventCount
10 245015
9 1401646
8 360175
7 1258226