General aggregate functions - Index and query| Alibaba Cloud Documentation Center

General aggregate functions

Edit in GitHub

Last Updated: Jul 31, 2020 Edit in GitHub

This topic describes the syntax of general aggregate functions and provides examples on how to use these functions.

The Search/Analytics feature of Log Service allows you to use general aggregate functions to analyze logs. The following table describes the specific statements.


Statement	Description	Example
`arbitrary(x)`	Returns an arbitrary value of input values.	`latency > 100 \| select arbitrary(method)`
`avg(x)`	Returns the average (arithmetic mean) of input values.	`latency > 100 \| select avg(latency)`
`checksum(x)`	Returns a Base64-encoded checksum of the specified input values.	`latency > 100 \| select checksum(method)`
`count(*)`	Calculates the number of rows.	N/A
`count(x)`	Calculates the number of non-null values in input values.	`latency > 100 \| select count(method)`
`count(digit)`	Functions the same as `count(*)` to calculate the number of rows. Example: `count(1)`.	N/A
`count_if(x)`	Returns the number of true values in input values.	`latency > 100 \| select count_if(url like '%abc')`
`geometric_mean(x)`	Returns the geometric mean of input values.	`latency > 100 \| select geometric_mean(latency)`
`max_by(x,y)`	Returns the value of x associated with the maximum value of y over all input values.	Query the method for the maximum latency: `latency>100 \| select max_by(method,latency)`
`max_by(x,y,n)`	Returns n values of x associated with the n largest of all input values of y.	Query the methods for the top three rows with the maximum latency: `latency > 100 \| select max_by(method,latency,3)`
`min_by(x,y)`	Returns the value of x associated with the minimum value of y over all input values.	Query the method for the minimum latency: `* \| select min_by(x,y)`
`min_by(x,y,n)`	Returns n values of x associated with the n smallest of all input values of y.	Query the method for the top three rows with the minimum latency: `* \| select min_by(method,latency,3)`
`max(x)`	Returns the maximum value of input values.	`latency > 100\| select max(inflow)`
`min(x)`	Returns the minimum value of input values.	`latency > 100\| select min(inflow)`
`sum(x)`	Returns the sum of input values.	`latency > 10 \| select sum(inflow)`
`bitwise_and_agg(x)`	Returns the bitwise AND of all input values in two's complement representation.	N/A
`bitwise_or_agg(x)`	Returns the bitwise OR of all input values in two's complement representation.	N/A