| title | description | services | documentationcenter | author | manager | editor | ms.assetid | ms.service | ms.workload | ms.tgt_pltfrm | ms.topic | ms.date | ms.author | ms.component |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Useful operators in Azure Log Analytics queries | Microsoft Docs |
Common functions to use for different scenarios in Log Analytics queries. |
log-analytics |
bwren |
carmonm |
log-analytics |
na |
na |
conceptual |
08/21/2018 |
bwren |
na |
The table below provides some common functions to use for different scenarios in Log Analytics queries.
| Category | Relevant Analytics Function |
|---|---|
| Selection and Column aliases | project, project-away, extend |
| Temporary tables and constants | let scalar_alias_name = …; let table_alias_name = … … … ; |
| Comparison and String Operators | startswith, !startswith, has, !has contains, !contains, containscs hasprefix, !hasprefix, hassuffix, !hassuffix, in, !in matches regex ==, =~, !=, !~ |
| Common string functions | strcat(), replace(), tolower(), toupper(), substring(), strlen() |
| Common math functions | sqrt(), abs() exp(), exp2(), exp10(), log(), log2(), log10(), pow() gamma(), gammaln() |
| Parsing text | extract(), extractjson(), parse, split() |
| Limiting output | take, limit, top, sample |
| Date functions | now(), ago() datetime(), datepart(), timespan startofday(), startofweek(), startofmonth(), startofyear() endofday(), endofweek(), endofmonth(), endofyear() dayofweek(), dayofmonth(), dayofyear() getmonth(), getyear(), weekofyear(), monthofyear() |
| Grouping and aggregation | summarize by max(), min(), count(), dcount(), avg(), sum() stddev(), countif(), dcountif(), argmax(), argmin() percentiles(), percentile_array() |
| Joins and Unions | join kind=leftouter, inner, rightouter, fullouter, leftanti union |
| Sort, order | sort, order |
| Dynamic object (JSON and array) | parsejson() makeset(), makelist() split(), arraylength() zip(), pack() |
| Logical operators | and, or, iff(condition, value_t, value_f) binary_and(), binary_or(), binary_not(), binary_xor() |
| Machine learning | evaluate autocluster, basket, diffpatterns, extractcolumns |
- Go through a lesson on the writing queries in Log Analytics.