Query Details
Numberof Events Overa Selected Time
Query
//Number of events over selected time union withsource=TableName * | where 'All Tables' == 'All Tables' or TableName == 'All Tables' | summarize count() by bin(TimeGenerated, 3h), Type | project ['Table name'] = Type, ['Time generated'] = TimeGenerated, ['Number of events'] = count_
Explanation
This query combines data from multiple tables and counts the number of events that occurred within a specific time period. It groups the events by the type of event and the time it was generated. The result shows the table name, time generated, and the corresponding number of events.
Details
Rod Trent
Released: September 3, 2020
Tables
TableName
Keywords
Union,TableName,AllTables,Type,TimeGenerated,Numberofevents
Operators
unionwithsourcewheresummarizecount()bybin()project