Group or Aggregate Operators

In this section, we'll introduce the following concepts:

avg

Calculates the avg value of a numerical field being evaluated.

count, count_distinct, count_frequent

Use with a group operator and field name.

first, last

Return the first or last result relative to the sort order.

median

Calculates the median value for a particular field.

min, max

Use these functions to find the smallest or largest value in a set of values.

most_recent, least_recent

Select the most or least recent value within a group.

pct

Finds the specified percentiles of a given field.

pct_sampling

Finds the percentile of a given field.

stddev

Finds the standard deviation for numerical values within a time range.

sum

Adds values of a numerical field being evaluated within a time range.

values

Provides all the distinct values of a field.