在Log Analytics中,我可以编写以下查询:
requests
| where timestamp > ago(30d)
| summarize count() by bin(timestamp, 5m)
并且每个垃圾箱将在该时间段内对请求进行计数。
bin 1 -> 5 req
bin 2 -> 2 req
bin 3 -> 8 req
我希望获得一段时间内的总体情况,如:
bin 1 -> 5 req
bin 2 -> 7 req (bin1 + bin2)
bin 3 -> 15 req (bin1 + bin2 + bin3)
如何使用Kusto实现这一目标?
您可以尝试使用row_cumsum():https://docs.microsoft.com/en-us/azure/kusto/query/rowcumsumfunction
datatable(dummy:int, timestamp:datetime)
[
1, datetime(2019-10-06 00:00),
1, datetime(2019-10-06 00:01),
1, datetime(2019-10-06 00:02),
1, datetime(2019-10-06 00:03),
1, datetime(2019-10-06 00:04),
1, datetime(2019-10-06 06:00),
1, datetime(2019-10-06 06:01),
1, datetime(2019-10-06 12:00),
1, datetime(2019-10-06 12:00),
1, datetime(2019-10-06 12:02),
1, datetime(2019-10-06 12:01),
1, datetime(2019-10-06 12:04),
1, datetime(2019-10-06 12:01),
1, datetime(2019-10-06 12:02),
1, datetime(2019-10-06 12:02),
]
| summarize count() by bin(timestamp, 5m)
| order by timestamp asc
| project timestamp, c = row_cumsum(count_)
->
| timestamp | c |
|-----------------------------|----|
| 2019-10-06 00:00:00.0000000 | 5 |
| 2019-10-06 06:00:00.0000000 | 7 |
| 2019-10-06 12:00:00.0000000 | 15 |