Given the following Log analytics KQL query :
SigninLogs
| where ResultType == 0
| summarize max(TimeGenerated) by UserPrincipalName
I need to display other columns from those selected rows in the SigninLogs table. I've tried different approaches with no success. Joining back to the same table again seems unfeasible as joins appear to only be available using a single column. Other approaches using in failed because the needed columns weren't available in the above source query.
You can use the arg_max() aggregation function: https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/arg-max-aggfunction
Related
Is it possible to divide all columns in a table by one of them? There are 168 of them so I'd rather not write column2/column1, column3/column1, etc.
As Suggested by #Aishwary, you can write a script to get the list of columns using INFORMATION_SCHEMA and then iterate over the list of columns to get the desired result.
I have a column of type string in my table, where multiple values are separated by pipe operator. For example, like this,
Value1|Value2|Value3
Now, what I want is to have a query, which will show three rows for this row. Basically something similar to the concept of explode in Dataframes.
Note that I am using Spark SQL. And I want to achieve this using SQL, not dataframes.
I got it working by using the following query.
select t.*, explode(split(values, "\\|")) as value
from table t
\\| here can also be replaced by [|]. Just specifying | doesn't work.
I have a multi-leveled table hierarchy in SQL Server, and when joining them I want to do an aggregation of strings from rows of one of the tables. In my (simplified) example in the screenshot below, I have Level1->Level2->Level3 and also a table PerformingUser "hanging under" Level1.
I have done a JOIN on all these four tables, resulting in 8 rows. So far all is fine.
Now, what I want is that each of this 8 rows gets a new column ("AllUsersForLevel1") with an aggregation of all PerformingUsers for its Level1.
(The intent is that the PerformingUser also can see what other PerformingUsers have the same Level1.)
So for the first 2 rows I want a new column with 'aretha, mary'. And in the other 6 rows that column should have 'john, jim'.
I have tried STRING_AGG (as indicated in the comment in the image), but it requires a grouping (which I do not want; I want all 8 rows).
I also tried to do a STRING_AGG on a OVER (PARTITION BY Level1ID), but got "The function 'STRING_AGG' is not a valid windowing function, and cannot be used with the OVER clause."
Does anyone have advice on how to do this?
I am evaluating Hive and need to do some string field concatenation after group by. I found a function named "concat_ws" but it looks like I have to explicitly list all the values to be concatenated. I am wondering if I can do something like this with concat_ws in Hive. Here is an example. So I have a table named "my_table" and it has two fields named country and city. I want to have only one record per country and each record will have two fields - country and cities:
select country, concat_ws(city, "|") as cities
from my_table
group by country
Is this possible in Hive? I am using Hive 0.11 from CDH5 right now
In database management an aggregate function is a function where the values of multiple rows are grouped together as input on certain criteria to form a single value of more significant meaning or measurement such as a set, a bag or a list.
Source: Aggregate function - Wikipedia
Hive's out-of-the-box aggregate functions listed on the following web-page:
Built-in Aggregate Functions (UDAF - user defined aggregation function)
So, the only built-in option (for Hive 0.11; for Hive 0.13 and above you have collect_list) is:
array collect_set(col)
This one will answer your request in case there is no duplicate city records per country (returns a set of objects with duplicate elements eliminated). Otherwise create your own UDAF or aggregate outside of Hive.
References for writing UDAF:
Writing GenericUDAFs: A Tutorial
HivePlugins
Create/Drop Function
I have a requirement to display row values as column names in a data grid view. I want to get the store names into columns using sql select statement. (Please refer the attached image). I want user to enter some values under each column. So STORE 1, STORE 2, STORE 3 should displays as columns in datagrid view. Does anyone can help me to get this work?
while googling i found this can be done using PIVOT in SQL. But in this table i don't have any aggregate columns. Any help pls?
the result should be somthing like
You may know that your data only contains a single row for each pivoting column, but SQL Server has to construct a plan that could accommodate multiple rows.
So, use PIVOT and just use an aggregate that, if passed a single value, will return that same value. MIN() and MAX() fit that description (as does SUM if you're working with numeric data)
You may use specific function of dynamic pivot and pass your query with item count column.
You can use below link which provided you function and can easily show you expected output.
http://forums.asp.net/t/1772644.aspx/1
Procedure name:
[dbo].[dynamic_pivot]