kusto-query-language

Query the ouput and get latest file name

自古美人都是妖i 提交于 2019-12-24 18:46:57
问题 Below is the kusto query: ADFActivityRun | where PipelineName contains "MyPipeline" | where OperationName == "Failed" | order by TimeGenerated desc | take 1 The Output column gives below result: "{ ""name"": ""varFileNames"", ""value"": [ { ""name"": ""Z400_EEE_20191110_ERR.txt"", ""type"": ""File"" }, { ""name"": ""Z400_CCC_20191119_ERR.txt"", ""type"": ""File"" }, { ""name"": ""Z400_DDD_20191121_ERR.txt"", ""type"": ""File"" }, { ""name"": ""Z400_EEE_20191122_ERR.txt"", ""type"": ""File"" }

Date time difference within a column in Azure Monitor Logs (Kusto Query Language)

混江龙づ霸主 提交于 2019-12-11 10:56:40
问题 I have clickstream data in Azure Monitor Logs in this format: Timestamp Category Session_ID Step_Name 10/22/2019, 9:28:14.868 AM A ++9Ti step 1 10/22/2019, 9:28:18.034 AM A ++9Ti step 2 10/22/2019, 9:28:22.487 AM A ++9Ti step 3 10/23/2019, 7:02:02.527 AM B ++MoY step 1 10/23/2019, 7:02:09.244 AM B ++MoY step 2 10/23/2019, 7:02:21.156 AM B ++MoY step 3 <-- 10/23/2019, 7:02:27.195 AM B ++MoY step 3 <-- 10/23/2019, 7:15:13.544 AM A ++0a3 step 1 10/23/2019, 7:15:35.438 AM A ++0a3 step 2 I need to