On This Page

Home / Search/ Language Reference/ Functions/ Statistical Functions/minif

minif

The minif aggregation function calculates the minimum value across the group for which Predicate evaluates to true.

Use this function with the summarize, eventstats, and timestats operators.

Syntax

    minif( Expression, Predicate )

Arguments

  • Expression: Expression used for aggregation calculation. Wildcards are not supported for field names.
  • Predicate: Expression that will be used to filter rows.

Results

Returns the minimum value of Expression across the group for which Predicate evaluates to true.

Numeric values are considered before alpha or alphanumeric values.

Examples

This example returns the minimum byte count for source address 10.0.0.33:

dataset="cribl_search_sample" | limit 1000 | summarize minif(bytes,srcaddr=="10.0.0.33")
Run in Cribl Search

This example summarizes minimum byte counts by private source address:

dataset="cribl_search_sample" 
| limit 1000 
| summarize minif(bytes, ipv4_is_private(srcaddr)) by srcaddr
Run in Cribl Search