Statistical Functions
Statistical functions are used together with the summarize, eventstats, and
timestats operators to aggregate your data. Cribl Search supports the following statistical functions:
| Name | Description |
|---|---|
avg | Calculates the average across the group. |
avgif | Calculates the average across the group where a predicate evaluates to true. |
count | Counts events per summarization group. |
countif | Counts events based on a predicate. |
dcount | Calculates an estimate of the number of distinct values. |
dcountif | Calculates an estimate of the number of distinct values for those rows where a predicate evaluates to true. |
max | Finds the maximum value across the group. |
maxif | Finds the maximum value for which a predicate evaluates to true. |
min | Finds the minimum value across the group. |
minif | Finds the minimum value which a predicate evaluates to true. |
percentile | Returns an estimate for the specified nearest-rank percentile of the population defined. |
stdev | Calculates the standard deviation of an expression across the group. |
stdevif | Calculates the standard deviation of an expression which a predicate evaluates to true. |
stdevp | Calculates the standard deviation of an expression across the group, considering the group as a population. |
sum | Calculates the sum of an expression across the group. |
sumif | Calculates the sum of an expression for which a predicate evaluates to true. |
variance | Calculates the variance of an expression. |
varianceif | Calculates the variance of an expression for which a predicate evaluates to true. |
variancep | Calculates the variance of an expression across the group, considering the group as a population. |