sum() (aggregation function)
Applies to: ✅ Azure Data Explorer ✅ Azure Monitor ✅ Microsoft Sentinel
Calculates the sum of expr across the group.
Null values are ignored and don't factor into the calculation.
Note
This function is used in conjunction with the summarize operator.
Syntax
sum(
expr)
Learn more about syntax conventions.
Parameters
Name | Type | Required | Description |
---|---|---|---|
expr string | ✔️ | The expression used for the aggregation calculation. |
Returns
Returns the sum value of expr across the group.
Example
This example returns the total number of deaths by state.
StormEvents
| summarize EventCount=count(), TotalDeathCases = sum(DeathsDirect) by State
| sort by TotalDeathCases
Output
The results table shown includes only the first 10 rows.
State | event_count | TotalDeathCases |
---|---|---|
TEXAS | 4701 | 71 |
FLORIDA | 1042 | 57 |
CALIFORNIA | 898 | 48 |
ILLINOIS | 2022 | 29 |
ALABAMA | 1315 | 29 |
MISSOURI | 2016 | 20 |
NEW YORK | 1750 | 19 |
KANSAS | 3166 | 17 |
GEORGIA | 1983 | 17 |
TENNESSEE | 1125 | 17 |
... | ... | ... |