sum - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-10-13
Category
Administrator Guide
Abstract

Cortex Query Language sum function used with both comp and windowcomp stages.

Syntax
Description

The sum() function is used to return the sum of an integer field over a group of rows. The function syntax and application is based on the preceding stage:

Examples