Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies to: ✅ Azure Data Explorer ✅ Azure Monitor ✅ Microsoft Sentinel
Finds the maximum value of the expression in the table.
Note
This function is used in conjunction with the summarize operator.
max(expr)
Learn more about syntax conventions.
| Name | Type | Required | Description |
|---|---|---|---|
| expr | string |
✔️ | The expression for which the maximum value is determined. |
Returns the value in the table that maximizes the specified expression.
Tip
This gives you the max on its own. If you want to see other columns in addition to the max, use arg_max.
This example returns the last record in a table by querying the maximum value for StartTime.
StormEvents
| summarize LatestEvent=max(StartTime)
Output
| LatestEvent |
|---|
| 2007-12-31T23:53:00Z |