Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Utility Functions - top

Table of contents
  1. top


  • top N or top N by term2

Sort by count() in descending order.

top 10 source   // top 10 sources by count
top 1 source by tag   // top 1 source for each tag


let {ClientIP}=f("@fields")
aggregate count=count() by ClientIP
top 10 ClientIP

This example has the same result with the one of sort. If use the top command, you don’t need the aggregation sentence to count the “ClientIP”. Without a by after top, the order is determined by the count by default.