Repo sync for protected branch

data-explorer/kusto/query/arg-max-aggregation-function.md

@@ -3,7 +3,7 @@ title:  arg_max() (aggregation function)
 description: Learn how to use the arg_max() aggregation function to find a row in a table that maximizes the input expression.
 ms.reviewer: alexans
 ms.topic: reference
-ms.date: 11/11/2024
+ms.date: 01/15/2025
 ---
 # arg_max() (aggregation function)
 
@@ -37,7 +37,9 @@ Returns a row in the table that maximizes the specified expression *ExprToMaximi
 
 ## Examples
 
-Find the maximum latitude of a storm event in each state.
+### Find maximum latitude
+
+The following example finds the maximum latitude of a storm event in each state.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -49,6 +51,8 @@ StormEvents
 | summarize arg_max(BeginLat, BeginLocation) by State
 ```
 
+**Output**
+
 The results table displays only the first 10 rows.
 
 | State                | BeginLat | BeginLocation        |
@@ -65,9 +69,11 @@ The results table displays only the first 10 rows.
 | TEXAS                | 36.4607  | DARROUZETT           |
 | ...             | ...    | ...            |
 
-Find the last time an event with a direct death happened in each state, showing all the columns.
+### Find last state fatal event
+
+The following example finds the last time an event with a direct death happened in each state, showing all the columns.
 
-The query first filters the events to only include those where there was at least one direct death. Then the query returns the entire row with the most recent StartTime.
+The query first filters the events to include only those events where there was at least one direct death. Then the query returns the entire row with the most recent `StartTime`.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -80,21 +86,25 @@ StormEvents
 | summarize arg_max(StartTime, *) by State
 ```
 
-The results table displays only the first 10 rows and first 3 columns.
+**Output**
+
+The results table displays only the first 10 rows and first three columns.
 
-| State          | StartTime            | EndTime              | ... |
-| -------------- | -------------------- | -------------------- | --- |
-| GUAM           | 2007-01-27T11:15:00Z | 2007-01-27T11:30:00Z | ... |
-| MASSACHUSETTS  | 2007-02-03T22:00:00Z | 2007-02-04T10:00:00Z | ... |
+| State | StartTime | EndTime | ... |
+|--|--|--|--|
+| GUAM | 2007-01-27T11:15:00Z | 2007-01-27T11:30:00Z | ... |
+| MASSACHUSETTS | 2007-02-03T22:00:00Z | 2007-02-04T10:00:00Z | ... |
 | AMERICAN SAMOA | 2007-02-17T13:00:00Z | 2007-02-18T11:00:00Z | ... |
-| IDAHO          | 2007-02-17T13:00:00Z | 2007-02-17T15:00:00Z | ... |
-| DELAWARE       | 2007-02-25T13:00:00Z | 2007-02-26T01:00:00Z | ... |
-| WYOMING        | 2007-03-10T17:00:00Z | 2007-03-10T17:00:00Z | ... |
-| NEW MEXICO     | 2007-03-23T18:42:00Z | 2007-03-23T19:06:00Z | ... |
-| INDIANA        | 2007-05-15T14:14:00Z | 2007-05-15T14:14:00Z | ... |
-| MONTANA        | 2007-05-18T14:20:00Z | 2007-05-18T14:20:00Z | ... |
-| LAKE MICHIGAN  | 2007-06-07T13:00:00Z | 2007-06-07T13:00:00Z | ... |
-|... | ... | ...| ... |
+| IDAHO | 2007-02-17T13:00:00Z | 2007-02-17T15:00:00Z | ... |
+| DELAWARE | 2007-02-25T13:00:00Z | 2007-02-26T01:00:00Z | ... |
+| WYOMING | 2007-03-10T17:00:00Z | 2007-03-10T17:00:00Z | ... |
+| NEW MEXICO | 2007-03-23T18:42:00Z | 2007-03-23T19:06:00Z | ... |
+| INDIANA | 2007-05-15T14:14:00Z | 2007-05-15T14:14:00Z | ... |
+| MONTANA | 2007-05-18T14:20:00Z | 2007-05-18T14:20:00Z | ... |
+| LAKE MICHIGAN | 2007-06-07T13:00:00Z | 2007-06-07T13:00:00Z | ... |
+| ... | ... | ... | ... |
+
+### Handle nulls
 
 The following example demonstrates null handling.
 
@@ -125,15 +135,15 @@ datatable(Fruit: string, Color: string, Version: int) [
 
 ## Comparison to max()
 
-The arg_max() function differs from the [max() function](max-aggregation-function.md). The arg_max() function allows you to return additional columns along with the maximum value, and [max()](max-aggregation-function.md) only returns the maximum value itself.
+The arg_max() function differs from the [max() function](max-aggregation-function.md). The arg_max() function allows you to return other columns along with the maximum value, and [max()](max-aggregation-function.md) only returns the maximum value itself.
 
 ### Examples
 
 #### arg_max()
 
 Find the last time an event with a direct death happened, showing all the columns in the table.
 
-The query first filters the events to only include those where there was at least one direct death. Then the query returns the entire row with the most recent (maximum) StartTime.
+The query first filters the events to only include events where there was at least one direct death. Then the query returns the entire row with the most recent (maximum) StartTime.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -156,7 +166,7 @@ The results table returns all the columns for the row containing the highest val
 
 Find the last time an event with a direct death happened.
 
-The query filters events to only include those where there is at least one direct death, and then returns the maximum value for StartTime.
+The query filters events to only include events where there is at least one direct death, and then returns the maximum value for StartTime.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -177,7 +187,8 @@ The results table returns the maximum value of StartTime, without returning othe
 
 ## Related content
 
+* [Aggregation function types at a glance](aggregation-functions.md)
+* [arg_min function](arg-min-aggregation-function.md)
 * [max function](max-aggregation-function.md)
-* [min function](min-aggregation-function.md)
 * [avg function](avg-aggregation-function.md)
 * [percentile function](percentiles-aggregation-function.md)

data-explorer/kusto/query/array-sort-asc-function.md

@@ -3,7 +3,7 @@ title:  array_sort_asc()
 description: Learn how to use the array_sort_asc() function to sort arrays in ascending order.
 ms.reviewer: slneimer
 ms.topic: reference
-ms.date: 08/11/2024
+ms.date: 02/03/2025
 ---
 # array_sort_asc()
 
@@ -32,14 +32,20 @@ Returns the same number of arrays as in the input, with the first array sorted i
 
 `null` is returned for every array that differs in length from the first one.
 
-If an array contains elements of different types, it's sorted in the following order:
+An array which contains elements of different types, is sorted in the following order:
 
 * Numeric, `datetime`, and `timespan` elements
 * String elements
 * Guid elements
 * All other elements
 
-## Example 1 - Sorting two arrays
+## Examples
+
+The examples in this section show how to use the syntax to help you get started.
+
+### Sort two arrays
+
+The following example sorts the initial array, `array1`, in ascending order. It then sorts `array2` to match the new order of `array1`.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -59,17 +65,19 @@ print array_sort_asc(array1,array2)
 |[1,2,3,4,5]|["a","e","b","c","d"]|
 
 > [!NOTE]
-> The output column names are generated automatically, based on the arguments to the function. To assign different names to the output columns, use the following syntax: `... | extend (out1, out2) = array_sort_asc(array1,array2)`
+> The output column names are generated automatically, based on the arguments to the function. To assign different names to the output columns, use the following syntax: `... | extend (out1, out2) = array_sort_asc(array1,array2)`.
+
+### Sort substrings
 
-## Example 2 - Sorting substrings
+The following example sorts a list of names in ascending order. It saves a list of names to a variable, `Names`, which is then splits into an array and sorted in ascending order. The query returns the names in ascending order.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAA8tJLVHwS8xNLVawVVDyys/I0wlILM3RcU/NL0pP1QnKzEvPV7LmygGqCs4vKklNgaktLilKTiyJTywqSqzUAJPxxUAF8YnFyRrFBTmZJRpglToKSjpKmpoQypqroCgzr0ShKLW4NKcEaAiSkQD+ChdoiAAAAA==" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAA8tJLVHwS8xNLVawVVDyys%2FI0wlILM3R8UrMS9XxTsxXsublygEqCc4vKklNgSksLilKTiyJTywqSqzUAJPxxUAF8YnFyRrFBTmZJRpglToKSjpKmpoQCmhQQVFmXolCUWpxaU4J0BQkMwFYffnyhgAAAA%3D%3D" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-let Names = "John,Paul,George,Ringo";
+let Names = "John,Paul,Jane,Kao";
 let SortedNames = strcat_array(array_sort_asc(split(Names, ",")), ",");
 print result = SortedNames
 ```
@@ -78,9 +86,11 @@ print result = SortedNames
 
 |result|
 |---|
-|George,John,Paul,Ringo|
+|Jane,John,Kao,Paul|
 
-## Example 3 - Combining summarize and array_sort_asc
+### Combine summarize and array_sort_asc
+
+The following example uses the `summarize` operator and the `array_sort_asc` function to organize and sort commands by user in chronological order.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -111,46 +121,49 @@ datatable(command:string, command_time:datetime, user_id:string)
 |user2|[<br>  "rm",<br>  "pwd"<br>]|
 
 > [!NOTE]
-> If your data may contain `null` values, use [make_list_with_nulls](make-list-with-nulls-aggregation-function.md) instead of [make_list](make-list-aggregation-function.md).
+> If your data might contain `null` values, use [make_list_with_nulls](make-list-with-nulls-aggregation-function.md) instead of [make_list](make-list-aggregation-function.md).
 
-## Example 4 - Controlling location of `null` values
+### Control location of `null` values
 
 By default, `null` values are put last in the sorted array. However, you can control it explicitly by adding a `bool` value as the last argument to `array_sort_asc()`.
 
-Example with default behavior:
+The following example shows the default behavior:
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAysoyswrUUgsKkqsjC/OLyqJTyxO1kipzEvMzUzWiM4rzcnRUUrKKU1V0lGqTM3JyS8HMtKLUlPzlHRAkrGamgDOvUliQgAAAA==" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAysoyswrUShKLS7NKbFNLCpKrIwvzi8qiU8sTtZIqcxLzM1M1ojOK83J0VFKyilNVdJRqkzNyckvBzLSi1JT85R0QJKxmpoApOe8zkkAAAA%3D" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-print array_sort_asc(dynamic([null,"blue","yellow","green",null]))
+print result=array_sort_asc(dynamic([null,"blue","yellow","green",null]))
 ```
 
 **Output**
 
-|print_0|
+|result|
 |---|
 |["blue","green","yellow",null,null]|
 
-Example with non-default behavior:
+The following example shows nondefault behavior using the `false` parameter, which specifies that nulls are placed at the beginning of the array.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAxXJUQqAIAwA0KvIvhR2owhZtkJYMzYlvH319+DdVrUHMqOZvVnP5CXuU+mqJS46RBA2GQwIk0Xa8+E0ZgX8c00YDhLn9ALNIgvjSQAAAA==" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAxXJUQqAIAwA0KvEvhR2hU4SIctWCGvGpoS3r%2F4evNuKtsnYu7SZzGgkr9YSeQ77ULpKDot2EYRNOgPCYJH6fDiNWQH%2FXCNOB4lzfAFnY7HmUAAAAA%3D%3D" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-print array_sort_asc(dynamic([null,"blue","yellow","green",null]), false)
+print result=array_sort_asc(dynamic([null,"blue","yellow","green",null]), false)
 ```
 
 **Output**
 
-|`print_0`|
+|result|
 |---|
 |[null,null,"blue","green","yellow"]|
 
 ## Related content
 
-To sort the first array in descending order, use [array_sort_desc()](array-sort-desc-function.md).
+* [Aggregation function types at a glance](aggregation-functions.md)
+* [array_sort_desc()](array-sort-desc-function.md)
+* [strcat_array()](strcat-array-function.md)
+

data-explorer/kusto/query/array-sort-desc-function.md

@@ -3,7 +3,7 @@ title:  array_sort_desc()
 description: Learn how to use the array_sort_desc() function to sort arrays in descending order.
 ms.reviewer: slneimer
 ms.topic: reference
-ms.date: 08/11/2024
+ms.date: 02/02/2025
 ---
 # array_sort_desc()
 
@@ -34,14 +34,20 @@ Returns the same number of arrays as in the input, with the first array sorted i
 
 `null` is returned for every array that differs in length from the first one.
 
-If an array contains elements of different types, it's sorted in the following order:
+An array which contains elements of different types, is sorted in the following order:
 
 * Numeric, `datetime`, and `timespan` elements
 * String elements
 * Guid elements
 * All other elements
 
-## Example 1 - Sorting two arrays
+## Examples
+
+The examples in this section show how to use the syntax to help you get started.
+
+### Sort two arrays
+
+The following example sorts the initial array, `array1`, in descending order. It then sorts `array2` to match the new order of `array1`.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -61,17 +67,19 @@ print array_sort_desc(array1,array2)
 |[5,4,3,2,1]|["d","c","b","e","a"]|
 
 > [!NOTE]
-> The output column names are generated automatically, based on the arguments to the function. To assign different names to the output columns, use the following syntax: `... | extend (out1, out2) = array_sort_desc(array1,array2)`
+> The output column names are generated automatically, based on the arguments to the function. To assign different names to the output columns, use the following syntax: `... | extend (out1, out2) = array_sort_desc(array1,array2)`.
+
+## Sort substrings
 
-## Example 2 - Sorting substrings
+The following example sorts a list of names in descending order. It saves a list of names to a variable, `Names`, which is then splits into an array and sorted in descending order. The query returns the names in descending order.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAA8tJLVHwS8xNLVawVVDyys/I0wlILM3RcU/NL0pP1QnKzEvPV7LmygGqCs4vKklNgaktLilKTiyJTywqSqzUAJPxxUAF8SmpxckaxQU5mSUaYKU6Cko6SpqaEMqaq6AoM69EoSi1uDSnBGgKkpkA+RSmRokAAAA=" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAA8tJLVHwS8xNLVawVVDyys%2FI0wlILM3R8UrMS9XxTqzMV7Lm5coBqgnOLypJTYGpLC4pSk4siU8sKkqs1ACT8cVABfEpqcXJGsUFOZklGmClOgpKOkqamhAKaFJBUWZeiUJRanFpTgnQGCRDAeUAGb%2BIAAAA" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-let Names = "John, Paul, George, Ringo";
+let Names = "John,Paul,Jane,Kayo";
 let SortedNames = strcat_array(array_sort_desc(split(Names, ",")), ",");
 print result = SortedNames
 ```
@@ -80,9 +88,11 @@ print result = SortedNames
 
 |result|
 |---|
-|Ringo, Paul, John, George|
+|Paul,Kayo,John,Jane|
 
-## Example 3 - Combining summarize and array_sort_desc
+### Combine summarize and array_sort_desc
+
+The following example uses the `summarize` operator and the `array_sort_asc` function to organize and sort commands by user in descending chronological order.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
@@ -113,46 +123,48 @@ datatable(command:string, command_time:datetime, user_id:string)
 |user2|[<br>  "pwd",<br>  "rm"<br>]|
 
 > [!NOTE]
-> If your data may contain `null` values, use [make_list_with_nulls](make-list-with-nulls-aggregation-function.md) instead of [make_list](make-list-aggregation-function.md).
+> If your data can contain `null` values, use [make_list_with_nulls](make-list-with-nulls-aggregation-function.md) instead of [make_list](make-list-aggregation-function.md).
 
-## Example 4 - Controlling location of `null` values
+### Control location of `null` values
 
-By default, `null` values are put last in the sorted array. However, you can control it explicitly by adding a `bool` value as the last argument to `array_sort_desc()`.
+By default, `null` values are put last in the sorted array. However, you can control it explicitly by adding a `bool` value as the last argument to `array_sort_asc()`.
 
-Example with default behavior:
+The following example shows the default behavior:
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAysoyswrUUgsKkqsjC/OLyqJT0ktTtZIqcxLzM1M1ojOK83J0VFKyilNVdJRqkzNyckvBzLSi1JT85R0QJKxmpoAGsR2QUMAAAA=" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAysoyswrUShKLS7NKbFNLCpKrIwvzi8qiU9JLU7WSKnMS8zNTNaIzivNydFRSsopTVXSUapMzcnJLwcy0otSU%2FOUdECSsZqaAAa5vexKAAAA" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-print array_sort_desc(dynamic([null,"blue","yellow","green",null]))
+print result=array_sort_desc(dynamic([null,"blue","yellow","green",null]))
 ```
 
 **Output**
 
-|`print_0`|
+|result|
 |---|
 |["yellow","green","blue",null,null]|
 
-Example with nondefault behavior:
+The following example shows nondefault behavior using the `false` parameter, which specifies that nulls are placed at the beginning of the array.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/?query=H4sIAAAAAAAAAxXJUQqAIAwA0KvIvhR2owhZukKYM6YS3r76e/BuKzocmdGKvdmImXvyeSnVkvymUwThkMmAsFikPR8uY1bAP/eA7iTpHF4VdlwBSgAAAA==" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAxXJUQqAIAwA0KvIvhR2hU4SIaYrhDVjU8LbV38P3q1VulOywX1JqmlGa9pjIcu%2BTElXzX6VwYyw8yBAmMTcng%2BnEgngn1tAdyQ2Ci%2Bihlo3UQAAAA%3D%3D" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-print array_sort_desc(dynamic([null,"blue","yellow","green",null]), false)
+print result=array_sort_desc(dynamic([null,"blue","yellow","green",null]), false)
 ```
 
 **Output**
 
-|`print_0`|
+|result|
 |---|
 |[null,null,"yellow","green","blue"]|
 
 ## Related content
 
-To sort the first array in ascending order, use [array_sort_asc()](array-sort-asc-function.md).
+* [Aggregation function types at a glance](aggregation-functions.md)
+* [array_sort_asc()](array-sort-asc-function.md)
+* [strcat_array()](strcat-array-function.md)