Hi, is it possible to aggregate another aggregation? My goal is to get the average time for the maximum and minimum time. But since there’s a limitation I’m not getting the correct result. Is there any workaround to get avg?
Page 1 / 1
There are some good video clips out there that cover using stats in search that could help here:
Google SecOps: Getting Started with Statistical Search
Google SecOps: Statistical Search - More Than a Count
Google SecOps: Statistical Functions - Mean and Mode
Google SecOps: Statistical Functions - Median
Google SecOps: Statistical Functions - Standard Deviation and Variance
Hi
A release on August 05 2025 now supports Layer aggregation - which may be what you’re interested in.
Ref: https://cloud.google.com/chronicle/docs/release-notes#August_05_2025
Kind Regards,
[removed by moderator]
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.