Forum Discussion
Filter null results
Hi,
I am working on a super simple query to pull MachineName and OSBuild versions.
I would like the query to only return machines where the value of OSBuild is not null.
Here is what I have tried so far:
Try this
MachineInfo
| where isnotnull (OSBuild)
| summarize by ComputerName, OSBuild
I can’t test on the demo site, but using the same with the heartbeat schema gives the results you may be looking for. There is another command, isempty or isnotempty that does similar for string data.
2 Replies
Try this
MachineInfo
| where isnotnull (OSBuild)
| summarize by ComputerName, OSBuild
I can’t test on the demo site, but using the same with the heartbeat schema gives the results you may be looking for. There is another command, isempty or isnotempty that does similar for string data.
TravisRoberts Thank you for your reply! This did the trick.
I didn't come across "isnotnull" in my search for a solution, although I suspect it was staring me in the face.
Is part of the problem that I am dealing with a numerical field as opposed to a string?
I would eventually like to turn this into a statical query where it will group all the OS values together, then give me a count of each.
