I am using this query to display what I want in workbook, but I want to have individual tiles with their values respectively for very high, high, medium, etc. But when I write this query and turn on tiles in visualization, it wont give me options to create tile for each of the variable in tile settings. What can I do to achieve this?
InALogs_CL
| summarize VeryHigh=count(risk_level_s=="very-high" or risk_assessment_risk_level_s=="very-high"), High=count(risk_level_s=="high" or risk_assessment_risk_level_s=="high"), Medium=count(risk_level_s=="medium" or risk_assessment_risk_level_s=="medium"), Low=count(risk_level_s=="low" or risk_assessment_risk_level_s=="low"), VeryLow=count(risk_level_s=="very-low" or risk_assessment_risk_level_s=="very-low"), None=count(risk_level_s=="none" or risk_assessment_risk_level_s=="none")
I got the answer, I had to use datatable for those values to get converted into a separate table so that every severity category can be detected in tiles settings.
datatable (Count: long, status: string) [0, "Very High", 0, "High", 0, "Medium", 0, "Low", 0, "Very Low", 0, "None"]
| union
(
InALogs_CL
| extend status = case(
risk_level_s == "very-high" or risk_assessment_risk_level_s
== "very-high", "Very High",
risk_level_s == "high" or risk_assessment_risk_level_s
== "high", "High",
risk_level_s == "medium" or risk_assessment_risk_level_s
== "medium", "Medium",
risk_level_s == "low" or risk_assessment_risk_level_s
== "low", "Low",
risk_level_s == "very-low" or risk_assessment_risk_level_s
== "very-low", "Very Low",
risk_level_s == "none" or risk_assessment_risk_level_s
== "none", "None",
"True"
)
| where status != "True"
| summarize Count = count() by status
)
| summarize Count=sum(Count) by status