The make_set aggregation in APL (Axiom Processing Language) is used to collect unique values from a specific column into an array. It is useful when you want to reduce your data by grouping it and then retrieving all unique values for each group. This aggregation is valuable for tasks such as grouping logs, traces, or events by a common attribute and retrieving the unique values of a specific field for further analysis. You can use make_set when you need to collect non-repeating values across rows within a group, such as finding all the unique HTTP methods in web server logs or unique trace IDs in telemetry data.

For users of other query languages

If you come from other query languages, this section explains how to adjust your existing queries to achieve the same results in APL.

Usage

Syntax

make_set(column, [limit])

Parameters

  • column: The column from which unique values are aggregated.
  • limit: (Optional) The maximum number of unique values to return. Defaults to 128 if not specified.

Returns

An array of unique values from the specified column.

Use case examples

In this use case, you want to collect all unique HTTP methods used by each user in the log data.Query
['sample-http-logs']
| summarize make_set(method) by id
Run in PlaygroundOutput
idmake_set_method
user123[‘GET’, ‘POST’]
user456[‘GET’]
This query groups the log entries by id and returns all unique HTTP methods used by each user.
  • make_list: Similar to make_set, but returns all values, including duplicates, in a list. Use make_list if you want to preserve duplicates.
  • count: Counts the number of records in each group. Use count when you need the total count rather than the unique values.
  • dcount: Returns the distinct count of values in a column. Use dcount when you need the number of unique values, rather than an array of them.
  • max: Finds the maximum value in a group. Use max when you are interested in the largest value rather than collecting values.