'interval' function in Measure command should support all statistical/aggregation functions (Max/Min/Avg/Sum) not just count
Interval function is supported only of grouping Date/Time fields and works with only count() aggregation function. This makes the use of interval function very limited. For example if you want to create query that will show certain results for every hour for the past 12 hours for multiple of objects you can't.
Example of this:
Type:WireData | measure count() by ApplicationServiceName interval 1HOUR
In order to achieve such results you will have to create query for every ApplicationServiceName like this:
Type:WireData (ApplicationServiceName=http) | measure count() by TimeGenerated interval 1HOUR
Additionally if you want to see the traffic for every hour like this:
Type:WireData (ApplicationServiceName=http) | measure sum(TotalBytes) by TimeGenerated interval 1HOUR
is also not possible.
As you can see this limitation prevents making more advanced queries to analyze trends
Yes this is a current limitation of the language and it’s documented.
Would love it to do more as well… see where it lands in prioritization.