I am trying to get the raw storage data for log source. however, this query is not returning the rawsize correctly, any help is appreciated.

fetch logs
| summarize count(), sum(rawsize), by:`log.source`
| sort `sum(rawsize)` desc