Tweet
Hier mal ein paar Beispielabfragen:
Code:
[COLOR=#000000][FONT=monospace]SELECT COUNT(*) FROM SystemEvents WHERE FromHost like '%%' AND SysLogTag like '%iked%' AND Message like '%%' AND DeviceReportedTime like '%%';[/FONT][/COLOR] [COLOR=#000000][FONT=monospace]SELECT COUNT(*) FROM SystemEvents WHERE FromHost like '%192.168.222.111%' AND SysLogTag like '%sshd%' AND Message like '%%' AND DeviceReportedTime like '%%';[/FONT][/COLOR] [COLOR=#000000][FONT=monospace][COLOR=#000000][FONT=monospace]SELECT COUNT(*) FROM SystemEvents WHERE FromHost like '%192.168.222.111%' AND SysLogTag like '%sshd%' AND Message like '%%' AND DeviceReportedTime like '%2020-05-25%';[/FONT][/COLOR][/FONT][/COLOR] [COLOR=#000000][FONT=monospace][COLOR=#000000][FONT=monospace][COLOR=#000000][FONT=monospace]SELECT * FROM SystemEvents WHERE FromHost like '%SERVER1%' AND SysLogTag like '%iked%' AND Message like '%established%' AND DeviceReportedTime like '%2020-05-24 15:00:00';[/FONT][/COLOR][/FONT][/COLOR][/FONT][/COLOR]
Code:
SELECT DeviceReportedTime, FromHost, SysLogTag, Message FROM SystemEvents WHERE FromHost like '%%' AND SysLogTag like '%%' AND Message like '%%' AND DeviceReportedTime like '2020-05-%' ORDER BY ID DESC LIMIT 100;" ... | 2020-05-25 20:49:38 | 192.168.222.111 | iked | blabla1 | | 2020-05-25 20:50:10 | SERVER1 | sshd | S 2044760468:2044760468(0) win 29200 <mss 1460,sackOK,timestamp 2253946112 0,nop,wscale 7> (DF) | | 2020-05-25 20:15:22 | SERVER1 | CRON | May 25 20:49:31.728457 rule 648/(match) | ...
Kommentar