堆栈内存溢出
  简体   繁体   English

通过另一列SQL中的唯一条目对列进行分组

[英]Group column by unique entries in another column SQL

 原文  2019-08-26 00:54:01       sql/ azure-sql-database

问题描述

I have the following dataset 我有以下数据集

在此处输入图片说明

I would like to query the data to produce a list of unique hostnames per username with the last login time for that record also included. 我想查询数据以生成每个用户名的唯一主机名列表,其中还包含该记录的最后登录时间。 Eg produce the following dataset. 例如,产生以下数据集。

在此处输入图片说明

The goal is to detect users account sharing, and also users with an abnormally large number of host names. 目的是检测用户帐户共享,以及具有异常大量主机名的用户。

I know enough SQL to get myself into trouble but I simply do not write queries often enough to be proficient enough to write this one without blowing half a day on it. 我知道有足够多的SQL会给自己带来麻烦,但是我只是写的查询不够频繁,以至于不能熟练地编写此查询而不会花半天时间。 Can anyone assist? 有人可以协助吗?

We are using Azure SQL (SQL Server), however I can translate answers from another SQL language. 我们正在使用Azure SQL(SQL Server),但是我可以翻译其他SQL语言的答案。

Thank you 谢谢

UPDATE 更新

I have used the following 我已经使用以下 

select username, hostname, max(logintimeutc)
from loginrecords
group by username, hostname

which returns a good dataset, however when I try the following it returns 0 records despite the query above showing multiple usernames against the same hostname 这将返回一个良好的数据集,但是,尽管上面的查询显示了针对同一主机名的多个用户名,但当我尝试以下操作时,它仍返回0条记录 

select username, hostname, max(logintimeutc)
from loginrecords
group by username, hostname
having count(distinct(hostname)) > 1

4 个解决方案

解决方案1
 0  2019-08-26 00:56:11

I would like to query the data to produce a list of unique hostnames per username with the last login time for that record also included. 我想查询数据以生成每个用户名的唯一主机名列表,其中还包含该记录的最后登录时间。

I think you just want group by : 我认为您只想group by以下方式group by 

select username, hostname, max(logintimeutc)
from t
group by username, hostname;

解决方案2
 0  2019-08-26 01:00:07

you can use row_number() for this. 您可以为此使用row_number()。 

select * from table1 t1
inner join
    (select row_number() over (partition by HostName, UserName order by LoginTimeUTC desc) as rn, UserName
            ,LoginTimeUTC, HostName from table1) as t2
on t2.UserName = t1.UserName and t2.LoginTimeUTC = t2.LoginTimeUTC and t2.HostName = t1.HostName
where t2.rn = 1

解决方案3
 0  2019-08-26 05:46:57

If I understand right, 2 results are expected without considering the login time, pls have a try below query: 如果我理解正确,不考虑登录时间就可以得到2个结果,请尝试以下查询: 

select username,hostname,
count(*) over (partition by hostname) as NUMBER_OF_USERS_FOR_THIS_HOST,
count(*) over (partition by username) as NUMBER_OF_HOSTS_FOR_THIS_USER
from loginrecords
group by username, hostname;

解决方案4
 0  2019-08-26 07:41:55

First I created a test environment using the queries below. 首先,我使用以下查询创建了一个测试环境。 It would be nice if you provide these (or textual tabular data) yourself in future questions. 如果您自己在以后的问题中提供这些(或文本表格数据),那将是很好的。 Screenshots with data are very unfriendly for testing purposes. 带有数据的屏幕截图对于测试目的非常不友好。 

CREATE TABLE [LoginRecords] (
    [LoginTimeUTC] SMALLDATETIME,
    [UserName] VARCHAR(5),
    [HostName] VARCHAR(5)
);
GO

INSERT INTO [LoginRecords] VALUES
    ('2019-08-22T09:51:00', 'user1', 'host1'),
    ('2019-08-25T09:31:00', 'user1', 'host2'),
    ('2019-08-30T10:51:00', 'user1', 'host2'),
    ('2019-08-25T09:51:00', 'user2', 'host2'),
    ('2019-08-25T05:51:00', 'user2', 'host3'),
    ('2019-08-30T09:51:00', 'user2', 'host3'),
    ('2019-08-25T09:31:00', 'user3', 'host4'),
    ('2019-08-30T10:51:00', 'user3', 'host4'),
    ('2019-08-25T09:51:00', 'user3', 'host4'),
    ('2019-08-25T05:51:00', 'user3', 'host5'),
    ('2019-08-25T09:51:00', 'user4', 'host6'),
    ('2019-08-25T09:31:00', 'user4', 'host6'),
    ('2019-08-30T10:51:00', 'user4', 'host6'),
    ('2019-08-25T09:51:00', 'user4', 'host7'),
    ('2019-08-30T05:51:00', 'user4', 'host7');
GO

SELECT [LoginTimeUTC], [UserName], [HostName]
FROM [LoginRecords];

Now to your actual issue at hand. 现在到您的实际问题。 I am regarding your last query that does not return your desired results: 我正在考虑您的最后一个查询,该查询未返回您想要的结果: 

select username, hostname, max(logintimeutc)
from loginrecords
group by username, hostname
having count(distinct(hostname)) > 1

Instead of the HAVING-clause, you could add a WHERE-clause to filter only the usernames that are used with multiple hostnames. 除了HAVING子句,您还可以添加WHERE子句以仅过滤与多个主机名一起使用的用户名。 

select username, hostname, max(logintimeutc)
from loginrecords
where username in (select username
                   from loginrecords
                   group by username
                   having count(distinct hostname) > 1)
group by username, hostname

This gives the following results: 得到以下结果: 

username      hostname      (No column name)
user1         host1         22/08/2019 9:51
user1         host2         30/08/2019 10:51
user2         host2         25/08/2019 9:51
user2         host3         30/08/2019 9:51
user3         host4         30/08/2019 10:51
user3         host5         25/08/2019 5:51
user4         host6         30/08/2019 10:51
user4         host7         30/08/2019 5:51

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 SQL Group由一列组成,在另一列中计数条目 - SQL Group by one column, count entries in another SQL:为另一列的唯一条目平均一列的值 - SQL : averaging values on one column for unique entries of another column sql最小值来自一列,另一列唯一的第三列 - sql minimum from one column, unique for another column group by a third 选择列的唯一条目,然后按另一条目的唯一条目过滤 - Select unique entries of column and filter these by unique entries of another one SQL-按唯一列集分组 - SQL - Group by unique column sets SQL - Group By唯一列组合 - SQL - Group By unique column combination 在SQL中使用唯一条目列创建表 - Creating a table in SQL with column of unique entries 如何创建SQL查询以获取另一列的每个GROUP'ed BY值的列的唯一值 - How to create SQL query to get unique values of column for each GROUP'ed BY value of another column GROUP BY 一个 CONCAT 和另一列 SQL - GROUP BY a CONCAT and another column SQL SQL 按列分组但基于另一列分段 - SQL group by an column but segmented based on another column
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM