[英]sql query help using distinct and count()
I have a table containing firewall logs.我有一个包含防火墙日志的表。 I'm trying to form a query which will give me a descending report of all connections for past X number of days.我正在尝试形成一个查询,它将为我提供过去 X 天所有连接的降序报告。
This is the query I have so far:这是我到目前为止的查询:
select distinct ip_saddr,oob_time_sec,count(*) as cnt
from ulog
where (oob_prefix like '%INPUT%' and oob_time_sec >= '$phpdays')
group by ip_saddr
order by cnt desc;
table
-----------------------------------------------------------------
ip_saddr = ip address
oob_time_sec = time since unix epoch in seconds
ulog = database table
oob_prefix = string from firewall entry (INPUT_x/OUTPUT_x traffic)
Would like to know if this query looks sane (I'm an Admin wearing a programmer hat, so not too sure).想知道这个查询是否正常(我是一名戴着程序员帽子的管理员,所以不太确定)。
Thanks!谢谢!
In my view your Query is right and Proper.在我看来,您的查询是正确和正确的。
Looks fine to me but I think the LIKE
should be like对我来说看起来不错,但我认为LIKE
应该是
oob_prefix like 'INPUT%'
since oob_prefix
has INPUT_x
因为oob_prefix
有INPUT_x
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.