Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

Database column that show attack

Created: 31 Jul 2014 • Updated: 31 Jul 2014 | 1 comment
This issue has been solved. See solution.

I am attempting to construct an MS SQL query that displays Network Threat Protection Attacks. What column displays whether the traffic is considered an attack, I cannot find this anywhere in the schema.

Here is the SQL query I have so far (displays for the past 24 hours)

SELECT
    CAST (DATEADD(SECOND, dbo.AGENT_TRAFFIC_LOG_1.TIME_STAMP /1000 + 8*60*60, '19700101') AS VARCHAR(50)) as Date_and_Time,
    dbo.V_SEM_COMPUTER.COMPUTER_NAME, dbo.V_SEM_COMPUTER.IP_ADDR1_TEXT, TRAFFIC_DIRECTION
FROM
    dbo.AGENT_TRAFFIC_LOG_1,  dbo.V_SEM_COMPUTER
WHERE
    dbo.AGENT_TRAFFIC_LOG_1.TIME_STAMP > DATEDIFF(second, '19700101', DATEADD(day, -1, GETDATE()))  * CAST(1000 as bigint)
    and dbo.V_SEM_COMPUTER.COMPUTER_ID = dbo.AGENT_TRAFFIC_LOG_1.COMPUTER_ID
ORDER BY Date_and_Time DESC

Operating Systems:

Comments 1 CommentJump to latest comment

Sonihal's picture

I figured it out, everything is included in dbo.AGENT_SECURITY_LOG_1

SOLUTION