I am attempting to construct an MS SQL query that displays Network Threat Protection Attacks. What column displays whether the traffic is considered an attack, I cannot find this anywhere in the schema.
Here is the SQL query I have so far (displays for the past 24 hours)
SELECT
CAST (DATEADD(SECOND, dbo.AGENT_TRAFFIC_LOG_1.TIME_STAMP /1000 + 8*60*60, '19700101') AS VARCHAR(50)) as Date_and_Time,
dbo.V_SEM_COMPUTER.COMPUTER_NAME, dbo.V_SEM_COMPUTER.IP_ADDR1_TEXT, TRAFFIC_DIRECTION
FROM
dbo.AGENT_TRAFFIC_LOG_1, dbo.V_SEM_COMPUTER
WHERE
dbo.AGENT_TRAFFIC_LOG_1.TIME_STAMP > DATEDIFF(second, '19700101', DATEADD(day, -1, GETDATE())) * CAST(1000 as bigint)
and dbo.V_SEM_COMPUTER.COMPUTER_ID = dbo.AGENT_TRAFFIC_LOG_1.COMPUTER_ID
ORDER BY Date_and_Time DESC