Hi,
When we query the SEP Database we are getting duplicated hostname when fetching the data. We are using below SQL command to get the report:
==============================================================
select distinct pattern.version'version',pattern.patterndate'pattern_date',
sem_agent.agent_version'agent_version',sem_client.computer_name'computer_name',
sem_computer.operation_system'operating_system',
dateadd(s,convert(bigint,sem_agent.creation_time)/1000,'01-01-1970 00:00:00')'creation_dttm',
dateadd(s,convert(bigint,sem_agent.last_update_time)/1000,'01-01-1970 00:00:00')
'last_update_time',
dateadd(s,convert(bigint,last_scan_time)/1000,'01-01-1970 00:00:00')'last_scan_time',sem_client.user_name'username',
v_sem_computer.ip_addr1_text'ip_address',identity_map.name'group_name'from((((
sem_agent
INNER JOIN sem_client on((sem_agent.computer_id=sem_client.computer_id)
and(sem_agent.domain_id=sem_client.domain_id))and(sem_agent.group_id=sem_client.
group_id))
INNER JOIN sem_computer on((sem_agent.computer_id=sem_computer.
computer_id)and(sem_agent.domain_id=sem_computer.domain_id))and(sem_agent.
deleted=sem_computer.deleted))
INNER JOIN pattern on sem_agent.pattern_idx=pattern.pattern_idx)
INNER JOIN identity_map on sem_client.group_id=identity_map.id)
INNER JOIN v_sem_computer on sem_computer.comp
sem_agent.deleted=0 order by version desc
===================================================================
The above SQL command will display a few duplicated hostnames but the information like IP address, Virus Definition date, and Last_update_time has different information. If we can program the code to remove the duplicates but will retain the entry with the highest last_update_time will probaly resolve the case for duplicate host machines.
Anyone has the same problem as me? how did you go about in changing the SQL command? any help would be appreciated.
Thanks in advance