Last active
September 30, 2024 06:17
-
-
Save lawliet89/f4687422afcc39ab19cad596975b6e90 to your computer and use it in GitHub Desktop.
Security Lake Athena Queries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Number of entries per bucket for the past 7 days | |
| with dataset as ( | |
| SELECT json_extract_scalar(api.request.data, '$.bucketName') as bucketName, * FROM amazon_security_lake_table_ap_southeast_1_s3_data_2_0 | |
| WHERE accountid = '123459012' | |
| ) | |
| SELECT bucketName, count(bucketName) as numberOfRecords FROM dataset | |
| WHERE time_dt BETWEEN CURRENT_TIMESTAMP - INTERVAL '7' DAY AND CURRENT_TIMESTAMP | |
| group by bucketName | |
| ORDER BY numberOfRecords desc |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment