sycobuny · April 16, 2013 17:24
diff --git a/alerts.sql b/alerts.sql
 WITH params AS (SELECT '192.168.1.1' AS ip,
                       '2012-12-31'  AS min_date)
  SELECT a.id,
         a.server_id,
         a.rule_id,
         ('1970-01-01'::timestamp + (a.timestamp::text || ' seconds')::interval) AS timestamp,
         a.location_id,
         integer_to_inet(a.src_ip) AS src_ip,
         integer_to_inet(a.dst_ip) AS dst_ip,
         CASE WHEN a.src_port = 0 THEN NULL ELSE a.src_port END AS src_port,
         CASE WHEN a.dst_port = 0 THEN NULL ELSE a.dst_port END AS dst_port,
         SUBSTRING(a.alertid FROM 1 FOR 20),
         d.user,
         d.full_log
    FROM alert a INNER JOIN
         data d ON
         a.id = d.id
    WHERE src_ip = inet_to_integer((SELECT ip::text::inet FROM params)) AND
          timestamp <= EXTRACT(EPOCH FROM (SELECT min_date::text::date FROM params))::integer
    LIMIT 50;
	WITH params AS (SELECT '192.168.1.1' AS ip,
	'2012-12-31' AS min_date)
	SELECT a.id,
	a.server_id,
	a.rule_id,
	('1970-01-01'::timestamp + (a.timestamp::text \|\| ' seconds')::interval) AS timestamp,
	a.location_id,
	integer_to_inet(a.src_ip) AS src_ip,
	integer_to_inet(a.dst_ip) AS dst_ip,
	CASE WHEN a.src_port = 0 THEN NULL ELSE a.src_port END AS src_port,
	CASE WHEN a.dst_port = 0 THEN NULL ELSE a.dst_port END AS dst_port,
	SUBSTRING(a.alertid FROM 1 FOR 20),
	d.user,
	d.full_log
	FROM alert a INNER JOIN
	data d ON
	a.id = d.id
	WHERE src_ip = inet_to_integer((SELECT ip::text::inet FROM params)) AND
	timestamp <= EXTRACT(EPOCH FROM (SELECT min_date::text::date FROM params))::integer
	LIMIT 50;