When I queried "Most Frequent Source Port" from the
home page, I get
to a page that lists ports queried. When I select one
of the source
or destination IPs I get an error from postgres. Have
you seen that?
The error is:
Database ERROR:Database ERROR:ERROR: for SELECT DISTINCT,
ORDER BY expressions must appear in select list
The problem is in the query:
SELECT DISTINCT ip_src, COUNT(acid_event.cid) as
num_events, COUNT( DISTINCT acid_event.sid) as num_sensors,
COUNT( DISTINCT signature ) as num_sig, COUNT( DISTINCT
ip_dst ) as num_dip FROM acid_event WHERE 1 = 1 AND
acid_event.ip_proto= '6' AND ( layer4_sport = '80' )
GROUP BY ip_src ORDER BY sig_name ASC;
You set: 'ORDER BY sig_name', but you didn't put sig_name in
the select part of the query. Also you will need to add it
to group by.
It should be:
SELECT DISTINCT ip_src, sig_name, COUNT(acid_event.cid) as
num_events, COUNT( DISTINCT acid_event.sid) as num_sensors,
COUNT( DISTINCT signature ) as num_sig, COUNT( DISTINCT
ip_dst ) as num_dip FROM acid_event WHERE 1 = 1 AND
acid_event.ip_proto= '6' AND ( layer4_sport = '80' )
GROUP BY sig_name, ip_src ORDER BY sig_name ASC;
Change the $sql variable in base_stat_uaddr.php lines 153, 168.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Logged In: YES
user_id=1208670
The error is:
Database ERROR:Database ERROR:ERROR: for SELECT DISTINCT,
ORDER BY expressions must appear in select list
The problem is in the query:
SELECT DISTINCT ip_src, COUNT(acid_event.cid) as
num_events, COUNT( DISTINCT acid_event.sid) as num_sensors,
COUNT( DISTINCT signature ) as num_sig, COUNT( DISTINCT
ip_dst ) as num_dip FROM acid_event WHERE 1 = 1 AND
acid_event.ip_proto= '6' AND ( layer4_sport = '80' )
GROUP BY ip_src ORDER BY sig_name ASC;
You set: 'ORDER BY sig_name', but you didn't put sig_name in
the select part of the query. Also you will need to add it
to group by.
It should be:
SELECT DISTINCT ip_src, sig_name, COUNT(acid_event.cid) as
num_events, COUNT( DISTINCT acid_event.sid) as num_sensors,
COUNT( DISTINCT signature ) as num_sig, COUNT( DISTINCT
ip_dst ) as num_dip FROM acid_event WHERE 1 = 1 AND
acid_event.ip_proto= '6' AND ( layer4_sport = '80' )
GROUP BY sig_name, ip_src ORDER BY sig_name ASC;
Change the $sql variable in base_stat_uaddr.php lines 153, 168.
Logged In: YES
user_id=1208670
Also have to change the $num_ip var to the correct index of
the result.
Logged In: YES
user_id=836228
I have checked this in for you.... except the num_ip
comment. Not sure what you meant....