cancel
Showing results for 
Search instead for 
Did you mean: 
hok
Level 7
Report Inappropriate Content
Message 1 of 2

How to check event counts within ESM, Receiver, ACE by nsql command?

Jump to solution

Hi,

Do you know how to count the number of events within SIEM by nsql command?

I think i can access the database of esm by as follows,

nsql /usr/local/ess/data/connect_esm.sql

I want to know how to access the database of receiver and ace, and whick table can i get the event counts.

hok

1 Solution

Accepted Solutions
rth67
Level 12
Report Inappropriate Content
Message 2 of 2

Re: How to check event counts within ESM, Receiver, ACE by nsql command?

Jump to solution

To view the paritions use the following:

To view Event data
  show partitions from alert
To view Flow data
  show partitions from connection
To view Appliance Packet data
  show partitions from packet


To view the Event Counts use the following:

To view event data
  select count(*) from alert
To view flow data
  select count(*) from connection
To view Appliance Packet data
  select count(*) from packet

1 Reply
rth67
Level 12
Report Inappropriate Content
Message 2 of 2

Re: How to check event counts within ESM, Receiver, ACE by nsql command?

Jump to solution

To view the paritions use the following:

To view Event data
  show partitions from alert
To view Flow data
  show partitions from connection
To view Appliance Packet data
  show partitions from packet


To view the Event Counts use the following:

To view event data
  select count(*) from alert
To view flow data
  select count(*) from connection
To view Appliance Packet data
  select count(*) from packet