1 Reply Latest reply on Dec 4, 2013 1:57 PM by rth67

    How to check event counts within ESM, Receiver, ACE by nsql command?

    hok

      Hi,

       

      Do you know how to count the number of events within SIEM by nsql command?

      I think i can access the database of esm by as follows,

       

      nsql /usr/local/ess/data/connect_esm.sql

       

      I want to know how to access the database of receiver and ace, and whick table can i get the event counts.

       

      hok

        • 1. Re: How to check event counts within ESM, Receiver, ACE by nsql command?
          rth67

          To view the paritions use the following:

          To view Event data
            show partitions from alert
          To view Flow data
            show partitions from connection
          To view Appliance Packet data
            show partitions from packet


          To view the Event Counts use the following:

          To view event data
            select count(*) from alert
          To view flow data
            select count(*) from connection
          To view Appliance Packet data
            select count(*) from packet