execute sql-query-dataset < adom name> <datasetname> <dev/faz> < Start-Time> < End-Time>
Any data that matches that time range will be displayed.
e.g dataset for a user login query
Now if I execute a new ssh login and then query the dataset, it will show this activity in the named dataset.
Querying the dataset directly helps when trouble-shooting reports with no data and to validate data-sets.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment