This commit is contained in:
29
main.go
29
main.go
@@ -2126,22 +2126,32 @@ func eventListSummary(ev EventRow) string {
|
||||
}
|
||||
|
||||
func (s *server) listSOCRecentIncidents(ctx context.Context, limit int) ([]SOCRecentIncidentRow, error) {
|
||||
if limit <= 0 || limit > 500 {
|
||||
limit = 50
|
||||
}
|
||||
|
||||
rows, err := s.db.QueryContext(ctx, `
|
||||
SELECT id, created_at, rule_name, severity, status, hostname, summary
|
||||
FROM (
|
||||
SELECT id, created_at, rule_name, severity, status, hostname, summary
|
||||
FROM detections
|
||||
WHERE status IN ('open', 'investigating', 'confirmed_incident')
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ?
|
||||
FROM (
|
||||
SELECT id, created_at, rule_name, severity, status, hostname, summary
|
||||
FROM detections
|
||||
WHERE status IN ('open', 'investigating', 'confirmed_incident')
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ?
|
||||
) s
|
||||
|
||||
UNION DISTINCT
|
||||
UNION
|
||||
|
||||
SELECT id, created_at, rule_name, severity, status, hostname, summary
|
||||
FROM detections
|
||||
WHERE severity IN ('high', 'critical')
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ?
|
||||
FROM (
|
||||
SELECT id, created_at, rule_name, severity, status, hostname, summary
|
||||
FROM detections
|
||||
WHERE severity IN ('high', 'critical')
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ?
|
||||
) sev
|
||||
) x
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ?
|
||||
@@ -2165,6 +2175,7 @@ LIMIT ?
|
||||
); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
r.CreatedAt = normalizeTime(r.CreatedAt)
|
||||
out = append(out, r)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user