Table of Contents
Advertisement
Using the Order By
Clause
The output includes:
----------------------------------
| sourceIP
----------------------------------
| 64.124.201.151 | 4282590.0
| 10.105.2.10
| 10.103.70.243
| 10.103.77.143
| 10.105.32.29
| 10.105.96.148
| 10.103.73.206
----------------------------------
However, if you compare this information to a non-aggregate query, the output
displays all the IP addresses that are unique:
select sourceIP, sourceBytes from flows where sourceBytes >
1000000
------------------------------
| sourceIP
------------------------------
| 64.124.201.151 | 1448629
| 10.105.2.10
| 10.103.70.243
| 10.103.77.143
| 10.105.32.29
| 10.105.96.148
| 64.124.201.151 | 2833961
| 10.105.2.10
| 10.103.73.206
| 10.103.70.243
| 10.105.32.29
| 10.103.77.143
| 10.105.96.148
------------------------------
In addition to the SUM operator, the MIN, MAX, and AVG arithmetic aggregation
functions are also supported.
You can add a single
one field can be used in the
between ascending or descending by appending the
clause, respectively. By default, the query returns results in descending
order by
order.
AQL Event and Flow Query CLI Guide
| SUM_sourceBytes |
| 4902509.0
| 2802715.0
| 3313370.0
| 2467183.0
| 8325356.0
| 1629768.0
| sourceBytes |
|
| 2412426
|
| 1793095
|
| 1449148
|
| 1097523
|
| 4096834
|
|
| 2490083
|
| 1629768
|
| 1009620
|
| 1369660
|
| 1864222
|
| 4228522
|
clause to the end of your AQL CLI query. Only
order by
clause. Also, sorting can be switched
order by
Using the Order By Clause
|
|
|
|
|
|
|
or
keyword to the
asc
desc
11
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series
Need help?
Do you have a question about the SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE and is the answer not in the manual?
Questions and answers