diff --git a/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py b/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py
index 962efa29112cfcd29afbf7cdd5636913a2f4bdc6..fef1c3a8aa27407c839bb2058106fdc14773a65d 100755
--- a/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py
+++ b/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py
@@ -93,13 +93,13 @@ def main():
   crs = con.cursor()
 
   events = []
-  query =  "SELECT UNIX_TIMESTAMP(CONVERT_TZ(s.starttime, '+00:00', @@global.time_zone)) as starttime, s.ip, COUNT(s.id) as attack_scale, sn.ip as sensor \
+  query =  "SELECT MIN(UNIX_TIMESTAMP(s.starttime)) as starttime, s.ip, COUNT(s.id) as attack_scale, sn.ip as sensor \
             FROM sessions s \
             LEFT JOIN sensors sn ON s.sensor=sn.id \
-            WHERE s.starttime > DATE_SUB(UTC_TIMESTAMP(), INTERVAL + %s SECOND) \
-            GROUP BY s.ip ORDER BY s.starttime ASC;"
+            WHERE s.starttime > DATE_SUB(CURRENT_TIMESTAMP(), INTERVAL + %s SECOND) \
+            GROUP BY s.ip, sn.ip ORDER BY starttime ASC;"
 
-  crs.execute(query, awin)
+  crs.execute(query, (awin,))
   rows = crs.fetchall()
   for row in rows:
     dtime = format_timestamp(row['starttime'])