From 947e23d67f85727a3d37371ead58e9077b94422c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Barto=C5=A1?= <bartos@cesnet.cz>
Date: Wed, 11 Apr 2018 16:08:35 +0200
Subject: [PATCH] Fixed bugs in kippo connector

- It didn't work with newer MySQL versions
- Fixed timezone conversions
---
 .../contrib/connectors/hp-kippo/warden3-kippo-sender.py   | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py b/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py
index 962efa2..fef1c3a 100755
--- a/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py
+++ b/warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py
@@ -93,13 +93,13 @@ def main():
   crs = con.cursor()
 
   events = []
-  query =  "SELECT UNIX_TIMESTAMP(CONVERT_TZ(s.starttime, '+00:00', @@global.time_zone)) as starttime, s.ip, COUNT(s.id) as attack_scale, sn.ip as sensor \
+  query =  "SELECT MIN(UNIX_TIMESTAMP(s.starttime)) as starttime, s.ip, COUNT(s.id) as attack_scale, sn.ip as sensor \
             FROM sessions s \
             LEFT JOIN sensors sn ON s.sensor=sn.id \
-            WHERE s.starttime > DATE_SUB(UTC_TIMESTAMP(), INTERVAL + %s SECOND) \
-            GROUP BY s.ip ORDER BY s.starttime ASC;"
+            WHERE s.starttime > DATE_SUB(CURRENT_TIMESTAMP(), INTERVAL + %s SECOND) \
+            GROUP BY s.ip, sn.ip ORDER BY starttime ASC;"
 
-  crs.execute(query, awin)
+  crs.execute(query, (awin,))
   rows = crs.fetchall()
   for row in rows:
     dtime = format_timestamp(row['starttime'])
-- 
GitLab