Hello,
Recently, I developped a function based on a sql query to count the number of virus detected, This works each weekly and monthly, but for example for the month of may, I found a problem : my total count of virus alert between 05/01 and 05/31 is inferior at the addition of my number total of each weeks. So I don't understand. Maybe Symantec delete informations in database.
So if I run my function the 06/01 on the period between 05/01 and 05/31 and I run my function today 06/10, my number of virus detected is different on the same period.
I used this sql query :
SELECT IDX, ALERTS.ALERTDATETIME, ALERTS.ALERTINSERTTIME, ALERTS.ALERTENDDATETIME, USER_NAME, SOURCE, NOOFVIRUSES, FILEPATH, DESCRIPTION, V_SEM_COMPUTER.COMPUTER_NAME, VIRUS.VIRUSNAME, SOURCE_COMPUTER_NAME, SOURCE_COMPUTER_IP, V_GROUPS.NAME FROM ALERTS INNER JOIN V_SEM_COMPUTER ON COMPUTER_IDX = COMPUTER_ID INNER JOIN VIRUS ON ALERTS.VIRUSNAME_IDX = VIRUS.VIRUSNAME_IDX INNER JOIN V_GROUPS ON ALERTS.CLIENTGROUP_IDX = V_GROUPS.ID INNER JOIN Actualaction A1 on ALERTS.Actualaction_idx = A1.Actualaction_idx INNER JOIN Actualaction A2 on ALERTS.Requestedaction_idx = A2.Actualaction_idx INNER JOIN Actualaction A3 on ALERTS.Secondaryaction_Idx = A3.Actualaction_idx WHERE VIRUSNAME > ''" order by ALERTDATETIME
I do the traitment of period directly by my code.
If someone can explain me the operation of Symantec to the detection of virus ?
Regards,
Mathi64