The trending_custom_queries.xml file is used to define queries that get executed. Below is the structure of an example ad hoc query in the trending_custom_queries.xml file:
<entry key="AdHoc_NumOfAssetsWithVuln_NumOfUnresolvedVulns_AvgVulnsPer- Asset">
<column name="long1" displayName="Number of Assets"/>
<column name="long2" displayName="Number of Vulnerabilities"/>
<![CDATA[
INSERT INTO agl_trending_adhoc
(trending_type, current_interval, collection_time, long1, long2, long3) SELECT ':TASK_KEY',
:CURRENT_INTERVAL,
current_timestamp(3), asset_count, vuln_count, vuln_count/asset_count
FROM (select count(distinct (asset_id)) asset_count, count(distinct(vul- nerability_id)) vuln_count from agl_asset_to_vulnerability a
WHERE ((a.av_flags & 3) = 2) ) atv_table
]]>
</entry>
The parts of the entry that must be made for each query in the XML file are as follows:
- <entry - This marks the beginning of a trending query entry. The end of the entry is marked by a closing tag "</entry>".
- Key - This is the name given to the query. It will be referred to in the Trend- ingSchedulerConfiguration.xml file and in the trending_type column of the agl_trending_adhoc table.
- <column name - Refers to the column name of the agl_trending_adhoc table. The following are the names of the columns and the possible values: trending_type, current_interval, collection_time, string1, string2, string3, string4, string5, string6, string7, string8, long1, long2, long3, long4, long5, long6, long7, long8, float1, float2, boolean1, and boolean2. This value is currently used to note the column of the database table that is being represented by the type of value indicated by the dis- playName entry
- displayName - Indicates what the values placed in the column the displayName is mapped to rep- resent.
- <![CDATA[- Represents the beginning of the query.
- ]]> - Closing of the CDATA clause.
- </entry> - Closing of the query for the entry.
Queries that are created must conform to the following constraints set by the agl_trending_adhoc table columns:
- 8 string values
- 8 long values
- 2 float values
- 2 boolean values
