Feature #7727
Updated by Pavel Kácha about 1 month ago
Both analysts and managers would benefit from being able to calculate get pivot tables (tables showing table calculated. Pivot table is the table, which shows calculated values for all relations between two atrributes). atrributes. Examples: * Give me the number of events for all the combinations of abuse groups and categories. * Give me the number of the portscan connections for combinations of ports and days in last month. So, in the first case, rows would be the abuse groups, columns would be the categories, cells would contain the numbers of the events bearing both the row's abuse group and column's category. In the second case, query would be run on dataset filtered by category (portscan), rows would be the ports, columns would be days/dates, cells would contain the connection connections sums for particular port and day. Table could be even heatmapped (for example by color coded value backgrounds). (Most All of this should most probably be computable on db, similar to Timeline.) db.