1
我在包装我的大脑时遇到了麻烦。该数据是从3个表来(我已经去除了所有不必要的数据可读性更强):Mysql:从多个连接表中选择特定数据
mysql> describe vulnerability;
+---------------+------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+---------------+------------------+------+-----+---------+----------------+
| vuln_id | int(10) unsigned | NO | PRI | NULL | auto_increment |
| severity | int(10) unsigned | NO | | NULL | |
| host_id | int(10) unsigned | NO | MUL | NULL | |
+---------------+------------------+------+-----+---------+----------------+
mysql> describe cve;
+---------+------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+---------+------------------+------+-----+---------+----------------+
| cve_id | int(10) unsigned | NO | PRI | NULL | auto_increment |
| cve | varchar(15) | NO | | NULL | |
| vuln_id | int(10) unsigned | NO | MUL | NULL | |
| year | int(4) unsigned | YES | | NULL | |
+---------+------------------+------+-----+---------+----------------+
mysql> describe host;
+--------------+------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+--------------+------------------+------+-----+---------+----------------+
| host_id | int(10) unsigned | NO | PRI | NULL | auto_increment |
| ip_addr | int(10) unsigned | NO | | NULL | |
+--------------+------------------+------+-----+---------+----------------+
我想输出小于2009年与严重程度是由于有漏洞的主机数量= 3 。年份包含在CVE中,该漏洞与vuln_id FK绑定在一起。该漏洞具有严重性,并与host_id FK绑定在一起。这是我到目前为止:
mysql> select count(distinct ip_addr) from host H
inner join vulnerability V on H.host_id = V.host_id
inner join CVE C on C.vuln_id = V.vuln_id
where V.severity = 3 and C.year < 2009;
+-------------------------+
| count(distinct ip_addr) |
+-------------------------+
| 5071 |
+-------------------------+
这告诉我漏洞比2009年更早的主机的总数,这是一个好的开始。但是,我想更进一步,只包含那些有50个或更多漏洞的主机。我不知道如何做到这一点。主机表中的每个主机条目都有多个相应的漏洞条目。我假设我需要在我的where子句中添加一些内容,但我被卡住了。
在此先感谢。请让我知道是否需要更多信息。
说简单,是吧?谢谢。 – Magicked 2011-03-03 21:26:29