Good day!
I am new to this forum and just starting with relevance language.
I was wondering if it is possible to modify YUM transaction history relevance to show only when the last update command was issued (last patch time and time stamp is what I need). The standard relevance which I include below gives too much information. Thank you very much for looking and for helping me.
if
(
(
exists file "/etc/centos-release"
whose
(
exists line
whose
(
exists match
(
regex “CentOS Linux release 8”
)
of it
)
of it
)
)
OR
(
exists file "/etc/redhat-release"
whose
(
exists line
whose
(
exists match
(
regex “Red Hat Enterprise Linux release 8”
)
of it
)
of it
)
)
)
then
(
if
(
exists setting "_BESClient_Yum_UseYumHistoryTextFile"
whose
(
value of it = “1”
)
of client
and
exists file “/var/opt/BESClient/EDRDeployData/YumHistory”
)
then
lines of file "/var/opt/BESClient/EDRDeployData/YumHistory"
else
(
it as string
)
of rows of statement
(
“SELECT t1.id || ‘|~|’ || DATETIME(t1.dt_begin,‘unixepoch’,‘localtime’) || ‘|~|’ || SUBSTR(COALESCE(t1.cmdline,’’),0,800) || ‘|~|’ || COALESCE(t1.state, ‘’) || ‘|~|’ || t1.rpmdb_version_begin || ‘|~|’ || COALESCE(t1.rpmdb_version_end, ‘’) || ‘|~|0’ || ‘|~|0’ || ‘|~|0’ || ‘|~|0’ from trans as t1 ORDER BY t1.id DESC LIMIT 21;”
)
of sqlite database of file
(
item 0 of
(
pathnames of find files “history.sqlite” of it, it
)
whose
(
not exist
(
item 0 of it, pathnames of find files “history.sqlite” of item 1 of it
)
whose
(
item 0 of it < item 1 of it
)
)
of folder “/var/lib/dnf”
)
)
else
(
if
(
exists setting "_BESClient_Yum_UseYumHistoryTextFile"
whose
(
value of it = “1”
)
of client
and
exists file “/var/opt/BESClient/EDRDeployData/YumHistory”
)
then
lines of file "/var/opt/BESClient/EDRDeployData/YumHistory"
else
(
it as string
)
of rows of statement
(
"SELECT t1.tid || ‘|~|’ || DATETIME(t1.timestamp,‘unixepoch’,‘localtime’) || ‘|~|’ || SUBSTR(COALESCE(t4.cmdline,’’),0,800) || ‘|~|’ || COALESCE(replace(group_concat(distinct t3.state),’,’,’ '), ‘’) || ‘|~|’ || COUNT(t3.tid) || ‘|~|’ || t1.rpmdb_version || ‘|~|’ || COALESCE(t2.rpmdb_version, ‘’) || ‘|~|’ || COALESCE(t2.return_code, ‘*’) || ‘|~|’ || " & "CASE WHEN EXISTS(SELECT * FROM trans_script_stdout WHERE tid = t1.tid) THEN 1 ELSE 0 END || ‘|~|’ || CASE WHEN EXISTS(SELECT * FROM trans_rpmdb_problems WHERE tid = t1.tid) THEN 1 ELSE 0 END || ‘|~|’ || CASE WHEN EXISTS(SELECT * FROM trans_skip_pkgs WHERE tid = t1.tid) THEN 1 ELSE 0 END AS yum_history FROM trans_beg AS t1 " & “LEFT JOIN trans_end AS t2 ON t1.tid = t2.tid LEFT JOIN trans_data_pkgs AS t3 ON t1.tid = t3.tid AND t3.state IN (‘True-Install’,‘Dep-Install’,‘Install’,‘Update’,‘Erase’,‘Reinstall’,‘Downgrade’,‘Obsoleted’,‘Obsoleting’) LEFT JOIN trans_cmdline AS t4 ON t1.tid = t4.tid GROUP BY t1.tid ORDER BY t1.tid DESC LIMIT 21;”
)
of sqlite database of file
(
item 0 of
(
pathnames of find files “history-???-??-??.sqlite” of it, it
)
whose
(
not exist
(
item 0 of it, pathnames of find files “history-???-??-??.sqlite” of item 1 of it
)
whose
(
item 0 of it < item 1 of it
)
)
of folder “/var/lib/yum/history”
)
)