Skip to content

Instantly share code, notes, and snippets.

@ryanhs

ryanhs/create_table.sql

Created January 9, 2024 17:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ryanhs/73dadfca976bc8802bd6d09c860e2f96 to your computer and use it in GitHub Desktop.
Save ryanhs/73dadfca976bc8802bd6d09c860e2f96 to your computer and use it in GitHub Desktop.
Download ZIP
twingate athena
Raw
create_table.sql
CREATE EXTERNAL TABLE twingate_logs (
`event_type` string,
`event` struct<
`time`:string,
`action`:string,
`actor`:struct<`type`:string,`id`:string>,
`targets`:array<
struct<
`version`:string,
`type`:string,
`name`:string,
`id`:string,
`role`:string,
`email`:string,
`isAdmin`:boolean,
`isActive`:boolean,
`secureDNSGroupException`:boolean
>
>
>
)
ROW FORMAT serde 'org.openx.data.jsonserde.JsonSerDe'
LOCATION 's3://twingate-admo-reports/';
Raw
example.sql
select
event_type,
event.time,
event.action,
event.targets[1].type who_type,
event.targets[1].name who_name,
event.targets[1].role who_role,
event.targets[1].email who_email,
event.targets[1].isAdmin isAdmin,
event.targets[1].isActive isActive,
case
when cardinality(event.targets) > 1
then event.targets[2].type
else ''
end as "on_type",
case
when cardinality(event.targets) > 1
then event.targets[2].name
else ''
end as "on_name"
from twingate_logs
limit 10
@ryanhs
Copy link
Author

ryanhs commented Jan 9, 2024

still need some work

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment