CREATE DATABASE IF NOT EXISTS log_db;

connect log_db;

CREATE TABLE IF NOT EXISTS syscall (
	id				INTEGER		NOT NULL		AUTO_INCREMENT,
	description		TEXT		NULL,
	PRIMARY KEY (id) 
);


CREATE TABLE IF NOT EXISTS connection (
	parent			INTEGER			NOT NULL,
	id				INTEGER			NOT NULL	AUTO_INCREMENT,
	type			INTEGER			NOT NULL,
	source_ip		CHAR(40)	 	NOT NULL,
	source_port		INTEGER 		NOT NULL,
	dest_ip			CHAR(40)	 	NOT NULL,
	dest_port		INTEGER			NOT NULL,
	
	PRIMARY KEY (id)
);


CREATE TABLE IF NOT EXISTS target (
	parent			INTEGER			NOT NULL,
	id				INTEGER			NOT NULL 	AUTO_INCREMENT,		
	uid				INTEGER			NOT NULL,
	rid				INTEGER			NOT NULL,
	sid				INTEGER			NOT NULL,
	
	PRIMARY KEY (id)
);


CREATE TABLE IF NOT EXISTS io (
	parent			INTEGER			NOT NULL,
	id				INTEGER			NOT NULL	AUTO_INCREMENT,
	fd				INTEGER			NOT NULL,
	new_fd			INTEGER			NULL,
	count			INTEGER			NOT NULL,
	data			BLOB			NULL,
	
	PRIMARY KEY (id)
);


CREATE TABLE IF NOT EXISTS killed (
	parent			INTEGER			NOT NULL,
	id				INTEGER			NOT NULL	AUTO_INCREMENT,
	pid				INTEGER			NOT NULL,	
	sig				INTEGER			NOT NULL,
	
	PRIMARY KEY (id)
);


CREATE TABLE IF NOT EXISTS dup (
	parent			INTEGER			NOT NULL,
	id				INTEGER			NOT NULL	AUTO_INCREMENT,
	oldfd	 		INTEGER			NULL,
	newfd			INTEGER			NULL,
	cmd             INTEGER         NULL,
	arg             INTEGER         NULL,
	
	PRIMARY KEY (id)
);


CREATE TABLE IF NOT EXISTS exec (
	parent			INTEGER			NOT NULL,
	id				INTEGER			NOT NULL	AUTO_INCREMENT,
	args			TEXT			NULL,
	clone_flags		INTEGER			NULL,
	
	PRIMARY KEY (id)
);


CREATE TABLE IF NOT EXISTS proc_count (
	pid				INTEGER			NOT NULL,
	count			INTEGER			NOT NULL,

	PRIMARY KEY (pid)
);


CREATE TABLE IF NOT EXISTS event (
	id				INTEGER			NOT NULL 	AUTO_INCREMENT,
	event_class		INTEGER			NOT NULL,
	syscall			INTEGER			NOT NULL,
	date			BIGINT			NOT NULL,
	
	u_id			INTEGER			NOT NULL,
	eu_id			INTEGER			NOT NULL,
	g_id			INTEGER			NOT NULL,
	eg_id			INTEGER			NOT NULL,
	t_id			INTEGER			NULL,
	
	pid				INTEGER			NOT NULL,
	ppid			INTEGER			NOT NULL,
	name			VARCHAR(16)		NOT NULL,
	
	rc				INTEGER			NOT NULL,
	
	source_path		TEXT			NULL,
	dest_path		TEXT			NULL,
	pwd				TEXT			NULL,
	mode			INTEGER			NULL,
	attributes		INTEGER			NULL,
	new_owner		INTEGER			NULL,
	new_group		INTEGER			NULL,
		
	args			TEXT			NULL,

	PRIMARY KEY (id)
);


CREATE TABLE IF NOT EXISTS errors (
	id				INTEGER			NOT NULL		AUTO_INCREMENT,
	date			BIGINT			NOT NULL,
	msg				TEXT			NULL,
	sql				BLOB			NOT NULL,
	
	PRIMARY KEY (id)
);