| 1 | PRAGMA foreign_keys = ON;
|
|---|
| 2 |
|
|---|
| 3 | INSERT OR IGNORE INTO tenants (id, name, owner_email, created_at)
|
|---|
| 4 | VALUES (1, 'test-tenant', 'admin@test.local', datetime('now'));
|
|---|
| 5 |
|
|---|
| 6 | INSERT OR IGNORE INTO users (id, email, name, picture, created_at)
|
|---|
| 7 | VALUES (1, 'admin@test.local', 'Admin User', '', datetime('now'));
|
|---|
| 8 |
|
|---|
| 9 | INSERT OR IGNORE INTO memberships (user_id, tenant_id, role, created_at)
|
|---|
| 10 | VALUES (1, 1, 'admin', datetime('now'));
|
|---|
| 11 |
|
|---|
| 12 | INSERT OR IGNORE INTO environments (name, created_at, tenant_id)
|
|---|
| 13 | VALUES
|
|---|
| 14 | ('default', datetime('now'), 1),
|
|---|
| 15 | ('lab', datetime('now'), 1),
|
|---|
| 16 | ('production', datetime('now'), 1);
|
|---|
| 17 |
|
|---|
| 18 | INSERT OR IGNORE INTO admin_sessions (token, created_at, tenant_id)
|
|---|
| 19 | VALUES
|
|---|
| 20 | ('ADMIN_TEST_TOKEN_1', datetime('now'), 1),
|
|---|
| 21 | ('ADMIN_TEST_TOKEN_2', datetime('now'), 1);
|
|---|
| 22 |
|
|---|
| 23 | INSERT OR IGNORE INTO env_tokens (env_name, token, created_at, expires_at, tenant_id)
|
|---|
| 24 | VALUES
|
|---|
| 25 | ('default', 'ENV_TOKEN_DEFAULT_TEST', datetime('now'), datetime('now', '+15 minutes'), 1),
|
|---|
| 26 | ('lab', 'ENV_TOKEN_LAB_TEST', datetime('now'), datetime('now', '+15 minutes'), 1);
|
|---|
| 27 |
|
|---|
| 28 | INSERT OR IGNORE INTO computers
|
|---|
| 29 | (name, user, ip, os, first_seen, last_seen, sysmon_available, env_name, tenant_id)
|
|---|
| 30 | VALUES
|
|---|
| 31 | ('PC-ADMIN', 'admin', '192.168.1.10', 'Windows 11 Pro',
|
|---|
| 32 | datetime('now','-2 days'), datetime('now'), 1, 'default', 1),
|
|---|
| 33 |
|
|---|
| 34 | ('DEV-LAPTOP', 'developer', '192.168.1.20', 'Ubuntu 22.04',
|
|---|
| 35 | datetime('now','-1 day'), datetime('now'), 1, 'lab', 1),
|
|---|
| 36 |
|
|---|
| 37 | ('OFFICE-PC', 'office_user', '192.168.1.30', 'Windows 10',
|
|---|
| 38 | datetime('now','-5 hours'), datetime('now'), 0, 'production', 1);
|
|---|
| 39 |
|
|---|
| 40 |
|
|---|
| 41 | INSERT INTO computer_history
|
|---|
| 42 | (computer_id, cpu_usage, ram_usage, disk_usage, network_sent_mb, network_recv_mb, timestamp)
|
|---|
| 43 | VALUES
|
|---|
| 44 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 35.5, 60.2, 70.1, 120.5, 98.2, datetime('now','-30 minutes')),
|
|---|
| 45 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 42.0, 63.1, 71.0, 130.0, 102.3, datetime('now','-10 minutes')),
|
|---|
| 46 |
|
|---|
| 47 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='DEV-LAPTOP'), 55.0, 70.4, 65.3, 210.7, 180.9, datetime('now','-20 minutes')),
|
|---|
| 48 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='DEV-LAPTOP'), 60.3, 72.8, 66.0, 220.1, 190.0, datetime('now','-5 minutes'));
|
|---|
| 49 |
|
|---|
| 50 | INSERT INTO computer_processes
|
|---|
| 51 | (computer_id, pid, name, cpu_percent, memory_mb, username, cmdline, timestamp)
|
|---|
| 52 | VALUES
|
|---|
| 53 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 1234, 'chrome.exe', 12.5, 350.2, 'admin',
|
|---|
| 54 | 'C:\Program Files\Google\Chrome\Application\chrome.exe', datetime('now','-15 minutes')),
|
|---|
| 55 |
|
|---|
| 56 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 5678, 'powershell.exe', 5.2, 120.0, 'admin',
|
|---|
| 57 | 'powershell -ExecutionPolicy Bypass', datetime('now','-10 minutes')),
|
|---|
| 58 |
|
|---|
| 59 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='DEV-LAPTOP'), 2222, 'python3', 30.8, 250.4, 'developer',
|
|---|
| 60 | 'python3 client.py', datetime('now','-8 minutes'));
|
|---|
| 61 |
|
|---|
| 62 | INSERT INTO sysmon_events
|
|---|
| 63 | (computer_id, event_id, event_type, message, timestamp, details)
|
|---|
| 64 | VALUES
|
|---|
| 65 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 1, 'Process Create',
|
|---|
| 66 | 'Process created: chrome.exe', datetime('now','-12 minutes'),
|
|---|
| 67 | '{"ProcessName":"chrome.exe","User":"admin"}'),
|
|---|
| 68 |
|
|---|
| 69 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 3, 'Network Connection',
|
|---|
| 70 | 'Outbound connection established', datetime('now','-11 minutes'),
|
|---|
| 71 | '{"DestinationIp":"8.8.8.8","DestinationPort":443}'),
|
|---|
| 72 |
|
|---|
| 73 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='DEV-LAPTOP'), 1, 'Process Create',
|
|---|
| 74 | 'Process created: python3', datetime('now','-7 minutes'),
|
|---|
| 75 | '{"ProcessName":"python3","User":"developer"}');
|
|---|
| 76 |
|
|---|
| 77 | INSERT INTO network_connections
|
|---|
| 78 | (computer_id, pid, local_address, remote_address, status, process_name, timestamp)
|
|---|
| 79 | VALUES
|
|---|
| 80 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 1234,
|
|---|
| 81 | '192.168.1.10:51234', '8.8.8.8:443', 'ESTABLISHED', 'chrome.exe', datetime('now','-10 minutes')),
|
|---|
| 82 |
|
|---|
| 83 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='DEV-LAPTOP'), 2222,
|
|---|
| 84 | '192.168.1.20:40122', '34.117.59.81:80', 'ESTABLISHED', 'python3', datetime('now','-6 minutes'));
|
|---|
| 85 |
|
|---|
| 86 | INSERT INTO security_alerts
|
|---|
| 87 | (computer_id, alert_type, severity, description, timestamp, resolved)
|
|---|
| 88 | VALUES
|
|---|
| 89 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='PC-ADMIN'), 'Suspicious Network Activity', 'HIGH',
|
|---|
| 90 | 'Multiple outbound connections detected', datetime('now','-9 minutes'), 0),
|
|---|
| 91 |
|
|---|
| 92 | ((SELECT id FROM computers WHERE tenant_id=1 AND name='DEV-LAPTOP'), 'High CPU Usage', 'MEDIUM',
|
|---|
| 93 | 'CPU usage exceeded 60%', datetime('now','-5 minutes'), 1);
|
|---|
