I've tried this, which I guess works in SQL but doesn't work in SWQL:
SELECT NodeId, CveId, Id, max(Score) as maxscore, Severity, Description
FROM Orion.SecObs.Vulnerabilities.LastMatching.Result
GROUP by NodeId
I get the following error:
SolarWinds.Data.Query.Processor.SemanticChecker - SWQL Studio (null) Column CveId is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause. Query: SELECT [NodeId], [CveId], [Id], max([Score]) AS maxscore, [Severity], [Description], [State], [FirstMatchTime], [LastMatchTime], [StateChange], [Comment], [IsVulnerableState], [CveLink], [DisplayName], [InstanceType], [Uri], [InstanceSiteId]
FROM [Orion.SecObs.Vulnerabilities.LastMatching].[Result]
GROUP BY [NodeId]
RETURN XML Raw
I see a similar error for every column i'm interested in seeing
What is wrong?