Merge pull request #283 from Yamato-Security/281-fix-date

fix: correct date extraction in alert timeline query

Author: YamatoSecurity

CHANGELOG-Japanese.md

@@ -10,6 +10,7 @@
 
 - `automagic`コマンドのパースバグを修正した。 (#278) (@fukusuket)
 - HTMLレポートおよびサーバコマンドのJSON解析における`RecordID`の欠落を処理できるようにした。 (#279) (@fukusuket)
+- `html-server`の日付は、ローカル時間に変更されていた。 (#281) (@fukusuket)
 
 ## 2.14.0 [2025/11/15] - CODE BLUE Release
 

CHANGELOG.md

@@ -10,6 +10,7 @@
 
 - Fixed a parsing bug in the `automagic` command. (#278) (@fukusuket)
 - Handle missing `RecordID` in JSON parsing for HTML report and server commands. (#279) (@fukusuket)
+- Dates in the `html-server` was being converted to local time. (#281) (@fukusuket)
 
 ## 2.14.0 [2025/11/15] - CODE BLUE Release
 

src/takajopkg/htmlReport.nim

@@ -203,7 +203,7 @@ proc htmlReport*(output: string, quiet: bool = false, timeline: string, rulepath
 
     # start analysis timeline
     # obtain datas from SQLite
-    var query = sql"""select rule_title, rule_file, level, level_order, computer, min(datetime(timestamp, 'localtime')) as start_date, max(datetime(timestamp, 'localtime')) as end_date, count(*) as count
+    var query = sql"""select rule_title, rule_file, level, level_order, computer, min(datetime(timestamp)) as start_date, max(datetime(timestamp)) as end_date, count(*) as count
                         from timelines
                         group by rule_title, level, computer
                         order by level_order

src/takajopkg/web/controllers/computers.nim

@@ -82,7 +82,7 @@ proc computer*(ctx: Context) {.async.} =
         let path = getDBPath(ctx)
         let db = open(path , "", "", "")
 
-        var query = """select rule_title, rule_file, level, level_order, computer, min(datetime(timestamp, 'localtime')) as start_date, max(datetime(timestamp, 'localtime')) as end_date, count(*) as count
+        var query = """select rule_title, rule_file, level, level_order, computer, min(datetime(timestamp)) as start_date, max(datetime(timestamp)) as end_date, count(*) as count
                         from timelines
                         where """ & custom_query &  """
                         group by rule_title, level, computer
@@ -101,7 +101,7 @@ proc computer*(ctx: Context) {.async.} =
                     """
         let computer_counts = db.getRow(sql query, params) 
 
-        query = """select level, level_order, date(datetime(timestamp, 'localtime')) AS date, count(*) as count
+        query = """select level, level_order, date(datetime(timestamp)) AS date, count(*) as count
                         from timelines
                         where """ & custom_query &  """
                         group by date, level_order
@@ -136,8 +136,8 @@ proc sidemenu*(ctx: Context) {.async.} =
                             rule_title,
                             computer,
                             COUNT(computer) AS computer_total,
-                            MIN(datetime(timestamp, 'localtime')) AS first_date,
-                            MAX(datetime(timestamp, 'localtime')) AS last_date
+                            MIN(datetime(timestamp)) AS first_date,
+                            MAX(datetime(timestamp)) AS last_date
                         FROM timelines
                         GROUP BY level_order, rule_title, computer
                         ORDER BY level_order, rule_title, computer;

src/takajopkg/web/controllers/summary.nim

@@ -118,7 +118,7 @@ proc list*(ctx: Context) {.async.} =
         var dates_with_most_total_detections = db.getAllRows(sql query, params) 
 
         query = """SELECT level, level_order, rule_title, computer, COUNT(*) AS alert_count, 
-                    MIN(DATE(datetime(timestamp, 'localtime'))) AS first_seen, MAX(DATE(datetime(timestamp, 'localtime'))) AS last_seen
+                    MIN(DATE(timestamp)) AS first_seen, MAX(DATE(timestamp)) AS last_seen
                     FROM timelines
                     GROUP BY level, rule_title, computer
                     ORDER BY level_order DESC