-- =========================================================
-- SCHEMA: Tabella network_logs per IDS MikroTik
-- =========================================================
-- Creata per compatibilità con syslog_parser.py
-- =========================================================

-- Drop tabella se esiste (solo per ambiente di sviluppo)
DROP TABLE IF EXISTS network_logs CASCADE;

-- Crea tabella network_logs
CREATE TABLE network_logs (
    id VARCHAR PRIMARY KEY DEFAULT gen_random_uuid(),
    router_name TEXT NOT NULL,
    timestamp TIMESTAMP NOT NULL,
    source_ip TEXT NOT NULL,
    source_port INTEGER,
    destination_ip TEXT,
    destination_port INTEGER,
    protocol TEXT,
    action TEXT,
    packet_length INTEGER,
    raw_message TEXT,
    created_at TIMESTAMP NOT NULL DEFAULT NOW()
);

-- Indici per performance
CREATE INDEX IF NOT EXISTS source_ip_idx ON network_logs(source_ip);
CREATE INDEX IF NOT EXISTS timestamp_idx ON network_logs(timestamp);
CREATE INDEX IF NOT EXISTS router_name_idx ON network_logs(router_name);

-- Commento tabella
COMMENT ON TABLE network_logs IS 'Log di rete da router MikroTik via syslog (parsati da syslog_parser.py)';

-- Verifica
SELECT 'Tabella network_logs creata con successo!' AS status;