新しい送信ホスト接続

SELECT dst_addr,
    COUNT(1) as occurrences,
    FROM_UNIXTIME(AVG(unix_nano_timestamp)/1e9) as dt
FROM connections b
WHERE (
    SELECT COUNT(1)
    FROM connections a
    WHERE a.dst_addr = b.dst_addr and a.unix_nano_timestamp < TO_UNIXTIME(NOW()) * 1e9 - 60*60*24*1e9) = 0
GROUP BY dst_addr