CREATE VIEW surveilr_osquery_ms_node_interface_address AS
SELECT
json_extract(l.content, '$.surveilrOsQueryMsNodeKey') AS node_key,
l.updated_at,
json_extract(l.content, '$.hostIdentifier') AS host_identifier,
json_extract(l.content, '$.columns.address') AS address,
json_extract(l.content, '$.columns.mac') AS mac
FROM uniform_resource AS l
WHERE l.uri = 'osquery-ms:query-result'
AND (
json_extract(l.content, '$.name') = 'Network Interfaces (Linux and Macos)'
OR json_extract(l.content, '$.name') = 'Network Interfaces (Windows)'
)