Fix LastSeenAt in client_create function (Velocidex#3459)

I discovered that the `last_seen_at` parameter of the client_create
function doesn't seem to be implemented. This is my attempt to make it
work but it's still not working.

When I run
```sql
SELECT client_create(
         hostname="windozer",
         client_id="C.COJPAN59O9KJ1",
         os="windows",
         first_seen_at=timestamp(epoch=now() - 3600),
         last_seen_at=timestamp(epoch=now()),
         mac_addresses=["b8:ee:65:7c:0d:ff"],
         labels=["lab","test"])
FROM scope()
```
it does return the client information with the correct `last_seen_at`
value (which it didn't do before this change).

But when I run
```sql
SELECT client_info(client_id="C.COJPAN59O9KJ1") FROM scope()
```
then the `last_seen_at` value is 0.

I've tried mirroring the code for `first_seen_at` but I can't see what
else needs to change to make this work.

ps. I might have messed up the protobuf stuff. I only needed the 1
change to vql.proto but when I ran `./make_proto.sh` it unexpectedly
made a lot of changes to all the .pb.go files.

---------

Co-authored-by: Mike Cohen <mike@velocidex.com>

artifacts/testdata/server/testcases/clients.in.yaml

@@ -28,3 +28,19 @@ Queries:
   - SELECT client_set_metadata(client_id='C.4f5e52adf0a337a9',
          AnotherItem="Hello", Bar=NULL) FROM scope()
   - SELECT client_metadata(client_id='C.4f5e52adf0a337a9') FROM scope()
+
+  # Creating clients
+  - LET client_record <= client_create(
+       first_seen_at="2020-10-01T10:11:23",
+       last_seen_at="2021-02-03T12:12:24",
+       labels=["Label1", "Label2"],
+       os="windows",
+       hostname="myHostname",
+       client_id="C.12345678",
+       mac_addresses=["00:11:22", "22:33:44"])
+
+  - SELECT *, client_record FROM clients(client_id=client_record.ClientId)
+
+  # Remove the new client.
+  - SELECT * FROM client_delete(client_id=client_record.ClientId, really_do_it=TRUE)
+  - SELECT * FROM clients(client_id=client_record.ClientId)

artifacts/testdata/server/testcases/clients.out.yaml

@@ -64,4 +64,53 @@ LET _ <= SELECT label(client_id=client_id, op='remove', labels=labels), client_i
    "AnotherItem": "Hello"
   }
  }
-]
+]LET client_record <= client_create( first_seen_at="2020-10-01T10:11:23", last_seen_at="2021-02-03T12:12:24", labels=["Label1", "Label2"], os="windows", hostname="myHostname", client_id="C.12345678", mac_addresses=["00:11:22", "22:33:44"])[]SELECT *, client_record FROM clients(client_id=client_record.ClientId)[
+ {
+  "client_id": "C.12345678",
+  "agent_information": {
+   "version": "",
+   "name": "",
+   "build_time": "",
+   "build_url": ""
+  },
+  "os_info": {
+   "system": "windows",
+   "hostname": "myHostname",
+   "release": "",
+   "machine": "",
+   "fqdn": "myHostname",
+   "mac_addresses": [
+    "00:11:22",
+    "22:33:44"
+   ]
+  },
+  "first_seen_at": 1601547083,
+  "last_seen_at": 1612354344000000,
+  "last_ip": "",
+  "last_interrogate_flow_id": "",
+  "last_interrogate_artifact_name": "",
+  "labels": [
+   "Label1",
+   "Label2"
+  ],
+  "last_hunt_timestamp": 0,
+  "last_event_table_version": 0,
+  "last_label_timestamp": 0,
+  "client_record": {
+   "client_id": "C.12345678",
+   "hostname": "myHostname",
+   "fqdn": "myHostname",
+   "system": "windows",
+   "ping": 1612354344000000,
+   "first_seen_at": 1601547083,
+   "labels": [
+    "Label1",
+    "Label2"
+   ],
+   "mac_addresses": [
+    "00:11:22",
+    "22:33:44"
+   ]
+  }
+ }
+]SELECT * FROM client_delete(client_id=client_record.ClientId, really_do_it=TRUE)[]SELECT * FROM clients(client_id=client_record.ClientId)[]

vql/server/clients/new.go

@@ -79,6 +79,10 @@ func (self NewClientFunction) Call(ctx context.Context,
 		record.FirstSeenAt = uint64(arg.FirstSeenAt.Unix())
 	}
 
+	if !arg.LastSeenAt.IsZero() {
+		record.Ping = uint64(arg.LastSeenAt.UnixNano() / 1000)
+	}
+
 	err = client_info_manager.Set(ctx, &services.ClientInfo{record})
 	if err != nil {
 		scope.Log("client_create: %s", err)