gfwleak/galaxy-deployment-updata-record
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cn_event 表新增字段 reset

Browse Source
This commit is contained in:
wangkuan
2024-08-30 17:40:36 +08:00
parent 32002317c2
commit 20408bf8e3
3 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_24.08.sql
View File

@@ -1673,6 +1673,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event_local ON CLUSTER ck_cl
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),
@@ -1691,6 +1692,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event ON CLUSTER ck_cluster(
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),

2
cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_check_24.08.sql
View File

@@ -64,5 +64,5 @@ SELECT key_fields, key_values, event_info, start_time, end_time, match_id, rule_
FROM cyber_narrator_galaxy.match_sequence where start_time >= toUnixTimestamp('2030-01-01 00:00:00') AND start_time <toUnixTimestamp('2030-01-01 00:00:01');
SELECT key_fields, key_values, event_info, start_time, end_time, match_id, rule_id, rule_version, rule_type, is_builtin, event_type, event_name, severity
FROM cyber_narrator_galaxy.match_unordered_sequence where start_time >= toUnixTimestamp('2030-01-01 00:00:00') AND start_time <toUnixTimestamp('2030-01-01 00:00:01');
SELECT event_id, match_ids, key_fields, key_values, rule_id, rule_version, rule_type, is_builtin, event_type, event_name, start_time, end_time, duration_s, status
SELECT event_id, match_ids, key_fields, key_values, rule_id, rule_version, rule_type, is_builtin, event_type, event_name, reset,start_time, end_time, duration_s, status
FROM cyber_narrator_galaxy.cn_event where start_time >= toUnixTimestamp('2030-01-01 00:00:00') AND start_time <toUnixTimestamp('2030-01-01 00:00:01');

2
cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_upgrade_24.08.sql
View File

@@ -184,6 +184,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event_local ON CLUSTER ck_cl
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),
@@ -202,6 +203,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event ON CLUSTER ck_cluster(
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),