gfwleak/galaxy-deployment-updata-record
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://git.mesalab.cn/galaxy/deployment/updata-record

Browse Source
This commit is contained in:
wangkuan
2024-08-15 11:33:23 +08:00
parent 2b68665a29 7697eab8f5
commit a1486369dc
36 changed files with 25556 additions and 841 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
tsg_olap/installation/flink/groot_stream/templates/data_transporter.yaml.j2
View File

@@ -19,7 +19,7 @@ sinks:
type: kafka type: kafka
properties: properties:
topic: {{ kafka_sink_topic }} topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: { { kafka_sink_servers } } kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
kafka.request.timeout.ms: 30000 kafka.request.timeout.ms: 30000
@@ -35,7 +35,7 @@ sinks:
clickhouse_sink: clickhouse_sink:
type: clickhouse type: clickhouse
properties: properties:
host: {{ clickhouse_servers }} host: {{ clickhouse_sink_host }}
table: tsg_galaxy_v3.traffic_sketch_metric_local table: tsg_galaxy_v3.traffic_sketch_metric_local
batch.size: 100000 batch.size: 100000
batch.interval: 30s batch.interval: 30s
@@ -48,7 +48,6 @@ application:
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true object-reuse: true
topology:
{{ topology }} {{ topology }}

5
tsg_olap/installation/flink/groot_stream/templates/datapath_telemetry_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: DATAPATH-TELEMETRY-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -37,7 +37,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: DATAPATH-TELEMETRY-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
@@ -71,7 +71,6 @@ application:
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true object-reuse: true
topology:
{{ topology }} {{ topology }}

31
tsg_olap/installation/flink/groot_stream/templates/dos_event_kafka_to_clickhouse → tsg_olap/installation/flink/groot_stream/templates/dos_event.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: DOS-EVENT topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: "{{ kafka_source_servers }}" kafka.bootstrap.servers: "{{ kafka_source_servers }}"
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -22,12 +22,30 @@ sources:
kafka.compression.type: none kafka.compression.type: none
format: json format: json
sinks: sinks:
kafka_sink:
type: kafka
properties:
topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0
kafka.linger.ms: 10
kafka.request.timeout.ms: 30000
kafka.batch.size: 262144
kafka.buffer.memory: 134217728
kafka.max.request.size: 10485760
kafka.compression.type: snappy
kafka.security.protocol: SASL_PLAINTEXT
kafka.sasl.mechanism: PLAIN
kafka.sasl.jaas.config: 454f65ea6eef1256e3067104f82730e737b68959560966b811e7ff364116b03124917eb2b0f3596f14733aa29ebad9352644ce1a5c85991c6f01ba8a5e8f177a7ff0b2d3889a424249967b3870b50993d9644f239f0de82cdb13bdb502959e16afadffa49ef1e1d2b9c9b5113e619817
format: json
json.ignore.parse.errors: false
log.failures.only: true
clickhouse_sink: clickhouse_sink:
type: clickhouse type: clickhouse
properties: properties:
host: "{{ clickhouse_servers }}" host: {{ clickhouse_sink_host }}
table: tsg_galaxy_v3.dos_event_local table: tsg_galaxy_v3.dos_event_local
batch.size: 100000 batch.size: 100000
batch.interval: 30s batch.interval: 30s
@@ -37,13 +55,10 @@ sinks:
application: application:
env: env:
name: dos_event_kafka_to_clickhouse name: {{ job_name }}
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true # [boolean] Object Reuse, default is false object-reuse: true # [boolean] Object Reuse, default is false
topology: {{ topology }}
- name: kafka_source
downstream: [clickhouse_sink]
- name: clickhouse_sink

12
tsg_olap/installation/flink/groot_stream/templates/proxy_event.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: PROXY-EVENT topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -50,12 +50,6 @@ processing_pipelines:
parameters: parameters:
value_expression: recv_time value_expression: recv_time
- function: DOMAIN
lookup_fields: [http_host, ssl_sni, dtls_sni, quic_sni]
output_fields: [server_domain]
parameters:
option: FIRST_SIGNIFICANT_SUBDOMAIN
- function: BASE64_DECODE_TO_STRING - function: BASE64_DECODE_TO_STRING
output_fields: [mail_subject] output_fields: [mail_subject]
parameters: parameters:
@@ -107,7 +101,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: PROXY-EVENT topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
@@ -141,6 +135,4 @@ application:
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true object-reuse: true
topology:
{{ topology }} {{ topology }}

10
tsg_olap/installation/flink/groot_stream/templates/session_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: SESSION-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -50,12 +50,6 @@ processing_pipelines:
parameters: parameters:
value_expression: recv_time value_expression: recv_time
- function: DOMAIN
lookup_fields: [http_host, ssl_sni, dtls_sni, quic_sni]
output_fields: [server_domain]
parameters:
option: FIRST_SIGNIFICANT_SUBDOMAIN
- function: BASE64_DECODE_TO_STRING - function: BASE64_DECODE_TO_STRING
output_fields: [mail_subject] output_fields: [mail_subject]
parameters: parameters:
@@ -107,7 +101,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: SESSION-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10

9
tsg_olap/installation/flink/groot_stream/templates/traffic_sketch_metric.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: TRAFFIC-SKETCH-METRIC topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -62,12 +62,11 @@ processing_pipelines:
parameters: parameters:
data_center_id_num: 1 data_center_id_num: 1
sinks: sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: TRAFFIC-SKETCH-METRIC topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
@@ -86,7 +85,7 @@ sinks:
clickhouse_sink: clickhouse_sink:
type: clickhouse type: clickhouse
properties: properties:
host: {{ clickhouse_servers }} host: {{ clickhouse_sink_host }}
table: tsg_galaxy_v3.traffic_sketch_metric_local table: tsg_galaxy_v3.traffic_sketch_metric_local
batch.size: 100000 batch.size: 100000
batch.interval: 30s batch.interval: 30s
@@ -97,7 +96,7 @@ sinks:
application: application:
env: # [object] Environment Variables env: # [object] Environment Variables
name: etl_traffic_sketch_metric # [string] Job Name name: {{ job_name }}
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true # [boolean] Object Reuse, default is false object-reuse: true # [boolean] Object Reuse, default is false

4
tsg_olap/installation/flink/groot_stream/templates/transaction_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: TRANSACTION-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -107,7 +107,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: TRANSACTION-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10

10
tsg_olap/installation/flink/groot_stream/templates/voip_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: VOIP-CONVERSATION-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -50,12 +50,6 @@ processing_pipelines:
parameters: parameters:
value_expression: recv_time value_expression: recv_time
- function: DOMAIN
lookup_fields: [http_host, ssl_sni, dtls_sni, quic_sni]
output_fields: [server_domain]
parameters:
option: FIRST_SIGNIFICANT_SUBDOMAIN
- function: BASE64_DECODE_TO_STRING - function: BASE64_DECODE_TO_STRING
output_fields: [mail_subject] output_fields: [mail_subject]
parameters: parameters:
@@ -107,7 +101,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: VOIP-CONVERSATION-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10

5
tsg_olap/installation/hos/tsg_olap_hos_ddl.sh Normal file
View File

@@ -0,0 +1,5 @@
curl -X PUT http://{{ vrrp_instance.oss.virtual_ipaddress }}:9098/hos/traffc_file_bucket -H 'token:{{ hos_token }}' -H 'x-hos-region-count:64*hbase服务器数'
curl -X PUT http://{{ vrrp_instance.oss.virtual_ipaddress }}:9098/hos/troubleshooting_file_bucket -H 'token:{{ hos_token }}' -H 'x-hos-region-count:16'
curl -X PUT http://{{ vrrp_instance.oss.virtual_ipaddress }}:9098/hos/knowledge_base_bucket -H 'token:{{ hos_token }}' -H 'x-hos-region-count:16' -H 'x-hos-wal:open'
curl -X PUT http://{{ vrrp_instance.oss.virtual_ipaddress }}:9098/hos/report_snapshot_bucket -H 'token:{{ hos_token }}' -H 'x-hos-region-count:16' -H 'x-hos-wal:open'
curl -X PUT http://{{ vrrp_instance.oss.virtual_ipaddress }}:9098/hos/assessment_file_bucket -H 'token:{{ hos_token }}' -H 'x-hos-region-count:16' -H 'x-hos-wal:open'

71
tsg_olap/installation/kafka/create_topic.sh.j2 Normal file
View File

@@ -0,0 +1,71 @@
#!/bin/bash
source /etc/profile
partition_nums={{ groups.kafka | length }}
replication_nums={{ 2 if groups.kafka | length >1 else 1 }}
kafka_servers="{% for host in groups['kafka'] %}{{ host }}:9092{% if not loop.last %},{% endif %}{% endfor %}"
common_topic=(
BGP-RECORD
DOS-EVENT
NETWORK-TRAFFIC-METRIC
OBJECT-STATISTICS-METRIC
POLICY-RULE-METRIC
PROXY-EVENT
PROXY-EVENT-PROCESSED
PXY-EXCH-INTERMEDIA-CERT
SESSION-RECORD-IPFIX
STATISTICS-RULE-METRIC
VOIP-CONVERSATION-RECORD
VOIP-RECORD
VOIP-RECORD-PROCESSED
TOPK-METRIC
DOS-PROTECTION-RULE-METRIC
DOS-SKETCH-TOP-SERVER-IP
DOS-SKETCH-METRIC
DATAPATH-TELEMETRY-RECORD
TRAFFIC-SKETCH-METRIC
)
multi_partition_topic=(
TRANSACTION-RECORD
TRANSACTION-RECORD-PROCESSED
SESSION-RECORD
SESSION-RECORD-PROCESSED
TRAFFIC-FILE-STREAM-RECORD
)
function getTopic() {
docker exec kafka kafka-topics.sh --bootstrap-server $kafka_servers --list
}
function createTopic() {
exist_topic=$(echo "$exist_topic_list" | grep -wx "$3" | wc -l)
if [ $exist_topic -eq '0' ]; then
docker exec kafka kafka-topics.sh '--create' '--if-not-exists' '--bootstrap-server' "$kafka_servers" '--replication-factor' $1 '--partitions' $2 '--topic' $3
fi
}
function checkTopic() {
exist_topic_list=$(getTopic)
all_topic=("${common_topic[@]}" "${multi_partition_topic[@]}")
for topic_name in ${all_topic[@]}; do
exist_topic=$(echo "$exist_topic_list" | grep -wx "$topic_name" | wc -l)
if [ $exist_topic -eq '0' ]; then
echo "Topic $topic_name creation failure"
exit 1
fi
done
}
exist_topic_list=$(getTopic)
for topic_name in ${common_topic[@]}; do
createTopic $replication_nums $partition_nums $topic_name
done
for topic_name in ${multi_partition_topic[@]}; do
createTopic 1 $((partition_nums * 3)) $topic_name
done
checkTopic

197
tsg_olap/installation/mariadb/galaxy-job-service/xxl_job.sql.j2 Normal file
View File

@@ -0,0 +1,197 @@
/*
Navicat MySQL Data Transfer
Target Server Type : MYSQL
Target Server Version : 50505
File Encoding : 65001
Date: 2021-09-23 14:05:11
*/
SET FOREIGN_KEY_CHECKS=0;
-- ----------------------------
-- Table structure for `xxl_job_group`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_group`;
CREATE TABLE `xxl_job_group` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`app_name` varchar(64) NOT NULL COMMENT '执行器AppName',
`title` varchar(64) NOT NULL COMMENT '执行器名称',
`address_type` tinyint(4) NOT NULL DEFAULT 0 COMMENT '执行器地址类型0=自动注册、1=手动录入',
`address_list` varchar(512) DEFAULT NULL COMMENT '执行器地址列表,多地址逗号分隔',
PRIMARY KEY (`id`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Table structure for `xxl_job_lock`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_lock`;
CREATE TABLE `xxl_job_lock` (
`lock_name` varchar(50) NOT NULL COMMENT '锁名称',
PRIMARY KEY (`lock_name`) USING BTREE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Records of xxl_job_lock
-- ----------------------------
INSERT INTO `xxl_job_lock` VALUES ('schedule_lock');
-- ----------------------------
-- Table structure for `xxl_job_log`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_log`;
CREATE TABLE `xxl_job_log` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`job_group` int(11) NOT NULL COMMENT '执行器主键ID',
`job_id` int(11) NOT NULL COMMENT '任务主键ID',
`executor_address` varchar(255) DEFAULT NULL COMMENT '执行器地址,本次执行的地址',
`executor_handler` varchar(255) DEFAULT NULL COMMENT '执行器任务handler',
`executor_param` varchar(4000) DEFAULT '' COMMENT '执行器任务参数',
`executor_sharding_param` varchar(20) DEFAULT NULL COMMENT '执行器任务分片参数,格式如 1/2',
`executor_fail_retry_count` int(11) NOT NULL DEFAULT 0 COMMENT '失败重试次数',
`trigger_time` datetime DEFAULT NULL COMMENT '调度-时间',
`trigger_code` int(11) NOT NULL COMMENT '调度-结果',
`trigger_msg` text DEFAULT NULL COMMENT '调度-日志',
`handle_time` datetime DEFAULT NULL COMMENT '执行-时间',
`handle_code` int(11) NOT NULL COMMENT '执行-状态',
`handle_msg` text DEFAULT NULL COMMENT '执行-日志',
`alarm_status` tinyint(4) NOT NULL DEFAULT 0 COMMENT '告警状态0-默认、1-无需告警、2-告警成功、3-告警失败',
PRIMARY KEY (`id`) USING BTREE,
KEY `I_trigger_time` (`trigger_time`) USING BTREE,
KEY `I_handle_code` (`handle_code`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=2077229 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Records of xxl_job_log
-- ----------------------------
-- ----------------------------
-- Table structure for `xxl_job_logglue`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_logglue`;
CREATE TABLE `xxl_job_logglue` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`job_id` int(11) NOT NULL COMMENT '任务主键ID',
`glue_type` varchar(50) DEFAULT NULL COMMENT 'GLUE类型',
`glue_source` mediumtext DEFAULT NULL COMMENT 'GLUE源代码',
`glue_remark` varchar(128) NOT NULL COMMENT 'GLUE备注',
`add_time` datetime DEFAULT NULL,
`update_time` datetime DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Records of xxl_job_logglue
-- ----------------------------
-- ----------------------------
-- Table structure for `xxl_job_log_report`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_log_report`;
CREATE TABLE `xxl_job_log_report` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`trigger_day` datetime DEFAULT NULL COMMENT '调度-时间',
`running_count` int(11) NOT NULL DEFAULT 0 COMMENT '运行中-日志数量',
`suc_count` int(11) NOT NULL DEFAULT 0 COMMENT '执行成功-日志数量',
`fail_count` int(11) NOT NULL DEFAULT 0 COMMENT '执行失败-日志数量',
PRIMARY KEY (`id`) USING BTREE,
UNIQUE KEY `i_trigger_day` (`trigger_day`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=786 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Records of xxl_job_log_report
-- ----------------------------
-- ----------------------------
-- Table structure for `xxl_job_registry`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_registry`;
CREATE TABLE `xxl_job_registry` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`registry_group` varchar(50) NOT NULL,
`registry_key` varchar(255) NOT NULL,
`registry_value` varchar(255) NOT NULL,
`update_time` datetime DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
KEY `i_g_k_v` (`registry_group`,`registry_key`,`registry_value`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=276 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Table structure for `xxl_job_user`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_user`;
CREATE TABLE `xxl_job_user` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(50) NOT NULL COMMENT '账号',
`password` varchar(50) NOT NULL COMMENT '密码',
`role` tinyint(4) NOT NULL COMMENT '角色0-普通用户、1-管理员',
`permission` varchar(255) DEFAULT NULL COMMENT '权限执行器ID列表多个逗号分割',
PRIMARY KEY (`id`) USING BTREE,
UNIQUE KEY `i_username` (`username`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Records of xxl_job_user
-- ----------------------------
INSERT INTO `xxl_job_user` VALUES ('1', 'admin', 'fea191a3fdd9f68503f9fa0e8d0293ab', '1', null);
INSERT INTO `xxl_job_user` VALUES ('2', 'query', '95497ea23bf8d27d86526717578e366f', '0', '3');
-- ----------------------------
-- Table structure for `xxl_job_info`
-- ----------------------------
DROP TABLE IF EXISTS `xxl_job_info`;
CREATE TABLE `xxl_job_info` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`job_group` int(11) NOT NULL COMMENT '执行器主键ID',
`job_cron` varchar(128) NOT NULL COMMENT '任务执行CRON',
`job_desc` varchar(255) NOT NULL,
`add_time` datetime DEFAULT NULL,
`update_time` datetime DEFAULT NULL,
`author` varchar(64) DEFAULT NULL COMMENT '作者',
`alarm_email` varchar(255) DEFAULT NULL COMMENT '报警邮件',
`executor_route_strategy` varchar(50) DEFAULT NULL COMMENT '执行器路由策略',
`executor_handler` varchar(255) DEFAULT NULL COMMENT '执行器任务handler',
`executor_param` varchar(4000) DEFAULT '' COMMENT '执行器任务参数',
`executor_block_strategy` varchar(50) DEFAULT NULL COMMENT '阻塞处理策略',
`executor_timeout` int(11) NOT NULL DEFAULT 0 COMMENT '任务执行超时时间,单位秒',
`executor_fail_retry_count` int(11) NOT NULL DEFAULT 0 COMMENT '失败重试次数',
`glue_type` varchar(50) NOT NULL COMMENT 'GLUE类型',
`glue_source` mediumtext DEFAULT NULL COMMENT 'GLUE源代码',
`glue_remark` varchar(128) DEFAULT NULL COMMENT 'GLUE备注',
`glue_updatetime` datetime DEFAULT NULL COMMENT 'GLUE更新时间',
`child_jobid` varchar(255) DEFAULT NULL COMMENT '子任务ID多个逗号分隔',
`trigger_status` tinyint(4) NOT NULL DEFAULT 0 COMMENT '调度状态0-停止1-运行',
`trigger_last_time` bigint(13) NOT NULL DEFAULT 0 COMMENT '上次调度时间',
`trigger_next_time` bigint(13) NOT NULL DEFAULT 0 COMMENT '下次调度时间',
PRIMARY KEY (`id`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=88 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Records of xxl_job_group
-- ----------------------------
INSERT INTO `xxl_job_group` VALUES (1, 'galaxy-executor', 'GDP', 1, '{{ job_executor_servers }}');
INSERT INTO `xxl_job_group` VALUES (2, 'galaxy-executor', 'TSG_OLAP', 1, '{{ job_executor_servers }}');
-- ----------------------------
-- Records of xxl_job_info
-- ----------------------------
INSERT INTO `xxl_job_info` VALUES (29, 2, '{{ cron_expression_2 }}', 'get_storage_daily_usage', '2024-06-30 14:06:48', '2024-07-12 02:06:32', 'galaxy', '', 'FAILOVER', 'getDatabaseStorageQuotaJobHandler', '[\r\n {\r\n \"source\":\r\n {\r\n \"type\": \"storage\",\r\n \"containBytes\": true,\r\n \"items\": \"Traffic Logs,Files,Metrics\"\r\n },\r\n \"sink\":\r\n {\r\n \"type\": \"mariadb\",\r\n \"ip\": \"{{ vrrp_instance.default.virtual_ipaddress }}\",\r\n \"database\": \"tsg_olap\",\r\n \"table\": \"sys_storage_event\",\r\n \"username\": \"root\",\r\n \"pin\": \"{{ mariadb_default_pin }}\"\r\n }\r\n }\r\n]', 'COVER_EARLY', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2024-06-30 14:06:48', '', 1, 1721613600000, 1721700000000);
INSERT INTO `xxl_job_info` VALUES (36, 2, '0 0/10 * * * ?', 'get_database_storage_quota', '2024-06-19 03:06:04', '2024-07-04 09:29:43', 'galaxy', '', 'FAILOVER', 'getDatabaseStorageQuotaJobHandler', '[\r\n {\r\n \"source\":\r\n {\r\n \"type\": \"storage\",\r\n \"containBytes\": false,\r\n \"items\": \"Traffic Logs,Files,Metrics\"\r\n },\r\n \"sink\":\r\n {\r\n \"type\": \"mariadb\",\r\n \"ip\": \"{{ vrrp_instance.default.virtual_ipaddress }}\",\r\n \"database\": \"tsg_olap\",\r\n \"table\": \"sys_storage_event\",\r\n \"username\": \"root\",\r\n \"pin\": \"{{ mariadb_default_pin }}\"\r\n }\r\n }\r\n]', 'COVER_EARLY', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2024-06-19 03:06:04', '', 1, 1721634600000, 1721635200000);
INSERT INTO `xxl_job_info` VALUES (58, 1, '0 0 2 * * ? ', 'set_druid_table_ttl', '2020-07-30 10:34:34', '2024-02-28 03:02:15', 'galaxy', '', 'FAILOVER', 'deleteReportAndMetricsDataJobHandler', '{\"defaultMaxDays\":365,\"maxDays\":30}', 'DISCARD_LATER', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2020-07-30 10:34:34', '', 1, 1709488800000, 1709575200000);
INSERT INTO `xxl_job_info` VALUES (59, 1, '0 0 0 1 * ?', 'clear_druid_table', '2020-07-30 11:32:08', '2022-04-12 02:38:39', 'galaxy', '', 'FAILOVER', 'deleteAllReportAndMetricsDataJobHandler', '{\"maxDays\":88,\"defaultMaxDays\":365}', 'DISCARD_LATER', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2020-07-30 11:32:08', '', 0, 0, 0);
INSERT INTO `xxl_job_info` VALUES (62, 1, '0 0 2 * * ? ', 'set_hos_bucket_ttl', '2020-07-30 11:59:30', '2024-02-28 03:02:15', 'galaxy', '', 'FAILOVER', 'deleteFilesJobHandler', '{\"defaultMaxDays\":30,\"maxDays\":30}', 'DISCARD_LATER', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2020-07-30 11:59:30', '', 1, 1709488800000, 1709575200000);
INSERT INTO `xxl_job_info` VALUES (63, 1, '0 0 0 1 * ?', 'clear_hos_file', '2020-07-30 11:59:43', '2023-10-26 10:43:46', 'galaxy', '', 'FAILOVER', 'deleteAllFilesJobHandler', '{\"defaultMaxDays\":30,\"maxDays\":30}', 'DISCARD_LATER', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2020-07-30 11:59:43', '', 0, 0, 0);
INSERT INTO `xxl_job_info` VALUES (64, 1, '0 0 0 1 * ?', 'clear_clickhouse_table', '2020-07-30 13:47:25', '2022-04-12 02:38:39', 'galaxy', '', 'FAILOVER', 'deleteAllTrafficDataJobHandler', '{\"maxDays\":77,\"defaultMaxDays\":30}', 'DISCARD_LATER', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2020-07-30 13:47:25', '', 0, 0, 0);
INSERT INTO `xxl_job_info` VALUES (65, 1, '0 0 0 * * ? ', 'set_clickhouse_table_ttl', '2020-07-30 13:47:38', '2024-02-28 03:02:13', 'galaxy', '', 'FAILOVER', 'deleteTrafficDataJobHandler', '{\"defaultMaxDays\":30,\"maxDays\":30}', 'DISCARD_LATER', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2020-07-30 13:47:38', '', 1, 1709481600000, 1709568000000);
INSERT INTO xxl_job_info (id, job_group, job_cron, job_desc, add_time, update_time, author, alarm_email, executor_route_strategy, executor_handler, executor_param, executor_block_strategy, executor_timeout, executor_fail_retry_count, glue_type, glue_source, glue_remark, glue_updatetime, child_jobid, trigger_status, trigger_last_time, trigger_next_time) VALUES ('86', '2', '0 0 1 * * ?', 'run_druid_segment_compaction', '2021-07-21 14:13:57', '2023-12-12 02:21:05', 'galaxy', '', 'FAILOVER', 'druidCompactSegmentJobHandler', '[\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_server_fqdns\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_server_domains\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_client_ips\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_server_ips\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_external_ips\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_internal_ips\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_client_countries\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"top_server_countries\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"security_rule_hits\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"monitor_rule_hits\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"proxy_rule_hits\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"application_protocol_stat\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\",\r\n \"maxRowsInMemory\": 200000\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"traffic_general_stat\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"dos_sketch_top_server_ip\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"dos_protection_rule_hits\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"dos_protection_rule_metric\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"service_chaining_rule_hits\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"service_function_status\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"statistics_rule_hits\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"traffic_shaping_rule_hits\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"object_statistics\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\",\r\n \"maxRowsInMemory\": 250000\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"statistics_rule\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\",\r\n \"maxRowsInMemory\": 400000,\r\n \"maxBytesInMemory\": -1,\r\n \"splitHintSpec\": {\r\n \"type\": \"maxSize\",\r\n \"maxSplitSize\": \"4GiB\"\r\n },\r\n \"maxNumConcurrentSubTasks\": 2\r\n },\r\n \"context\":{\r\n \"druid.indexer.runner.javaOptsArray\": [\"-Xms4g\", \"-Xmx4g\", \"-XX:MaxDirectMemorySize=1g\"]\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"sys_storage_log\",\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\"\r\n }\r\n }\r\n]', 'DISCARD_LATER', '0', '0', 'BEAN', '', 'GLUE代码初始化', '2021-07-21 14:13:57', '', '1', '1708887600000', '1708974000000');
INSERT INTO `xxl_job_info` VALUES (101, 2, '0 0 0 1/7 * ?', 'run_web_sketch_assessment', '2022-01-27 17:40:42', '2024-03-13 05:44:06', 'galaxy', '', 'FAILOVER', 'httpToStoreJobHandler', '[{\r\n \"url\": \"http://{{ vrrp_instance.default.virtual_ipaddress }}:9999/v1/query/sql/\",\r\n \"method\": \"post\",\r\n \"requestBody\": {\r\n \"statement\": \"SELECT server_domain AS name, arrayStringConcat(groupUniqArray(decoded_as),\',\') AS protocol, count(*) AS sessions FROM tsg_galaxy_v3.session_record WHERE recv_time >= toStartOfDay(now()- INTERVAL 7 DAY) AND recv_time < toStartOfDay(now()) AND notEmpty(server_domain) GROUP BY name ORDER BY sessions DESC LIMIT 500000;\",\r\n \"exec_mode\":\"oneshot\",\r\n \"is_dry_run\": 0\r\n},\r\n \"resultKey\": \"data\",\r\n \"store\": \"all\"\r\n}, {\r\n \"url\": \"http://{{ vrrp_instance.default.virtual_ipaddress }}:9999/v1/query/sql/\",\r\n \"method\": \"post\",\r\n \"requestBody\": {\r\n \"statement\": \"SELECT server_domain AS name, arrayStringConcat(groupUniqArray(decoded_as),\',\') AS protocol, count(*) AS sessions FROM tsg_galaxy_v3.session_record WHERE recv_time >= toStartOfDay(now()- INTERVAL 7 DAY) AND recv_time < toStartOfDay(now()) AND notEmpty(server_domain) AND empty(fqdn_category_list) GROUP BY name ORDER BY sessions DESC LIMIT 500000;\",\r\n \"exec_mode\":\"oneshot\",\r\n \"is_dry_run\": 0\r\n},\r\n \"resultKey\": \"data\",\r\n \"store\": \"uncategorized\"\r\n}]', 'COVER_EARLY', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2022-01-27 17:40:42', '', 1, 1709827200000, 1710432000000);
INSERT INTO `xxl_job_info` VALUES (141, 2, '0 0 2 * * ?', 'set_clickhouse_table_and_field_ttl', '2022-06-07 07:42:38', '2022-06-08 09:28:19', 'galaxy', '', 'FIRST', 'changeCkTtlJobHandler', '', 'SERIAL_EXECUTION', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2022-06-07 07:42:38', '', 1, 1709488800000, 1709575200000);
INSERT INTO `xxl_job_info` VALUES (143, 2, '0 0 0/1 * * ?', 'run_ip_learning', '2022-11-09 10:29:20', '2024-02-19 02:32:54', 'galaxy', '', 'BUSYOVER', '', '', 'SERIAL_EXECUTION', 0, 0, 'GLUE_SHELL', '#!/bin/bash\nsh -c \'cd /opt/schedule-service/iplearning/ && ./start.sh\'', '0001', '2023-12-26 04:01:24', '', 1, 1709524800000, 1709528400000);
INSERT INTO `xxl_job_info` VALUES (145, 2, '0 0 2 * * ?', 'run_dos_baseline', '2022-11-10 06:15:27', '2023-11-13 05:37:41', 'galaxy', '', 'FIRST', '', '', 'SERIAL_EXECUTION', 0, 0, 'GLUE_SHELL', '#!/bin/bash\nsh -c \'cd /opt/schedule-service/dos-baseline && ./start.sh\'', '0000', '2023-11-13 05:37:41', '', 1, 1709488800000, 1709575200000);
INSERT INTO xxl_job_info (id, job_group, job_cron, job_desc, add_time, update_time, author, alarm_email, executor_route_strategy, executor_handler, executor_param, executor_block_strategy, executor_timeout, executor_fail_retry_count, glue_type, glue_source, glue_remark, glue_updatetime, child_jobid, trigger_status, trigger_last_time, trigger_next_time) VALUES ('158', '2', '0 0 2 * * ?', 'run_druid_segement_granularity_compact', '2023-02-20 05:59:59', '2023-05-11 03:39:14', 'galaxy', '', 'FAILOVER', 'druidMergeHistoryDataJobHandler', '[\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"traffic_general_stat\",\r\n \"offsetDays\": 7,\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\",\r\n \"splitHintSpec\": {\r\n \"type\": \"maxSize\",\r\n \"maxSplitSize\": \"2GiB\"\r\n },\r\n \"maxNumConcurrentSubTasks\": 1\r\n },\r\n \"granularitySpec\" : {\r\n \"segmentGranularity\": \"DAY\",\r\n \"queryGranularity\": \"MINUTE\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"application_protocol_stat\",\r\n \"offsetDays\": 7,\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\",\r\n \"maxRowsInMemory\": 200000,\r\n \"splitHintSpec\": {\r\n \"type\": \"maxSize\",\r\n \"maxSplitSize\": \"2GiB\"\r\n },\r\n \"maxNumConcurrentSubTasks\": 1\r\n },\r\n \"granularitySpec\" : {\r\n \"segmentGranularity\": \"DAY\",\r\n \"queryGranularity\": \"MINUTE\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"object_statistics\",\r\n \"offsetDays\": 7,\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\",\r\n \"maxRowsInMemory\": 250000,\r\n \"splitHintSpec\": {\r\n \"type\": \"maxSize\",\r\n \"maxSplitSize\": \"2GiB\"\r\n },\r\n \"maxNumConcurrentSubTasks\": 2\r\n },\r\n \"granularitySpec\" : {\r\n \"segmentGranularity\": \"DAY\",\r\n \"queryGranularity\": \"MINUTE\"\r\n }\r\n },\r\n {\r\n \"type\": \"compact\",\r\n \"dataSource\": \"statistics_rule\",\r\n \"offsetDays\": 7,\r\n \"tuningConfig\": {\r\n \"type\": \"index_parallel\",\r\n \"maxRowsInMemory\": 400000,\r\n \"maxBytesInMemory\": -1,\r\n \"splitHintSpec\": {\r\n \"type\": \"maxSize\",\r\n \"maxSplitSize\": \"4GiB\"\r\n },\r\n \"maxNumConcurrentSubTasks\": 2\r\n },\r\n \"granularitySpec\" : {\r\n \"segmentGranularity\": \"DAY\",\r\n \"queryGranularity\": \"MINUTE\"\r\n },\r\n \"context\":{\r\n \"druid.indexer.runner.javaOptsArray\": [\"-Xms2g\", \"-Xmx4g\", \"-XX:MaxDirectMemorySize=1g\"]\r\n }\r\n }\r\n]', 'DISCARD_LATER', '0', '0', 'BEAN', '', 'GLUE代码初始化', '2023-02-20 05:59:59', '', '1', '1708891200000', '1708977600000');
INSERT INTO `xxl_job_info` VALUES (159, 1, '0 0 * * * ?', 'delete_clickhouse_old_log', '2024-06-24 09:02:27', '2024-07-15 03:05:03', 'galaxy', '', 'FIRST', 'deleteOldLogJobHandler', '{\r\n \"logType\": \"Traffic Logs\",\r\n \"maxUsage\": 90,\r\n \"durationMinutes\": 360,\r\n \"minIntervalMinutes\": 60,\r\n \"jdbcParam\": {\r\n \"type\": \"mariadb\",\r\n \"ip\": \"{{ vrrp_instance.default.virtual_ipaddress }}\",\r\n \"database\": \"tsg_olap\",\r\n \"table\": \"sys_storage_event\",\r\n \"username\": \"root\",\r\n \"pin\": \"{{ mariadb_default_pin }}\"\r\n }\r\n}', 'SERIAL_EXECUTION', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2024-06-24 09:02:27', '', 1, 1721631600000, 1721635200000);
INSERT INTO `xxl_job_info` VALUES (160, 1, '0 0 * * * ?', 'delete_druid_old_log', '2024-06-24 09:05:37', '2024-07-15 03:04:38', 'galaxy', '', 'FIRST', 'deleteOldLogJobHandler', '{\r\n \"logType\": \"Metrics\",\r\n \"maxUsage\": 90,\r\n \"durationMinutes\": 360,\r\n \"minIntervalMinutes\": 60,\r\n \"jdbcParam\": {\r\n \"type\": \"mariadb\",\r\n \"ip\": \"{{ vrrp_instance.default.virtual_ipaddress }}\",\r\n \"database\": \"tsg_olap\",\r\n \"table\": \"sys_storage_event\",\r\n \"username\": \"root\",\r\n \"pin\": \"{{ mariadb_default_pin }}\"\r\n }\r\n}', 'SERIAL_EXECUTION', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2024-06-24 09:05:37', '', 1, 1721631600000, 1721635200000);
INSERT INTO `xxl_job_info` VALUES (161, 1, '0 0 * * * ?', 'delete_hos_old_log', '2024-06-24 09:06:21', '2024-07-15 03:04:27', 'galaxy', '', 'FIRST', 'deleteOldLogJobHandler', '{\r\n \"logType\": \"Files\",\r\n \"maxUsage\": 90,\r\n \"durationMinutes\": 360,\r\n \"minIntervalMinutes\": 60,\r\n \"jdbcParam\": {\r\n \"type\": \"mariadb\",\r\n \"ip\": \"{{ vrrp_instance.default.virtual_ipaddress }}\",\r\n \"database\": \"tsg_olap\",\r\n \"table\": \"sys_storage_event\",\r\n \"username\": \"root\",\r\n \"pin\": \"{{ mariadb_default_pin }}\"\r\n }\r\n}', 'SERIAL_EXECUTION', 0, 0, 'BEAN', '', 'GLUE代码初始化', '2024-06-24 09:06:21', '', 1, 1721631600000, 1721635200000);

212
tsg_olap/installation/mariadb/galaxy-qgw-service/R__init_datasets.sql Normal file
View File

@@ -0,0 +1,212 @@
/*
SQL Datasets
*/
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for dataset
-- ----------------------------
DROP TABLE IF EXISTS `dataset`;
CREATE TABLE `dataset` (
`id` int(64) NOT NULL AUTO_INCREMENT,
`identifier_name` varchar(128) NOT NULL,
`category` varchar(128) DEFAULT NULL,
`backend_engine` varchar(16) NOT NULL DEFAULT 'qgw' COMMENT 'qgw, clickhouse, druid, hbase',
`type` varchar(16) NOT NULL COMMENT 'dsl,sql',
`template` text NOT NULL,
`description` varchar(512) DEFAULT NULL,
`generated_time` bigint DEFAULT NULL,
`last_update_time` bigint DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE KEY `identifier_name` (`identifier_name`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
-- ----------------------------
-- Trigger to set timestamps
-- ----------------------------
DELIMITER //
CREATE TRIGGER set_timestamps_trigger BEFORE INSERT ON `dataset`
FOR EACH ROW
BEGIN
SET NEW.generated_time = UNIX_TIMESTAMP();
SET NEW.last_update_time = UNIX_TIMESTAMP();
END //
DELIMITER ;
-- ----------------------------
-- Records of dataset
-- ----------------------------
BEGIN;
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('current-network-throughput-trend', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT SUM( sum_in_bytes)* 8 / 5 AS avg_in_bits_per_sec, SUM( sum_out_bytes )* 8 / 5 AS avg_out_bits_per_sec, SUM( sum_in_bytes + sum_out_bytes )* 8 / 5 AS avg_bits_per_sec, SUM( sum_in_bytes )/ 5 AS avg_in_bytes_per_sec, SUM( sum_out_bytes )/ 5 AS avg_out_bytes_per_sec, SUM( sum_in_bytes + sum_out_bytes )/ 5 AS avg_bytes_per_sec, SUM( sum_in_pkts )/ 5 AS avg_in_pkts_per_sec, SUM( sum_out_pkts )/ 5 AS avg_out_pkts_per_sec, SUM( sum_in_pkts + sum_out_pkts )/ 5 AS avg_pkts_per_sec, SUM( sum_sessions )/ 5 AS avg_sessions_per_sec, SUM( max_active_sessions ) AS active_sessions FROM( SELECT device_id, vsys_id, SUM( in_bytes ) AS sum_in_bytes, SUM( out_bytes ) AS sum_out_bytes, SUM( in_pkts ) AS sum_in_pkts, SUM( out_pkts ) AS sum_out_pkts, SUM( sessions ) AS sum_sessions, max( active_sessions ) AS max_active_sessions FROM traffic_general_stat WHERE __time >= FROM_UNIXTIME( UNIX_TIMESTAMP( now())- 15 ) AND __time < FROM_UNIXTIME( UNIX_TIMESTAMP( now())- 10 ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY device_id, vsys_id )" }','System Overview-Traffic-Now. To calculate the current throughput, the metrics for each appliance are averaged over a 5-second interval. Additionally, the data ingestion latency is also set at 5 seconds.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('network-throughput-trend', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, RATE(in_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_in_bits_per_sec, RATE(out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) * 8 AS avg_out_bits_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) * 8 AS avg_bits_per_sec, RATE(in_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) AS avg_in_bytes_per_sec, RATE(out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) AS avg_out_bytes_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) AS avg_bytes_per_sec, RATE(in_pkts, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) AS avg_in_pkts_per_sec, RATE(out_pkts, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) AS avg_out_pkts_per_sec, RATE(in_pkts + out_pkts, CHART_GRANULARITY(''${start_time}'', ''${end_time}''),1) AS avg_pkts_per_sec FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN(${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }','The calculation of average network throughput is capable of supporting two types of metrics, namely "bytes" and "packets".');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('network-throughput-packet-per-second', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, AVG( in_pkts_per_sec) AS avg_in_pkts_per_sec, AVG( out_pkts_per_sec ) AS avg_out_pkts_per_sec, AVG( pkts_per_sec ) AS avg_pkts_per_sec, MAX( in_pkts_per_sec ) AS max_in_pkts_per_sec, MAX( out_pkts_per_sec ) AS max_out_pkts_per_sec, MAX( pkts_per_sec ) AS max_pkts_per_sec, MIN( in_pkts_per_sec ) AS min_in_pkts_per_sec, MIN( out_pkts_per_sec ) AS min_out_pkts_per_sec, MIN( pkts_per_sec ) AS min_pkts_per_sec FROM( SELECT TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) AS stat_time, RATE( in_pkts, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS in_pkts_per_sec, RATE( out_pkts, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS out_pkts_per_sec, RATE( in_pkts + out_pkts, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS pkts_per_sec FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }','System Overview-Traffic-AVG, MAX, MIN. To calculate network throughput, supports metric types "bytes" and "packets," and offers aggregation methods including "average"(avg), "maximum" (max), and "minimum" (min). Based on MAX and MIN values can reveal abnormal traffic patterns, such as peak and valley outliers.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('network-throughput-bit-per-second', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, AVG( in_bytes_per_sec )* 8 AS avg_in_bits_per_sec, AVG( out_bytes_per_sec )* 8 AS avg_out_bits_per_sec, AVG( bytes_per_sec )* 8 AS avg_bits_per_sec, MAX( in_bytes_per_sec )* 8 AS max_in_bits_per_sec, MAX( out_bytes_per_sec )* 8 AS max_out_bits_per_sec, MAX( bytes_per_sec )* 8 AS max_bits_per_sec, MIN( in_bytes_per_sec )* 8 AS min_in_bits_per_sec, MIN( out_bytes_per_sec )* 8 AS min_out_bits_per_sec, MIN( bytes_per_sec )* 8 AS min_bits_per_sec FROM( SELECT TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) AS stat_time, RATE( in_bytes, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS in_bytes_per_sec, RATE( out_bytes, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS out_bytes_per_sec, RATE( in_bytes + out_bytes, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS bytes_per_sec FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) ORDER BY stat_time ASC LIMIT ${limit}" }','System Overview-Traffic-AVG, MAX, MIN. To calculate network throughput, supports metric types "bytes" and "packets," and offers aggregation methods including "average"(avg), "maximum" (max), and "minimum" (min). Based on MAX and MIN values can reveal abnormal traffic patterns, such as peak and valley outliers.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('network-throughput-byte-per-second', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, AVG( in_bytes_per_sec) AS avg_in_bytes_per_sec, AVG( out_bytes_per_sec ) AS avg_out_bytes_per_sec, AVG( bytes_per_sec ) AS avg_bytes_per_sec, MAX( in_bytes_per_sec ) AS max_in_bytes_per_sec, MAX( out_bytes_per_sec ) AS max_out_bytes_per_sec, MAX( bytes_per_sec ) AS max_bytes_per_sec, MIN( in_bytes_per_sec ) AS min_in_bytes_per_sec, MIN( out_bytes_per_sec ) AS min_out_bytes_per_sec, MIN( bytes_per_sec ) AS min_bytes_per_sec FROM( SELECT TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) AS stat_time, RATE( in_bytes, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS in_bytes_per_sec, RATE( out_bytes, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS out_bytes_per_sec, RATE( in_bytes + out_bytes, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS bytes_per_sec FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }','System Overview-Traffic-AVG, MAX, MIN. To calculate network throughput, supports metric types "bytes" and "packets," and offers aggregation methods including "average"(avg), "maximum" (max), and "minimum" (min). Based on MAX and MIN values can reveal abnormal traffic patterns, such as peak and valley outliers.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('new-sessions-per-second', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, AVG( sessions_per_sec) AS avg_sessions_per_sec, MAX( sessions_per_sec ) AS max_sessions_per_sec, MIN( sessions_per_sec ) AS min_sessions_per_sec FROM( SELECT TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) AS stat_time, RATE( sessions, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS sessions_per_sec FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }','System Overview-New-AVG, MAX, MIN.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('active-sessions', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, AVG( active_sessions_per_sec) AS avg_active_sessions, MAX( active_sessions_per_sec ) AS max_active_sessions, MIN( active_sessions_per_sec ) AS min_active_sessions FROM( SELECT stat_time, RATE( max_active_sessions, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) active_sessions_per_sec FROM ( SELECT TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) AS stat_time, device_id, vsys_id, MAX( active_sessions ) AS max_active_sessions FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')), device_id, vsys_id ) GROUP BY stat_time ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('asymmetric-flows', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) AS stat_time, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec, round( CASE WHEN SUM(closed_sessions) = 0 THEN 0 ELSE SUM( asymmetric_c2s_flows + asymmetric_s2c_flows) * 100.0 / SUM(closed_sessions) END,2) AS percent_asymmetric_flows FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN(${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-statistics-metrics', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT COUNT(DISTINCT(device_id)) AS device_num, SUM(sum_bytes) AS total_bytes_transferred, SUM(sum_pkts) AS total_packets_transferred, SUM(sum_sessions) AS total_new_sessions , SUM(sum_closed_sessions) AS total_closed_sessions, SUM(sum_sessions)/ ${timestampdiff_second} AS avg_new_sessions_per_second, SUM(sum_bytes)* 8 / ${timestampdiff_second} AS avg_bits_per_second, SUM(sum_pkts)/ ${timestampdiff_second} AS avg_packets_per_second, SUM(avg_active_sessions) AS avg_active_sessions, round(CASE WHEN SUM(sum_closed_sessions) = 0 THEN 0 ELSE SUM(sum_asymmetric_flows) * 100.0 / SUM(sum_closed_sessions) END, 2) AS percent_asymmetric_flows FROM( SELECT device_id, vsys_id, SUM(in_bytes + out_bytes) AS sum_bytes, SUM(in_pkts + out_pkts) AS sum_pkts, SUM(sessions) AS sum_sessions, SUM(closed_sessions) AS sum_closed_sessions, AVG(active_sessions) AS avg_active_sessions, SUM(asymmetric_c2s_flows + asymmetric_s2c_flows) AS sum_asymmetric_flows FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time <''${end_time}'' AND vsys_id IN ( ${vsys_id}) AND ( ${filter} ) GROUP BY device_id, vsys_id )" }','predefined dataset for the report.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-summary-throughput', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) AS stat_time , RATE(in_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_in_bits_per_sec, RATE(out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_out_bits_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN(${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }','predefined dataset for the report.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-summary-new-sessions-per-second', 'traffic_general_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) AS stat_time, RATE(sessions, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_sessions_per_sec FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN(${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }','predefined dataset for the report.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-and-protocol-summary', 'traffic_application_protocol_stat', 'qgw', 'dsl', '{"name": "application-and-protocol-summary", "filter": "vsys_id in (${vsys_id}) AND (${filter})", "intervals": ["${start_time}/${end_time}"] }','Application and Protocol Summary');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-and-protocol-tree-composition', 'traffic_application_protocol_stat', 'qgw', 'dsl', '{"name": "application-and-protocol-tree-composition", "filter": "vsys_id in (${vsys_id}) AND (${filter})", "intervals": ["${start_time}/${end_time}"] }','application and protocol tree composition');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-and-protocol-tree-throughput', 'traffic_application_protocol_stat', 'qgw', 'dsl', '{"name": "application-and-protocol-tree-throughput", "filter": "vsys_id in (${vsys_id}) AND (protocol_stack_id = ''${protocol_stack_id}'' OR ( protocol_stack_id LIKE ''${protocol_stack_id}.%'' AND NOT CONTAINS_STRING(REPLACE(protocol_stack_id, ''${protocol_stack_id}.'', ''''), ''.''))) AND (${filter})", "intervals": ["${start_time}/${end_time}"] }','application and protocol tree throughput');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-and-protocol-top-apps', 'traffic_application_protocol_stat', 'qgw', 'dsl', '{"name": "application-and-protocol-top-apps", "filter": "vsys_id in (${vsys_id}) AND (${filter})", "intervals": ["${start_time}/${end_time}"], "limit": "${limit}" }','top apps');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-and-protocol-app-related-internal-ips', 'traffic_application_protocol_stat', 'qgw', 'dsl', '{"name": "application-and-protocol-app-related-internal-ips", "filter": "vsys_id in (${vsys_id}) AND app in (''${app_name}'') AND (${filter})", "intervals": ["${start_time}/${end_time}"], "limit": "${limit}" }','app-related internal ips');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-and-protocol-app-throughput', 'traffic_application_protocol_stat', 'qgw', 'dsl', '{"name": "application-and-protocol-app-throughput", "filter": "vsys_id in (${vsys_id}) AND app_name in (''${app_name}'') AND (${filter})", "intervals": ["${start_time}/${end_time}"], "limit": "${limit}" }','app-throughput');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-and-protocol-app-summary', 'traffic_application_protocol_stat', 'qgw', 'dsl', '{"name": "application-and-protocol-app-summary", "filter": "vsys_id in (${vsys_id}) AND app_name in (''${app_name}'') AND (${filter})", "intervals": ["${start_time}/${end_time}"] }','app summary');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('application-usage', 'traffic_application_protocol_stat', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, app_name, RATE(in_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_in_bits_per_sec, RATE(out_bytes,CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_out_bits_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec, RATE(in_pkts, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_in_pkts_per_sec, RATE(out_pkts, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_out_pkts_per_sec, RATE(in_pkts + out_pkts, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_pkts_per_sec, RATE(sessions, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_sessions_per_sec FROM application_protocol_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) AND app_name IS NOT NULL GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), app_name ORDER BY stat_time ASC LIMIT ${limit}" }','Real-time traffic sessions, bytes, and packets of favorite applications over a selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('object-statistics-list', 'object_statistics', 'qgw', 'sql', '{ "statement": "SELECT object_id, SUM( in_bytes) AS in_bytes, SUM( out_bytes ) AS out_bytes, SUM( bytes ) AS bytes, SUM( new_in_sessions ) AS new_in_sessions, SUM( new_out_sessions ) AS new_out_sessions, SUM( sessions ) AS sessions FROM object_statistics WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND object_type IN ( ''${object_type}'' ) AND object_id IN ( ${object_id} ) AND ( ${filter} ) GROUP BY object_id ORDER BY ${order_by} LIMIT ${limit}" }','A list of objects sorted by ${metric}. The ${metric} variable includes [ incoming_bytes| outgoing_bytes| bytes| new_incoming_sessions| new_outgoing_sessions| sessions].');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('object-statistics-summary', 'object_statistics', 'qgw', 'sql', '{ "statement": "SELECT SUM( in_bytes) AS in_bytes, SUM( out_bytes ) AS out_bytes, SUM( bytes ) AS bytes, SUM( new_in_sessions ) AS new_in_sessions, SUM( new_out_sessions ) AS new_out_sessions, SUM( sessions ) AS sessions FROM object_statistics WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND object_type IN ( ''${object_type}'' ) AND object_id IN (${object_id}) AND item_id IN (${item_id}) AND ( ${filter} )" }','Aggregate traffic sessions and bytes based on the objects.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('object-statistics-item-list', 'object_statistics', 'qgw', 'sql', '{ "statement": "SELECT item_id, SUM( in_bytes) AS in_bytes, SUM( out_bytes ) AS out_bytes, SUM( bytes ) AS bytes, SUM( new_in_sessions ) AS new_in_sessions, SUM( new_out_sessions ) AS new_out_sessions, SUM( sessions ) AS sessions FROM object_statistics WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND object_type IN ( ''${object_type}'' ) AND object_id IN (${object_id}) AND item_id IN (${item_id}) AND item_id > 0 AND ( ${filter} ) GROUP BY item_id ORDER BY ${order_by} LIMIT ${limit}" }','A list of items sorted by ${metric} with specific Object ID(${filters}). The ${metric} variable includes [ incoming_bytes| outgoing_bytes| bytes| new_incoming_sessions| new_outgoing_sessions| sessions].');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('object-statistics-trend', 'object_statistics', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, SUM( in_bytes ) AS in_bytes, RATE(in_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_in_bits_per_sec, SUM( out_bytes ) AS out_bytes, RATE(out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_out_bits_per_sec, SUM( bytes ) AS bytes, RATE(bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec, SUM( new_in_sessions ) AS new_in_sessions, RATE(new_in_sessions, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_new_in_sessions_per_sec, SUM( new_out_sessions ) AS new_out_sessions, RATE(new_out_sessions, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_new_out_sessions_per_sec, SUM( sessions ) AS sessions, RATE(sessions, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_sessions_per_sec FROM object_statistics WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND object_type IN ( ''${object_type}'' ) AND object_id IN (${object_id}) AND item_id IN (${item_id}) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}"}','The traffic trend by an object or item.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-policy-rule-dropped-packets', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, rule_id, SUM( in_drop_pkts + out_drop_pkts ) AS sum_dropped_packets FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), rule_id ORDER BY stat_time ASC LIMIT ${limit}" }','The dropped packets for different traffic shaping rules over a selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-policy-rule-throughput-by-rule-id', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, rule_id, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), rule_id ORDER BY stat_time ASC LIMIT ${limit}" }','The throughput of traffic shaping rule by rule id over a selected time frame');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-profile-statistics', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT profile_id, SUM( in_bytes + out_bytes ) AS bytes, SUM( in_pkts + out_pkts ) AS packets, SUM( in_drop_pkts + out_drop_pkts ) AS drops, MAX( in_max_latency_us + out_max_latency_us ) AS max_latency_us, AVG( in_queue_len + out_queue_len ) AS avg_q, MAX( in_queue_len + out_queue_len ) AS max_q FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND profile_id IN ( ${profile_id} ) AND ( ${filter} ) GROUP BY profile_id" }','The statistics of specific shaping profiles.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-policy-rule-first-and-last-hit', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, DATE_FORMAT( MAX( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS last_hit, DATE_FORMAT( MIN( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS first_hit FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The time of the first and last hit for policy rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-policy-rule-transferred-bytes', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, SUM( in_bytes + out_bytes ) AS total_bytes FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The number of transferred bytes of specific shaping rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-profile-first-and-last-hit', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT profile_id, DATE_FORMAT( max( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS last_hit, DATE_FORMAT( min( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS first_hit, SUM( in_drop_pkts + out_drop_pkts ) AS drops FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND profile_id IN ( ${profile_id} ) AND ( ${filter} ) GROUP BY profile_id" }','The time of the first and last hit for shaping profiles.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-profile-current-throughput', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT SUM( in_bytes )* 8 / 5 AS in_bps, SUM( out_bytes )* 8 / 5 AS out_bps, SUM( in_pkts )* 8 / 5 AS in_pps, SUM( out_pkts )* 8 / 5 AS out_pps, MAX( in_max_latency_us + out_max_latency_us ) AS max_latency_us, AVG( in_queue_len + out_queue_len ) AS avg_q, MAX( in_queue_len + out_queue_len ) AS max_q FROM traffic_shaping_rule_hits WHERE __time >= FROM_UNIXTIME( UNIX_TIMESTAMP( now())- 15 ) AND __time < FROM_UNIXTIME( UNIX_TIMESTAMP( now())- 10 ) AND vsys_id IN ( ${vsys_id} ) AND profile_id IN ( ${profile_id} ) AND ( ${filter} )" }','To calculate the current shaping profile hit throughput, the metrics for each appliance are averaged over a 5-second interval. Additionally, the data ingestion latency is also set at 5 seconds.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-policy-rule-throughput', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM( in_bytes ) AS in_bytes, SUM( out_bytes ) AS out_bytes FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) ORDER BY stat_time ASC LIMIT ${limit}" }','The throughput of traffic shaping rule over a selected time frame');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-shaping-profile-throughput', 'traffic_shaping_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM( in_bytes ) AS in_bytes, SUM( out_bytes ) AS out_bytes FROM traffic_shaping_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND profile_id IN ( ${profile_id} ) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) ORDER BY stat_time ASC LIMIT ${limit}" }','The throughput of traffic shaping profile over a selected time frame');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-chaining-policy-rule-throughput-by-rule-id', 'service_chaining_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, rule_id, RATE(sent_bytes + recv_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec FROM service_chaining_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), rule_id ORDER BY stat_time ASC LIMIT ${limit}" }','The throughput of the service chaining rule over a selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-chaining-policy-rule-transferred-bytes-trend', 'service_chaining_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM( sent_bytes ) AS sent_bytes, SUM( recv_bytes ) AS received_bytes FROM service_chaining_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-chaining-function-forwarder-profile-transferred-bytes-trend', 'service_chaining_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM( sent_bytes ) AS sent_bytes, SUM( recv_bytes ) AS received_bytes FROM service_chaining_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND sff_profile_id IN ( ${sff_profile_id} ) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-chaining-function-profile-transferred-bytes-trend', 'service_chaining_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM( sent_bytes ) AS sent_bytes, SUM( recv_bytes ) AS received_bytes FROM service_chaining_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND sf_profile_id IN ( ${sf_profile_id}) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-chaining-policy-rule-statistics', 'service_chaining_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, SUM(sent_bytes) as sent_bytes, SUM(recv_bytes) as received_bytes, SUM(sent_pkts) as sent_packets, SUM(recv_pkts) as received_packets FROM service_chaining_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The hit count of specific rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-chaining-function-forwarder-profile-statistics', 'service_chaining_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT sff_profile_id, SUM( sent_bytes ) AS sent_bytes, SUM( recv_bytes ) AS received_bytes, SUM( sent_pkts ) AS sent_packets, SUM( recv_pkts ) AS received_packets FROM service_chaining_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND sff_profile_id IN ( ${sff_profile_id} ) AND ( ${filter} ) GROUP BY sff_profile_id" }','The hit count of specific function forwarder profiles.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-chaining-function-profile-statistics', 'service_chaining_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT sf_profile_id, SUM( sent_bytes ) AS sent_bytes, SUM( recv_bytes ) AS received_bytes, SUM( sent_pkts ) AS sent_packets, SUM( recv_pkts ) AS received_packets FROM service_chaining_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND sf_profile_id IN ( ${sf_profile_id} ) AND ( ${filter} ) GROUP BY sf_profile_id" }','The hit count of specific function profiles.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('service-function-status-first-and-last-active-time', 'service_function_status', 'qgw', 'sql', '{ "statement": "SELECT sf_profile_id, sf_status, CASE WHEN last_active_time = 0 THEN '''' ELSE FROM_UNIXTIME(last_active_time) END AS last_active_time, CASE WHEN last_inactive_time = 0 THEN '''' ELSE FROM_UNIXTIME(last_inactive_time) END AS last_inactive_time FROM (SELECT sf_profile_id, LATEST(sf_status) as sf_status, MAX(CASE WHEN sf_status = 1 THEN UNIX_TIMESTAMP(__time) ELSE 0 END) as last_active_time, MAX(CASE WHEN sf_status = 0 THEN UNIX_TIMESTAMP(__time) ELSE 0 END) as last_inactive_time FROM service_function_status WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND sf_profile_id IN ( ${sf_profile_id} ) AND ( ${filter} ) GROUP BY sf_profile_id)" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-security-policy-rule', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id AS rule_id, SUM( hit_count ) AS hit_count, SUM( in_bytes + out_bytes ) AS bytes FROM security_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id ORDER BY ${metric} DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-policy-rule-hits-by-rule-id', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, rule_id, RATE(hit_count, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_hit_count_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec FROM security_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), rule_id ORDER BY stat_time ASC LIMIT ${limit}" }','The hit count and bytes of the favorite security policy rule over the selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-policy-rule-hits-by-action', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, (CASE WHEN action = 1 THEN ''Monitor'' WHEN action = 16 THEN ''Deny'' WHEN action = 96 THEN ''Allow'' WHEN action = 128 THEN ''Shunt'' ELSE concat(action) END ) AS action, RATE(hit_count, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_hit_count_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec, RATE(in_pkts + out_pkts, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_pkts_per_sec, SUM(hit_count) AS total_hit_count, SUM( in_bytes + out_bytes ) AS total_bytes, SUM( in_pkts + out_pkts ) AS total_packets FROM security_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), action ORDER BY stat_time ASC LIMIT ${limit}" }','The security policy rule hits count, bytes, and packets of action over the selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-security-policy-rule-with-action', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, action, SUM( hit_count ) AS hit_count, SUM( in_bytes + out_bytes ) AS bytes FROM security_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id, action ORDER BY ${metric} DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-policy-rule-statistics', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, SUM(hit_count) as hits, SUM(in_bytes + out_bytes) as bytes FROM security_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The statistics of specific rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-policy-rule-hits-trend', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM(hit_count) AS hits FROM security_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN (${rule_id}) AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) LIMIT ${limit}" }','The trend of hit count by specific rule over a period of time.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-policy-rule-hits-first-and-last-hit', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, DATE_FORMAT(MIN(__time) ,''%Y-%m-%d %H:%i:%s'') AS first_hit, DATE_FORMAT(MAX(__time) ,''%Y-%m-%d %H:%i:%s'') AS last_hit FROM security_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The time of the first and last hit for policy rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-policy-rule-current-throughput', 'security_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT SUM(in_bytes)* 8 / 5 AS in_bps, SUM(out_bytes)* 8 / 5 AS out_bps, SUM(in_bytes + out_bytes)* 8 / 5 AS total_bps FROM security_rule_hits WHERE __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-15) AND __time < FROM_UNIXTIME(UNIX_TIMESTAMP(now())-10) AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} )" }','To calculate the current security hit throughput, the metrics for each appliance are averaged over a 5-second interval. Additionally, the data ingestion latency is also set at 5 seconds.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('monitor-policy-rule-statistics', 'monitor_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, SUM(hit_count) as hits, SUM(in_bytes + out_bytes) as bytes FROM monitor_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The statistics of specific rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('monitor-policy-rule-hits-trend', 'monitor_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM(hit_count) AS hits FROM monitor_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN (${rule_id}) AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) LIMIT ${limit}" }','The trend of hit count by specific rule over some time.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('monitor-policy-rule-hits-first-and-last-hit', 'monitor_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, DATE_FORMAT(MIN(__time) ,''%Y-%m-%d %H:%i:%s'') AS first_hit, DATE_FORMAT(MAX(__time) ,''%Y-%m-%d %H:%i:%s'') AS last_hit FROM monitor_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The time of the first and last hit for policy rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('monitor-policy-rule-current-throughput', 'monitor_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT SUM(in_bytes)* 8 / 5 AS in_bps, SUM(out_bytes)* 8 / 5 AS out_bps, SUM(in_bytes + out_bytes)* 8 / 5 AS total_bps FROM monitor_rule_hits WHERE __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-15) AND __time < FROM_UNIXTIME(UNIX_TIMESTAMP(now())-10) AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} )" }','To calculate the current monitor hit throughput, the metrics for each appliance are averaged over a 5-second interval. Additionally, the data ingestion latency is also set at 5 seconds.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-proxy-policy-rule-with-manipulation-action', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id AS rule_id, sub_action AS sub_action, SUM( hit_count ) AS hit_count, SUM( in_bytes + out_bytes ) AS bytes FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND action=48 AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id, sub_action ORDER BY ${metric} DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-policy-rule-hits-by-rule-id', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, rule_id, RATE(hit_count, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_hit_count_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), rule_id ORDER BY stat_time ASC LIMIT ${limit}" }','The hit count and bytes of the favorite proxy policy rule over the selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-ssl-intercept-pinning-trend', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, AVG( CASE WHEN pinning_status = ''0'' THEN hit_count_per_sec ELSE 0 END ) AS avg_not_pinning_hit_count_per_sec, AVG( CASE WHEN pinning_status = ''1'' THEN hit_count_per_sec ELSE 0 END ) AS avg_pinning_hit_count_per_sec, AVG( CASE WHEN pinning_status = ''2'' THEN hit_count_per_sec ELSE 0 END ) AS avg_maybe_pinning_hit_count_per_sec FROM (SELECT TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')) AS stat_time, pinning_status, RATE( hit_count, SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS hit_count_per_sec FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND action = 2 AND ( ${filter} ) GROUP BY TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}'')), pinning_status ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }','Monitor SSL Pinning over the selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-ssl-intercept-pinning-statistics', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT ( CASE WHEN pinning_status = ''0'' THEN ''not_pinning_num'' WHEN pinning_status = ''1'' THEN ''pinning_num'' WHEN pinning_status = ''2'' THEN ''maybe_pinning_num'' ELSE concat( pinning_status ) END ) AS type, SUM( hit_count ) AS hits FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND action = 2 AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY pinning_status ORDER BY pinning_status" }','The statistics of Proxy SSL Intercept pinning.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-policy-rule-hits-by-action', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, (CASE WHEN action = 2 THEN ''Intercept'' WHEN action = 3 THEN ''No Intercept'' WHEN action = 48 THEN ''Manipulation'' ELSE concat(action) END ) AS action, RATE(hit_count, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_hit_count_per_sec, SUM(hit_count) AS total_hit_count FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), action ORDER BY stat_time ASC LIMIT ${limit}" }','The proxy Intercept policy hit the count of action over the selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-manipulation-policy-rule-hits-by-action', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, sub_action AS action, RATE(hit_count, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_hit_count_per_sec, SUM(hit_count) AS total_hit_count FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND action = 48 AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')), sub_action ORDER BY stat_time ASC LIMIT ${limit}" }','The proxy manipulation policy hit the count of action over the selected time frame.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-proxy-policy-rule', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, SUM( hit_count ) AS hit_count, SUM( in_bytes + out_bytes ) AS bytes FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id ORDER BY ${metric} DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-policy-rule-statistics', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, SUM( hit_count ) AS hits, SUM( in_bytes + out_bytes ) AS bytes FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id LIMIT ${limit}" }','The statistics of specific rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-policy-rule-hits-trend', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) AS stat_time, SUM( hit_count ) AS hits FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'' )) LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-policy-rule-hits-first-and-last-hit', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, DATE_FORMAT( MIN( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS first_hit, DATE_FORMAT( MAX( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS last_hit FROM proxy_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The time of the first and last hit for policy rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-policy-rule-hits-current-throughput', 'proxy_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT SUM( in_bytes )* 8 / 5 AS in_bps, SUM( out_bytes )* 8 / 5 AS out_bps, SUM( in_bytes + out_bytes )* 8 / 5 AS total_bps FROM proxy_rule_hits WHERE __time >= FROM_UNIXTIME( UNIX_TIMESTAMP( now())- 15 ) AND __time < FROM_UNIXTIME( UNIX_TIMESTAMP( now())- 10 ) AND vsys_id IN ( ${vsys_id} ) AND rule_id IN ( ${rule_id} ) AND ( ${filter} )" }','To calculate the current policy hit throughput, the metrics for each appliance are averaged over a 15-second interval. Additionally, the data ingestion latency is also set at 15 seconds.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('statistics-rule-hits-first-and-last-hit', 'statistics_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, DATE_FORMAT( min( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS first_hit, DATE_FORMAT( max( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS last_hit FROM statistics_rule_hits WHERE __time >= ''${start_time}'' AND __time <''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The time of the first and last hit for statistics policy rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('statistics-rule-statistics', 'statistics_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, sum( hit_count ) AS hits, sum( in_bytes + out_bytes ) AS bytes FROM statistics_rule_hits WHERE __time >= ''${start_time}'' AND __time <''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The statistics of specific rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('statistics-rule-hits-trend', 'statistics_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, RATE(in_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_in_bits_per_sec, RATE(out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_out_bits_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec, SUM(in_bytes) AS total_in_bytes, SUM(out_bytes) AS total_out_bytes, SUM( in_bytes + out_bytes ) AS total_bytes, RATE(hit_count, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_hit_count_per_sec, SUM(hit_count) AS total_hit_count FROM statistics_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND rule_id IN (${rule_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-protection-rule-hits-first-and-last-hit', 'dos_protection_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, DATE_FORMAT( min( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS first_hit, DATE_FORMAT( max( __time ), ''%Y-%m-%d %H:%i:%s'' ) AS last_hit FROM dos_protection_rule_hits WHERE __time >= ''${start_time}'' AND __time <''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The time of the first and last hit for the dos protection policy rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-protection-rule-statistics', 'dos_protection_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT rule_id, sum( hit_count ) AS hits, sum( in_bytes + out_bytes ) AS bytes FROM dos_protection_rule_hits WHERE __time >= ''${start_time}'' AND __time <''${end_time}'' AND rule_id IN ( ${rule_id} ) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY rule_id" }','The statistics of specific rules.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-protection-rule-hits-trend', 'dos_protection_rule_hits', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, RATE(in_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_in_bits_per_sec, RATE(out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_out_bits_per_sec, RATE(in_bytes + out_bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 AS avg_bits_per_sec, SUM(in_bytes) AS total_in_bytes, SUM(out_bytes) AS total_out_bytes, SUM( in_bytes + out_bytes ) AS total_bytes, RATE(hit_count, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_hit_count_per_sec, SUM(hit_count) AS total_hit_count FROM dos_protection_rule_hits WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN (${vsys_id}) AND rule_id IN (${rule_id}) AND (${filter}) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('statistics-rule-line-chart-template', 'statistics_rule', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time [[,RATE(${metric_in_bytes}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1)*8 AS avg_in_bits_per_sec]] [[,RATE(${metric_out_bytes}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1)*8 AS avg_out_bits_per_sec]] [[,RATE(${metric_bytes}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1)*8 AS avg_bits_per_sec]] [[,RATE(${metric_in_pkts}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_in_pkts_per_sec]] [[,RATE(${metric_out_pkts}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_out_pkts_per_sec]] [[,RATE(${metric_pkts}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_pkts_per_sec]] [[,RATE(${metric_new_c2s_flows}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_new_c2s_flows_per_sec]] [[,RATE(${metric_new_s2c_flows}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_new_s2c_flows_per_sec]] [[,RATE(${metric_new_in_sessions}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_new_in_sessions_per_sec]] [[,RATE(${metric_new_out_sessions}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_new_out_sessions_per_sec]] [[,RATE(${metric_sessions}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_sessions_per_sec]] [[,RATE(${metric_new_unestablished_sessions}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_new_unestablished_sessions_per_sec]] [[,RATE(${metric_syn_pkts}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) AS avg_syn_pkts_per_sec]] [[,APPROX_COUNT_DISTINCT_HLLD(${metric_session_identifier_sketch}) AS active_sessions]] [[,APPROX_COUNT_DISTINCT_HLLD(${metric_client_ip_sketch}) AS unique_client_ips]] [[,APPROX_COUNT_DISTINCT_HLLD(${metric_server_ip_sketch}) AS unique_server_ips]] [[,QUANTILE_HDR(${metric_in_latency_ms_sketch},0.5) AS median_tcp_in_latency_ms]] [[,QUANTILE_HDR(${metric_in_latency_ms_sketch},0.95) AS p95th_tcp_in_latency_ms]] [[,QUANTILE_HDR(${metric_in_latency_ms_sketch},0.99) AS p99th_tcp_in_latency_ms]] [[,QUANTILE_HDR(${metric_out_latency_ms_sketch},0.5) AS median_tcp_out_latency_ms]] [[,QUANTILE_HDR(${metric_out_latency_ms_sketch},0.95) AS p95th_tcp_out_latency_ms]] [[,QUANTILE_HDR(${metric_out_latency_ms_sketch},0.99) AS p99th_tcp_out_latency_ms]] [[,QUANTILE_HDR(${metric_latency_ms_sketch},0.5) AS median_tcp_latency_ms]] [[,QUANTILE_HDR(${metric_latency_ms_sketch},0.95) AS p95th_tcp_latency_ms]] [[,QUANTILE_HDR(${metric_latency_ms_sketch},0.99) AS p99th_tcp_latency_ms]] [[,QUANTILE_HDR(${metric_in_pkt_length_sketch},0.5) AS median_in_pkt_length]] [[,QUANTILE_HDR(${metric_in_pkt_length_sketch},0.95) AS p95th_in_pkt_length]] [[,QUANTILE_HDR(${metric_in_pkt_length_sketch},0.99) AS p99th_in_pkt_length]] [[,QUANTILE_HDR(${metric_out_pkt_length_sketch},0.5) AS median_out_pkt_length]] [[,QUANTILE_HDR(${metric_out_pkt_length_sketch},0.95) AS p95th_out_pkt_length]] [[,QUANTILE_HDR(${metric_out_pkt_length_sketch},0.99) AS p99th_out_pkt_length]] [[,QUANTILE_HDR(${metric_pkt_length_sketch},0.5) AS median_pkt_length]] [[,QUANTILE_HDR(${metric_pkt_length_sketch},0.95) AS p95th_pkt_length]] [[,QUANTILE_HDR(${metric_pkt_length_sketch},0.99) AS p99th_pkt_length]] FROM statistics_rule WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND rule_id = ${rule_id} AND template_id = ${template_id} AND chart_id = ${chart_id} AND version = ${version} AND ( ${filter} ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('statistics-rule-histogram-chart-template', 'statistics_rule', 'qgw', 'sql', '{ "statement": "SELECT [[PERCENTILES_HDR(${metric_in_latency_ms_sketch}) AS tcp_in_latency, QUANTILE_HDR(${metric_in_latency_ms_sketch}, 0.5) as tcp_in_latency_quantiles]] [[,PERCENTILES_HDR(${metric_out_latency_ms_sketch}) AS tcp_out_latency ,QUANTILE_HDR(${metric_out_latency_ms_sketch}, 0.5) as tcp_out_latency_quantiles]] [[,PERCENTILES_HDR(${metric_latency_ms_sketch}) AS tcp_latency ,QUANTILE_HDR(${metric_latency_ms_sketch}, 0.5) as tcp_latency_quantiles]] FROM statistics_rule WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( ${vsys_id} ) AND rule_id = ${rule_id} AND template_id = ${template_id} AND chart_id = ${chart_id} AND version = ${version} AND ( ${filter} ) LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('statistics-rule-table-or-bar-chart-template', 'statistics_rule', 'qgw', 'sql', '{ "statement": "SELECT [[${dimension_device_group} AS device_group]] [[,${dimension_client_ip} AS client_ip]] [[,${dimension_server_ip} AS server_ip]] [[,${dimension_client_asn} AS client_asn]] [[,${dimension_server_asn} AS server_asn]] [[,${dimension_client_country} AS client_country]] [[,${dimension_server_country} AS server_country]] [[,${dimension_server_fqdn} AS server_fqdn]] [[,${dimension_server_domain} AS server_domain]] [[,${dimension_application} AS application]] [[,${dimension_fqdn_category} AS fqdn_category]] [[,${dimension_client_ip_object} AS client_ip_object]] [[,${dimension_server_ip_object} AS server_ip_object]] [[,${dimension_c2s_ttl} AS c2s_ttl]] [[,${dimension_s2c_ttl} AS s2c_ttl]] [[,${dimension_c2s_link_id} AS c2s_link_id]] [[,${dimension_s2c_link_id} AS s2c_link_id]] [[,${dimension_client_port} AS client_port]] [[,${dimension_server_port} AS server_port]] [[,sum(${metric_in_bytes}) AS in_bytes]] [[,sum(${metric_out_bytes}) AS out_bytes]] [[,sum(${metric_bytes}) AS bytes]] [[,sum(${metric_in_pkts}) AS in_pkts]] [[,sum(${metric_out_pkts}) AS out_pkts]] [[,sum(${metric_pkts}) AS pkts]] [[,sum(${metric_new_c2s_flows}) AS new_c2s_flows]] [[,sum(${metric_new_s2c_flows}) AS new_s2c_flows]] [[,sum(${metric_new_in_sessions}) AS new_in_sessions]] [[,sum(${metric_new_out_sessions}) AS new_out_sessions]] [[,sum(${metric_sessions}) AS sessions]] [[,sum(${metric_new_unestablished_sessions}) AS new_unestablished_sessions]] [[,sum(${metric_syn_pkts}) AS syn_pkts]] [[,APPROX_COUNT_DISTINCT_HLLD(${metric_session_identifier_sketch}) AS active_sessions]] [[,APPROX_COUNT_DISTINCT_HLLD(${metric_client_ip_sketch}) AS unique_client_ips]] [[,APPROX_COUNT_DISTINCT_HLLD(${metric_server_ip_sketch}) AS unique_server_ips]] FROM statistics_rule WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id in (${vsys_id}) AND rule_id = ${rule_id} AND template_id = ${template_id} AND chart_id = ${chart_id} AND version = ${version} AND ( ${filter} ) GROUP BY [[${dimension_device_group}]] [[,${dimension_client_ip}]] [[,${dimension_server_ip}]] [[,${dimension_client_asn}]] [[,${dimension_server_asn}]] [[,${dimension_client_country}]] [[,${dimension_server_country}]] [[,${dimension_server_fqdn}]] [[,${dimension_server_domain}]] [[,${dimension_application}]] [[,${dimension_fqdn_category}]] [[,${dimension_client_ip_object}]] [[,${dimension_server_ip_object}]] [[,${dimension_c2s_ttl}]] [[,${dimension_s2c_ttl}]] [[,${dimension_c2s_link_id}]] [[,${dimension_s2c_link_id}]] [[,${dimension_client_port}]] [[,${dimension_server_port}]] ORDER BY ${order_by} LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-client-ip', 'top_client_ips', 'qgw', 'sql', '{ "statement": "SELECT client_ip AS client_ip, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_client_ips WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY client_ip ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the client''s IP address. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-server-ip', 'top_server_ips', 'qgw', 'sql', '{ "statement": "SELECT server_ip AS server_ip, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_server_ips WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY server_ip ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the server IP address. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-internal-ip', 'top_internal_ips', 'qgw', 'sql', '{ "statement": "SELECT internal_ip AS internal_ip, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_internal_ips WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY internal_ip ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the internal IP address. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-external-ip', 'top_external_ips', 'qgw', 'sql', '{ "statement": "SELECT external_ip AS external_ip, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_external_ips WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY external_ip ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the external IP address. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-server-domain', 'top_server_domains', 'qgw', 'sql', '{ "statement": "SELECT server_domain, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_server_domains WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY server_domain ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the server domains. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-server-fqdn', 'top_server_fqdns', 'qgw', 'sql', '{ "statement": "SELECT server_fqdn, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_server_fqdns WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY server_fqdn ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the server FQDNs. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-client-country', 'top_client_countries', 'qgw', 'sql', '{ "statement": "SELECT client_country AS client_country, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_client_countries WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY client_country ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the client''s country or region. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-server-country', 'top_server_countries', 'qgw', 'sql', '{ "statement": "SELECT server_country AS server_country, SUM( sessions) AS sessions, SUM( out_bytes ) AS out_bytes, SUM( in_bytes ) AS in_bytes, SUM( bytes ) AS bytes, SUM( out_pkts ) AS out_packets, SUM( in_pkts ) AS in_packets, SUM( pkts ) AS packets FROM top_server_countries WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND rank_by=''${metric}'' AND ( ${filter} ) GROUP BY server_country ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the server''s country or region. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-application', 'application_protocol_stat', 'qgw', 'sql', '{ "statement": "SELECT app_name, SUM( sessions) AS sessions, SUM( in_bytes ) AS in_bytes, SUM( out_bytes ) AS out_bytes, SUM( in_bytes + out_bytes ) AS bytes, SUM( in_pkts ) AS in_packets, SUM( out_pkts ) AS out_packets, SUM( in_pkts + out_pkts ) AS packets FROM application_protocol_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN( ${vsys_id} ) AND app_name IS NOT NULL AND ( ${filter} ) GROUP BY app_name ORDER BY ${metric} DESC LIMIT ${limit}" }','Aggregate traffic sessions, bytes, and packets based on the applications. The ${metric} variable includes three options: sessions, bytes, and packets.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('session-record-list', 'session_record', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter}) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('session-record-count', 'session_record', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('session-record-timeline', 'session_record', 'qgw', 'sql', '{ "statement": "select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, decoded_as as type, COUNT(1) as sessions, SUM(sent_bytes + received_bytes) as bytes, SUM(sent_pkts + received_pkts) as packets FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter}) GROUP BY stat_time, decoded_as" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('transaction-record-list', 'transaction_record', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM transaction_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter}) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('transaction-record-count', 'transaction_record', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM transaction_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-event-list', 'security_event', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM security_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter}) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-event-count', 'security_event', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM security_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('security-event-timeline', 'security_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, security_action as type, COUNT(1) as sessions, SUM(sent_bytes + received_bytes) as bytes, SUM(sent_pkts + received_pkts) as packets FROM security_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND notEmpty(security_action) AND ( ${filter}) group by stat_time, security_action order by stat_time asc" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('monitor-event-list', 'monitor_event', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM monitor_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND (${filter}) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('monitor-event-count', 'monitor_event', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM monitor_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND (${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('monitor-event-timeline', 'monitor_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'')) AS stat_time, COUNT(1) as sessions FROM monitor_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND (${filter}) GROUP BY stat_time" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-event-intercept-list', 'session_record', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND notEmpty(proxy_action) AND ( ${filter}) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-event-intercept-count', 'session_record', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND notEmpty(proxy_action) AND ( ${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-event-intercept-timeline', 'session_record', 'qgw', 'sql', '{ "statement": "select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, decoded_as as type, COUNT(1) as sessions, SUM(sent_bytes + received_bytes) as bytes, SUM(sent_pkts + received_pkts) as packets FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND notEmpty(proxy_action) AND ( ${filter}) GROUP BY stat_time, decoded_as" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-event-manipulation-list', 'proxy_event', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM proxy_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id in (${vsys_id}) AND ( ${filter} ) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-event-manipulation-count', 'proxy_event', 'qgw', 'sql', '{ "statement": "SELECT COUNT(1) as count FROM proxy_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id in (${vsys_id}) AND ( ${filter} )" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('proxy-event-manipulation-timeline', 'proxy_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, proxy_action as type, COUNT(1) as events FROM proxy_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND notEmpty(proxy_action) AND ( ${filter} ) GROUP BY stat_time, proxy_action ORDER BY stat_time asc" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('voip-record-list', 'voip_record', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM voip_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id in(${vsys_id}) AND ( ${filter}) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('voip-record-count', 'voip_record', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM voip_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id in(${vsys_id}) AND ( ${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('voip-record-timeline', 'voip_record', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, decoded_as as type, COUNT(1) as count FROM voip_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND ( ${filter}) GROUP BY stat_time,decoded_as ORDER BY stat_time asc" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-top-source-countries', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT arrayJoin(splitByString('','',source_country_list)) AS source_country, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND notEmpty(source_country_list) AND vsys_id IN ( ${vsys_id} ) AND ( ${filter} ) GROUP BY arrayJoin(splitByString('','',source_country_list)) ORDER BY count DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-top-destination-countries', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT destination_country, COUNT(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY destination_country ORDER BY count DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-top-victims', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT destination_ip, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY destination_ip ORDER BY count DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-type', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT attack_type, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY attack_type ORDER BY attack_type LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-severity', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT severity, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY severity ORDER BY severity LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-destination-ip-distribution', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT destination_ip, any(destination_country) AS destination_country, groupUniqArray(arrayJoin(splitByString('','', source_country_list))) AS source_coutries, MAX(bit_rate) AS max_bit_rate, MAX(packet_rate) AS max_packet_rate, MAX(session_rate) AS max_session_rate, FROM_UNIXTIME(MIN(start_time)) AS first_active_time, FROM_UNIXTIME(MAX(end_time)) AS last_active_time, MAX_DURATION(end_time, 600) AS max_duration, groupUniqArray(attack_type) AS attack_type, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY destination_ip ORDER BY count DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-connection', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(recv_time) AS stat_time, destination_country, source_country_list, attack_type, severity, bit_rate, bytes, packet_rate, packets, session_rate, sessions FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND (${filter}) ORDER BY recv_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-volume-summary', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT RATE(bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 as avg_bits_per_sec FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND (${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-volume-trend', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, RATE(bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 as avg_bits_per_sec FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY stat_time ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-event-timeline', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, attack_type AS type, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY stat_time, attack_type ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-event-count', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} )" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-event-list', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) ORDER BY recv_time DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('datapath-telemetry-record-count', 'datapath_telemetry_record', 'qgw', 'sql', '{ "statement": "SELECT count(1) as count FROM datapath_telemetry_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id in(${vsys_id}) AND ( ${filter})" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('datapath-telemetry-record-list', 'datapath_telemetry_record', 'qgw', 'sql', '{ "statement": "SELECT ${columns} FROM datapath_telemetry_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN(${vsys_id}) AND (${filter}) ORDER BY timestamp_us ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('datapath-telemetry-packet-combine', 'datapath_telemetry_record', 'qgw', 'dsl', '{"id":"${job_id}","name":"datapath_telemetry_packet_combine","data_source":"datapath_telemetry_record","filter":"job_id=''${job_id}'' AND vsys_id in (${vsys_id}) AND (${filter})"}',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-discovery', 'statistics', 'qgw', 'dsl', '{ "name": "field_discovery", "data_source": "${source}", "filter": "vsys_id in (${vsys_id}) AND (${filter})", "custom.field_discovery.metric": "${metric}", "custom.field_discovery.metric.fn": "${fn}", "custom.field_discovery.fields": ["${field_list}"] }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-top-values', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT ${column_name}, count(*) as cnt FROM ${source} where recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY ${column_name} ORDER BY cnt DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-rare-values', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT ${column_name}, count(*) as cnt FROM ${source} where recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY ${column_name} ORDER BY cnt ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-avg-value-over-time', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT TIME_FLOOR_WITH_FILL(${unix_timestamp_column}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'') AS stat_time, avg(${column_name_long}) FROM ${source} WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY TIME_FLOOR_WITH_FILL(${unix_timestamp_column}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'') ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-max-value-over-time', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT TIME_FLOOR_WITH_FILL(${unix_timestamp_column}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'') AS stat_time, max(${column_name_long}) FROM ${source} WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY TIME_FLOOR_WITH_FILL(${unix_timestamp_column}, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'') ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-min-value-over-time', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') AS stat_time, min(${column_name_long}) FROM ${source} WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-median-value-over-time', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') AS stat_time, MEDIAN(${column_name_long}) FROM ${source} WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-p95-value-over-time', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') AS stat_time, QUANTILE(${column_name_long},0.95) FROM ${source} WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-p99-value-over-time', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') AS stat_time, QUANTILE(${column_name_long},0.99) FROM ${source} WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY TIME_FLOOR_WITH_FILL(${unix_timestamp_column},CHART_GRANULARITY(''${start_time}'', ''${end_time}''),''zero'') ORDER BY stat_time ASC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-top-frequent-elements-in-array', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT item as ${column_name_array}, sum(cnt) as cnt FROM( SELECT arrayJoin(items) as item, cnt FROM ( SELECT IF(empty(${column_name_array}), arrayPushBack(${column_name_array}, NULL), ${column_name_array}) as items, count(*) as cnt FROM ${source} as source where recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY ${column_name_array})) GROUP BY item ORDER BY cnt DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-top-frequent-elements-in-string-of-array', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT item as ${column_name_string}, sum(cnt) as cnt FROM( SELECT arrayJoin(items) as item, cnt FROM ( SELECT splitByString(''${separator}'',${column_name_string}) as items, count(*) as cnt FROM ${source} as source where recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} AND notEmpty(${column_name_string}) GROUP BY ${column_name_string})) GROUP BY item ORDER BY cnt DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('field-statistics-top-frequent-elements-in-long-of-bit', 'statistics', 'qgw', 'sql', '{ "statement":"SELECT item as ${column_name_long}, sum(cnt) as cnt FROM( SELECT arrayJoin(items) as item, cnt FROM ( SELECT bitmaskToArray(${column_name_long}) as items, count(*) as cnt FROM ${source} as source where recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND ${filter} GROUP BY ${column_name_long})) GROUP BY item ORDER BY cnt DESC LIMIT ${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('ip-learning-fqdn-relate-ip', 'ip_learning', 'qgw', 'dsl', '{ "name": "ip-learning-fqdn-relate-ip", "data_source":"ip_learnging_view", "filter": "vsys_id in(${vsys_id}) AND (${filter})", "intervals": ["${start_time}/${end_time}"], "limit": "${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('ip-learning-active-ip', 'ip_learning', 'qgw', 'dsl', '{ "name": "ip-learning-active-ip", "data_source":"active_ip_view", "filter": "vsys_id in(${vsys_id}) AND (${filter})", "intervals": ["${start_time}/${end_time}"], "order_by": "${order_by}", "limit": "${limit}" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-frequent-elements-in-long-of-bit', 'benchmark', 'qgw', 'sql', '{ "statement": "select item,sum(count) as count from( select arrayJoin(items) as item, count from ( select bitmaskToArray(flags) as items,count(*) as count from session_record as sr where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') group by flags)) group by item order by count desc", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-frequent-elements-in-flags-with-label', 'benchmark', 'qgw', 'sql', '{ "statement": "select flag, sum(sessions) as sessions from( select arrayJoin(array( if(bitAnd(flags, 1)= 1, ''Asymmetric'', ''''), if(bitAnd(flags, 2)= 2, ''Bulky'', ''''), if(bitAnd(flags, 4)= 4, ''CBR Streaming'', ''''), if(bitAnd(flags, 8)= 8, ''Client is Local'', ''''), if(bitAnd(flags, 16)= 16, ''Server is Local'', ''''), if(bitAnd(flags, 32)= 32, ''Download'', ''''), if(bitAnd(flags, 64)= 64, ''Interactive'', ''''), if(bitAnd(flags, 128)= 128, ''Inbound'', ''''), if(bitAnd(flags, 256)= 256, ''Outbound'', ''''), if(bitAnd(flags, 512)= 512, ''Pseudo Unidirectional'', ''''), if(bitAnd(flags, 1024)= 1024, ''Streaming'', ''''), if(bitAnd(flags, 2048)= 2048, ''Unidirectional'', ''''), if(bitAnd(flags, 4096)= 4096, ''Random looking'', ''''), if(bitAnd(flags, 8192)= 8192, ''C2S'', ''''), if(bitAnd(flags, 16384)= 16384, ''S2C'', ''''), if(bitAnd(flags, 32768)= 32768, ''Bidirectional'', ''''), if(flags=0, ''N/A'', ''''))) as flag , bytes, packets, sessions from ( select flags, count(*) as sessions, sum(sent_bytes + received_bytes) as bytes, sum(sent_pkts + received_pkts) as packets from session_record as sr where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') group by flags ) ) where notEmpty(flag) group by flag order by sessions desc", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-frequent-elements-in-string-of-array', 'benchmark', 'qgw', 'sql', '{ "statement": "select item, sum(count) as count from( select arrayJoin(items) as item, count from ( select splitByString(''.'',decoded_path) as items, count(*) as count from session_record as sr where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(decoded_path) group by decoded_path)) group by item order by count desc limit 10", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-frequent-elements-in-array-use-sub-query', 'benchmark', 'qgw', 'sql', '{ "statement": "select item, sum(count) as count,sum(bytes) from( select arrayJoin(items) as item, count, bytes from ( select monitor_rule_list as items, count(*) as count,sum(sent_bytes+received_bytes) as bytes from session_record as sr where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(monitor_rule_list) group by monitor_rule_list)) group by item order by count desc limit 20", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-frequent-elements-in-array', 'benchmark', 'qgw', 'sql', '{ "statement": "select arrayJoin(monitor_rule_list) as item, count(*) as count,sum(sent_bytes+received_bytes) as bytes from session_record as sr where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(monitor_rule_list) group by arrayJoin(monitor_rule_list) order by count desc limit 20", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('nested-json-parser-by-app-id', 'benchmark', 'qgw', 'sql', '{ "statement": "select app_debug_info, JSONExtract(app_debug_info, ''Tuple(UNKNOWN Nested(app_name String, app_id UInt32),THIRD Nested(app_name String, app_id UInt32),USER_DEFINE Nested(app_name String, app_id UInt32))'') as parsed_json, tupleElement(tupleElement(parsed_json,''THIRD''),''app_name'') THIRD_app_name, tupleElement(tupleElement(parsed_json,''USER_DEFINE''),''app_name'') USER_DEFINE_app_name from session_record sr where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(app_debug_info) and has(THIRD_app_name,''ssl'') group by app_debug_info", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('log-summary', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(tcp_logs / logs,4) as \\"TCP Percentage\\", round(udp_logs / logs,4) as \\"UDP Percentage\\", round(out_bytes / bytes,4) as \\"Outgoing Percentage\\", round(in_bytes / bytes,4) as \\"Incoming Percentage\\", formatReadableQuantity(tcp_logs) as \\"TCP Logs\\", formatReadableQuantity(udp_logs) as \\"UDP Logs\\", formatReadableQuantity(logs) as \\"Logs\\", formatReadableSize(out_bytes) as \\"Outgoing Bytes\\", formatReadableSize(in_bytes) as \\"Incoming Bytes\\", formatReadableSize(bytes) as \\"Bytes\\" from( select sum(if(ip_protocol=''tcp'', 1, 0)) as tcp_logs, sum(if(ip_protocol=''udp'', 1, 0)) as udp_logs, sum(if(bitAnd(flags, 8) = 8, sent_bytes, received_bytes))as out_bytes, sum(if(bitAnd(flags, 8) = 8, received_bytes, sent_bytes)) as in_bytes, count(*) as logs, sum(sent_bytes + received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}''))" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('decoded-as', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(base_logs / total_logs, 4) as \\"BASE Percentage\\", round(http_logs / total_logs, 4) as \\"HTTP Percentage\\", round(ssl_logs / total_logs, 4) as \\"SSL Percentage\\", round(dns_logs / total_logs, 4) as \\"DNS Percentage\\", round(mail_logs / total_logs, 4) as \\"MAIL Percentage\\", round(rtp_logs / total_logs, 4) as \\"RTP Percentage\\", round(sip_logs / total_logs, 4) as \\"SIP Percentage\\", round(ftp_logs / total_logs, 4) as \\"FTP Percentage\\", base_logs as \\"BASE Logs\\", http_logs as \\"HTTP Logs\\", ssl_logs as \\"SSL Logs\\", dns_logs as \\"DNS Logs\\", mail_logs as \\"MAIL Logs\\", rtp_logs as \\"RTP Logs\\", sip_logs as \\"SIP Logs\\", ftp_logs as \\"FTP Logs\\", total_logs as \\"Total Logs\\" from( select sum(if(decoded_as=''BASE'', 1, 0)) as base_logs, sum(if(decoded_as=''HTTP'', 1, 0)) as http_logs, sum(if(decoded_as=''SSL'', 1, 0)) as ssl_logs, sum(if(decoded_as=''DNS'', 1, 0)) as dns_logs, sum(if(decoded_as=''MAIL'', 1, 0)) as mail_logs, sum(if(decoded_as=''RTP'', 1, 0)) as rtp_logs, sum(if(decoded_as=''SIP'', 1, 0)) as sip_logs, sum(if(decoded_as=''FTP'', 1, 0)) as ftp_logs, count(*) as total_logs from session_record as sub_connection where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}''))" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('endpoints', 'benchmark', 'qgw', 'sql', '{ "statement" : "select uniq(client_ip) as \\"Client IPs\\", uniq(server_ip) as \\"Server IPs\\", uniq(server_domain) as \\"Domains\\", uniq(http_host) as \\"Hosts\\", uniq(ssl_sni) as \\"SNIs\\" , uniq(client_ip, server_ip) as \\"Client and Server IPs\\" from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'')" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('endpoints-of-tcp', 'benchmark', 'qgw', 'sql', '{ "statement" : "select uniq(client_ip) as \\"Client IPs\\", uniq(server_ip) as \\"Server IPs\\", uniq(server_domain) as \\"Domains\\", uniq(http_host) as \\"Hosts\\", uniq(ssl_sni) as \\"SNIs\\" , uniq(client_ip, server_ip) as \\"Client and Server IPs\\" from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and ip_protocol =''tcp''" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('endpoints-of-udp', 'benchmark', 'qgw', 'sql', '{ "statement" : "select uniq(client_ip) as \\"Client IPs\\", uniq(server_ip) as \\"Server IPs\\", uniq(server_domain) as \\"Domains\\", uniq(http_host) as \\"Hosts\\", uniq(ssl_sni) as \\"SNIs\\" , uniq(client_ip, server_ip) as \\"Client and Server IPs\\" from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and ip_protocol =''udp''" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('tcp-percentile-distribution-bytes', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(QUANTILE(bytes,0.9999),2) as p9999, round(QUANTILE(bytes,0.999),2) as p999, round(QUANTILE(bytes,0.996),2) as p996, round(QUANTILE(bytes,0.995),2) as p995, round(QUANTILE(bytes,0.99),2) as p99, round(QUANTILE(bytes,0.98),2) as p98, round(QUANTILE(bytes,0.96),2) as p96, round(QUANTILE(bytes,0.95),2) as p95, round(QUANTILE(bytes,0.92),2) as p92, round(QUANTILE(bytes,0.90),2) as p90, round(QUANTILE(bytes,0.89),2) as p89, round(QUANTILE(bytes,0.88),2) as p88, round(median(bytes),2) as p50 from( select server_ip, sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) group by server_ip)" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('tcp-percentile-distribution-sessions', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(QUANTILE(sessions,0.9999),2) as p9999, round(QUANTILE(sessions,0.999),2) as p999, round(QUANTILE(sessions,0.996),2) as p996, round(QUANTILE(sessions,0.995),2) as p995, round(QUANTILE(sessions,0.99),2) as p99, round(QUANTILE(sessions,0.98),2) as p98, round(QUANTILE(sessions,0.96),2) as p96, round(QUANTILE(sessions,0.95),2) as p95, round(QUANTILE(sessions,0.92),2) as p92, round(QUANTILE(sessions,0.90),2) as p90, round(QUANTILE(sessions,0.89),2) as p89, round(QUANTILE(sessions,0.88),2) as p88, round(median(sessions),2) as p50 from( select server_ip, count(1) as sessions from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) group by server_ip)" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('udp(53,443)-percentile-distribution-bytes', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(QUANTILE(bytes,0.9999),2) as p9999, round(QUANTILE(bytes,0.999),2) as p999, round(QUANTILE(bytes,0.996),2) as p996, round(QUANTILE(bytes,0.995),2) as p995, round(QUANTILE(bytes,0.99),2) as p99, round(QUANTILE(bytes,0.98),2) as p98, round(QUANTILE(bytes,0.96),2) as p96, round(QUANTILE(bytes,0.95),2) as p95, round(QUANTILE(bytes,0.92),2) as p92, round(QUANTILE(bytes,0.90),2) as p90, round(QUANTILE(bytes,0.89),2) as p89, round(QUANTILE(bytes,0.88),2) as p88, round(median(bytes),2) as p50 from( select server_ip, sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and ip_protocol in (''udp'') and server_port in (53,443) group by server_ip)" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('udp(53,443)-percentile-distribution-sessions', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(QUANTILE(sessions,0.9999),2) as p9999, round(QUANTILE(sessions,0.999),2) as p999, round(QUANTILE(sessions,0.996),2) as p996, round(QUANTILE(sessions,0.995),2) as p995, round(QUANTILE(sessions,0.99),2) as p99, round(QUANTILE(sessions,0.98),2) as p98, round(QUANTILE(sessions,0.96),2) as p96, round(QUANTILE(sessions,0.95),2) as p95, round(QUANTILE(sessions,0.92),2) as p92, round(QUANTILE(sessions,0.90),2) as p90, round(QUANTILE(sessions,0.89),2) as p89, round(QUANTILE(sessions,0.88),2) as p88, round(median(sessions),2) as p50 from( select server_ip, count(*) as sessions from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and ip_protocol in (''udp'') and server_port in (53,443) group by server_ip)" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('tcp-percentile-distribution-of-server-ip-relate-uniq-cip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(QUANTILE(client_ips,0.9999),2) as p9999, round(QUANTILE(client_ips,0.999),2) as p999, round(QUANTILE(client_ips,0.996),2) as p996, round(QUANTILE(client_ips,0.995),2) as p995, round(QUANTILE(client_ips,0.99),2) as p99, round(QUANTILE(client_ips,0.98),2) as p98, round(QUANTILE(client_ips,0.96),2) as p96, round(QUANTILE(client_ips,0.95),2) as p95, round(QUANTILE(client_ips,0.92),2) as p92, round(QUANTILE(client_ips,0.90),2) as p90, round(QUANTILE(client_ips,0.89),2) as p89, round(QUANTILE(client_ips,0.88),2) as p88, round(median(client_ips),2) as p50 from( select server_ip, uniq(client_ip) as client_ips from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) group by server_ip)" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('udp-percentile-distribution-of-server-ip-relate-uniq-cip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(QUANTILE(client_ips,0.9999),2) as p9999, round(QUANTILE(client_ips,0.999),2) as p999, round(QUANTILE(client_ips,0.996),2) as p996, round(QUANTILE(client_ips,0.995),2) as p995, round(QUANTILE(client_ips,0.99),2) as p99, round(QUANTILE(client_ips,0.98),2) as p98, round(QUANTILE(client_ips,0.96),2) as p96, round(QUANTILE(client_ips,0.95),2) as p95, round(QUANTILE(client_ips,0.92),2) as p92, round(QUANTILE(client_ips,0.90),2) as p90, round(QUANTILE(client_ips,0.89),2) as p89, round(QUANTILE(client_ips,0.88),2) as p88, round(median(client_ips),2) as p50 from( select server_ip, uniq(client_ip) as client_ips from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp'')) group by server_ip)" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('tcp-session-percent-of-top-100-server-ip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select sum(sessions) sessions, count(*) as server_ips,( select count(*) from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp''))) as total_sessions, round(sessions / total_sessions, 6) as percent_sessions_to_total from ( SELECT server_ip, count(*) AS sessions FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) GROUP BY server_ip order by sessions desc limit 100 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('udp-session-percent-of-top-100-server-ip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select sum(sessions) sessions, count(*) as server_ips,( select count(*) from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp''))) as total_sessions, round(sessions / total_sessions, 6) as percent_sessions_to_total from ( SELECT server_ip, count(*) AS sessions FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp'')) GROUP BY server_ip order by sessions desc limit 100 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('tcp-byte-percent-of-top-100-server-ip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select sum(bytes) as bytes, count(*) as server_ips,( select sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp''))) as total_bytes, round(bytes / total_bytes, 6) as percent_bytes_to_total from ( SELECT server_ip, sum(sent_bytes+received_bytes) as bytes FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) GROUP BY server_ip order by bytes desc limit 100 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('udp-byte-percent-of-top-100-server-ip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select sum(bytes) as bytes, count(*) as server_ips,( select sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp''))) as total_bytes, round(bytes / total_bytes, 6) as percent_bytes_to_total from ( SELECT server_ip, sum(sent_bytes+received_bytes) as bytes FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp'')) GROUP BY server_ip order by bytes desc limit 100 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('tcp-client-ip-and-traffic-percent-of-top-100-server-ip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select uniq(client_ip) as client_ips, count(*) as sessions,( select uniq(client_ip) as total_client_ips from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp''))) as total_client_ips, round(client_ips / total_client_ips,6) as percent_client_ips_to_total, ( select count(*) as total_sessions from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) ) as total_sessions, round(sessions / total_sessions,6) as percent_sessions_to_total, sum(sent_bytes+received_bytes) as bytes, ( select sum(sent_bytes+received_bytes) as total_bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) ) as total_bytes, round(bytes / total_bytes,6) as percent_bytes_to_total FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) and server_ip in ( SELECT server_ip FROM session_record as cc WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''tcp'')) GROUP BY server_ip order by uniq(server_ip) desc limit 10 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('udp-client-ip-and-traffic-percent-of-top-100-Server-ip', 'benchmark', 'qgw', 'sql', '{ "statement" : "select uniq(client_ip) as client_ips, count(*) as sessions,( select uniq(client_ip) as total_client_ips from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp''))) as total_client_ips, round(client_ips / total_client_ips,6) as percent_client_ips_to_total, ( select count(*) as total_sessions from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp'')) ) as total_sessions, round(sessions / total_sessions,6) as percent_sessions_to_total, sum(sent_bytes+received_bytes) as bytes, ( select sum(sent_bytes+received_bytes) as total_bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp'')) ) as total_bytes, round(bytes / total_bytes,6) as percent_bytes_to_total FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp'')) and server_ip in ( SELECT server_ip FROM session_record as cc WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') AND (ip_protocol IN (''udp'')) GROUP BY server_ip order by uniq(server_ip) desc limit 10 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('session-percent-of-top-100-sni', 'benchmark', 'qgw', 'sql', '{ "statement" : "select sum(sessions) sessions, count(*) as ssl_snis,( select count(*) from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(ssl_sni)) as total_sessions, round(sessions / total_sessions, 6) as percent_sessions_to_total from ( SELECT ssl_sni, count(*) AS sessions FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(ssl_sni) GROUP BY ssl_sni order by sessions desc limit 100 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('byte-percent-of-top-100-sni', 'benchmark', 'qgw', 'sql', '{ "statement" : "select sum(bytes) as bytes, count(*) as ssl_snis,( select sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(ssl_sni)) as total_bytes, round(bytes / total_bytes, 6) as percent_bytes_to_total from ( SELECT ssl_sni, sum(sent_bytes+received_bytes) as bytes FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(ssl_sni) GROUP BY ssl_sni order by bytes desc limit 100 )" , "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-10-client-ip-with-others', 'benchmark', 'qgw', 'sql', '{ "statement": "SELECT client_ip, sum(sent_bytes + received_bytes) as bytes from session_record sr1 where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') group by client_ip order by bytes desc limit 10 union all select null, sum(sent_bytes + received_bytes) as bytes from session_record sr2 where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and sr2.client_ip not in(select client_ip from session_record sr where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') group by client_ip order by sum(sent_bytes + received_bytes) desc limit 10)", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('app-bitrate-per-server-ip', 'benchmark', 'qgw', 'sql', '{ "statement" : "SELECT app, round(median(traffic_bytes) * 8 / 1000 / 1000 / 300,2) AS \\"Medain Mbits/s\\", round(avg(traffic_bytes) * 8 / 1000 / 1000 / 300,2) AS \\"AVG Mbits / s\\", round(QUANTILE(traffic_bytes, 0.95) * 8 / 1000 / 1000 / 300,2) as \\"P95 Mbits / s\\" FROM( SELECT app, toDateTime(intDiv(toUInt32(toDateTime(toDateTime(recv_time))),300) * 300) as stat_time, round(sum(sent_bytes + received_bytes)/ uniq(server_ip),2) as traffic_bytes FROM session_record as ss WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') GROUP BY stat_time, app) group by app order by \\"AVG Mbits / s\\" desc", "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('http-url-length-distribution', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(max(url_length),2) as max, round(QUANTILE(url_length,0.9999),2) as p9999, round(QUANTILE(url_length,0.99),2) as p99, round(QUANTILE(url_length,0.95),2) as p95, round(QUANTILE(url_length,0.90),2) as p90, round(median(url_length),2) as p50 from(select length(http_url) as url_length from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and decoded_as=''HTTP'')", "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dns-rr-length-distribution', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(max(rr_length),2) as max, round(QUANTILE(rr_length,0.9999),2) as p9999, round(QUANTILE(rr_length,0.99),2) as p99, round(QUANTILE(rr_length,0.95),2) as p95, round(QUANTILE(rr_length,0.90),2) as p90, round(median(rr_length),2) as p50 from(select length(dns_rr) as rr_length from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and decoded_as=''DNS'')", "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('ssl-san-length-distribution', 'benchmark', 'qgw', 'sql', '{ "statement" : "select round(max(san_length),2) as max, round(QUANTILE(san_length,0.9999),2) as p9999, round(QUANTILE(san_length,0.99),2) as p99, round(QUANTILE(san_length,0.95),2) as p95, round(QUANTILE(san_length,0.90),2) as p90, round(median(san_length),2) as p50 from(select length(ssl_san) as san_length from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and decoded_as=''SSL'')", "output_mode":"json", "execution_mode":"oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('averages-usage-analysis', 'benchmark', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL ( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}''))) AS stat_time, sum( in_bytes + out_bytes )* 8 / 1800 / 1000 / 1000 AS normal_rate_mbps, sum( in_bytes + out_bytes )/ count(DISTINCT (TIME_FLOOR_WITH_FILL ( UNIX_TIMESTAMP( __time ), SAMPLE_GRANULARITY(''${start_time}'', ''${end_time}''))))* 8 / 15 / 1000 / 1000 AS usage_rate_mbps FROM traffic_general_stat WHERE __time >= ''${start_time}'' AND __time < ''${end_time}'' AND vsys_id IN ( 1 ) GROUP BY TIME_FLOOR_WITH_FILL ( UNIX_TIMESTAMP( __time ), CHART_GRANULARITY(''${start_time}'', ''${end_time}'')) ORDER BY stat_time ASC", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('top-100-slowest-domains', 'benchmark', 'qgw', 'sql', '{ "statement": "select server_domain as domain, round(avg(tcp_rtt_ms),0) avg_rtt_latency_ms from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') and notEmpty(server_domain) group by server_domain order by avg_rtt_latency_ms desc limit 100", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('duplicate-logs-assessment', 'benchmark', 'qgw', 'sql', '{ "statement": "select ''Session Records'' as type, count(*) as num from(select log_id,count(*) as num from session_record where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') group by log_id having num >1) union all select ''Proxy Events'' as type, count(*) as num from (select log_id,count(*) as num from proxy_event where recv_time >= UNIX_TIMESTAMP(''${start_time}'') and recv_time <UNIX_TIMESTAMP(''${end_time}'') group by log_id having num >1)", "execution_mode": "oneshot" }',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-spectrum-summary', 'traffic_sketch_metric', 'qgw', 'dsl', '{"name":"traffic-spectrum-summary","filter":"vsys_id in (${vsys_id}) AND (${filter})","intervals":["${start_time}/${end_time}"]}',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-spectrum-unique-client-and-server-ips', 'traffic_sketch_metric', 'qgw', 'dsl', '{"name":"traffic-spectrum-unique-client-and-server-ips","filter":"vsys_id in (${vsys_id}) AND (${filter})","intervals":["${start_time}/${end_time}"]}',null);
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-spectrum-app-distribution', 'traffic_sketch_metric', 'qgw', 'dsl', '{"name":"traffic-spectrum-app-distribution","filter":"app in (''${app}'') AND vsys_id in (${vsys_id}) AND (${filter})","intervals":["${start_time}/${end_time}"]}','The traffic usage of specified applications. Include the Top Server IP and Top Server Domain. ');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-spectrum-client-ip-connect-application-usage', 'traffic_sketch_metric', 'qgw', 'dsl', '{"name":"traffic-spectrum-client-ip-connect-application-usage","filter":"vsys_id in (${vsys_id}) AND (${filter})","intervals":["${start_time}/${end_time}"]}','The traffic usage of Internal Client IP to external application and External Client IP to Internal Application.');
INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('traffic-spectrum-network-throughput-trend', 'traffic_sketch_metric', 'qgw', 'dsl', '{"name":"traffic-spectrum-network-throughput-trend","filter":"vsys_id in (${vsys_id}) AND (${filter})","intervals":["${start_time}/${end_time}"]}',null);
COMMIT;
SET FOREIGN_KEY_CHECKS = 1;

28
tsg_olap/installation/mariadb/galaxy-qgw-service/V23.12__init_saved_query_job.sql Normal file
View File

@@ -0,0 +1,28 @@
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for saved_query_job
-- ----------------------------
CREATE TABLE IF NOT EXISTS `saved_query_job` (
`job_id` varchar(128) NOT NULL COMMENT 'Job unique identifier',
`query_sql` text NOT NULL COMMENT 'Query SQL',
`state` varchar(16) NOT NULL COMMENT 'Enums: PENDING or RUNNING or DONE',
`done_progress` float(3, 2) NOT NULL DEFAULT 0 COMMENT 'Progress: 0 - 1.0',
`is_failed` int(2) NOT NULL DEFAULT 0 COMMENT 'Failed or not',
`result_message` varchar(2000) DEFAULT NULL COMMENT 'Result message',
`elapsed` int(11) DEFAULT NULL COMMENT 'cost time(ms)',
`rows_read` bigint(20) DEFAULT NULL COMMENT 'Processed rows',
`bytes_read` bigint(20) DEFAULT NULL COMMENT 'Processed bytes',
`result_bytes` bigint(20) DEFAULT NULL COMMENT 'Result bytes',
`result_rows` bigint(20) DEFAULT NULL COMMENT 'Result rows',
`is_valid` int(2) NOT NULL DEFAULT 1 COMMENT 'Valid or not',
`start_time` bigint(20) DEFAULT NULL COMMENT 'start time: from PENDING to RUNNING or DONE',
`end_time` bigint(20) DEFAULT NULL COMMENT 'end time: state updated DONE',
`last_update_time` bigint(20) NOT NULL COMMENT 'Last Update Time',
`generated_time` bigint(20) NOT NULL COMMENT 'Generated Time',
PRIMARY KEY (`job_id`) USING BTREE,
KEY `index_job_id` (`job_id`) USING BTREE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
SET FOREIGN_KEY_CHECKS = 1;

22
tsg_olap/installation/mariadb/galaxy-qgw-service/V24.07__init_sys_storage_event.sql Normal file
View File

@@ -0,0 +1,22 @@
/*
Sys Storage Event
*/
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for dataset
-- ----------------------------
CREATE TABLE IF NOT EXISTS `sys_storage_event` (
`id` int(64) NOT NULL AUTO_INCREMENT,
`log_type` varchar(512) NOT NULL COMMENT 'Enums: Traffic Logs or Metrics or Files',
`data_center` varchar(512) NOT NULL,
`used_size` bigint NOT NULL,
`total_allocated_size` bigint NOT NULL,
`bytes` bigint NOT NULL,
`since_time` bigint NOT NULL,
`generated_time` bigint NOT NULL,
PRIMARY KEY (`id`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
SET FOREIGN_KEY_CHECKS = 1;

BIN
tsg_olap/installation/monitoring/TSG-24.02/TSG-OLAP-AlertRule-temp-v24.02.xlsx
View File

Binary file not shown.

1122
tsg_olap/installation/monitoring/TSG-24.02/TSG-OLAP-Dashboard-temp-v24.02.json
View File

File diff suppressed because it is too large Load Diff

BIN
tsg_olap/installation/monitoring/TSG-24.02/TSG-OLAP-Module-temp-v24.02.xlsx
View File

Binary file not shown.

BIN
tsg_olap/installation/monitoring/TSG-24.05/TSG-OLAP-AlertRule-temp-v24.05.xlsx
View File

Binary file not shown.

1122
tsg_olap/installation/monitoring/TSG-24.05/TSG-OLAP-Dashboard-temp-v24.05.json
View File

File diff suppressed because it is too large Load Diff

BIN
tsg_olap/installation/monitoring/TSG-24.05/TSG-OLAP-Module-temp-v24.05.xlsx
View File

Binary file not shown.

BIN
tsg_olap/installation/monitoring/TSG-24.06/TSG-OLAP-AlertRule-temp-v24.06.xlsx Normal file
View File

Binary file not shown.

BIN
tsg_olap/installation/monitoring/TSG-24.06/TSG-OLAP-AlertRule-temp-v24.06xlsx
View File

Binary file not shown.

1122
tsg_olap/installation/monitoring/TSG-24.06/TSG-OLAP-Dashboard-temp-v24.06.json
View File

File diff suppressed because it is too large Load Diff

BIN
tsg_olap/installation/monitoring/TSG-24.06/TSG-OLAP-Module-temp-v24.06.xlsx
View File

Binary file not shown.

BIN
tsg_olap/installation/monitoring/TSG-24.07/TSG-OLAP-AlertRule-temp-v24.07.xlsx Normal file
View File

Binary file not shown.

22324
tsg_olap/installation/monitoring/TSG-24.07/TSG-OLAP-Dashboard-temp-v24.07.json Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
tsg_olap/installation/monitoring/TSG-24.07/TSG-OLAP-Expression-temp-v24.07.xlsx Normal file
View File

Binary file not shown.

BIN
tsg_olap/installation/monitoring/TSG-24.07/TSG-OLAP-Module-temp-v24.07.xlsx Normal file
View File

Binary file not shown.

5
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/data_transporter.yaml.j2
View File

@@ -19,7 +19,7 @@ sinks:
type: kafka type: kafka
properties: properties:
topic: {{ kafka_sink_topic }} topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: { { kafka_sink_servers } } kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
kafka.request.timeout.ms: 30000 kafka.request.timeout.ms: 30000
@@ -35,7 +35,7 @@ sinks:
clickhouse_sink: clickhouse_sink:
type: clickhouse type: clickhouse
properties: properties:
host: {{ clickhouse_servers }} host: {{ clickhouse_sink_host }}
table: tsg_galaxy_v3.traffic_sketch_metric_local table: tsg_galaxy_v3.traffic_sketch_metric_local
batch.size: 100000 batch.size: 100000
batch.interval: 30s batch.interval: 30s
@@ -48,7 +48,6 @@ application:
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true object-reuse: true
topology:
{{ topology }} {{ topology }}

5
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/datapath_telemetry_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: DATAPATH-TELEMETRY-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -37,7 +37,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: DATAPATH-TELEMETRY-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
@@ -71,7 +71,6 @@ application:
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true object-reuse: true
topology:
{{ topology }} {{ topology }}

31
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/dos_event_kafka_to_clickhouse → tsg_olap/upgrade/TSG-24.06/groot_stream/templates/dos_event.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: DOS-EVENT topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: "{{ kafka_source_servers }}" kafka.bootstrap.servers: "{{ kafka_source_servers }}"
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -22,12 +22,30 @@ sources:
kafka.compression.type: none kafka.compression.type: none
format: json format: json
sinks: sinks:
kafka_sink:
type: kafka
properties:
topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0
kafka.linger.ms: 10
kafka.request.timeout.ms: 30000
kafka.batch.size: 262144
kafka.buffer.memory: 134217728
kafka.max.request.size: 10485760
kafka.compression.type: snappy
kafka.security.protocol: SASL_PLAINTEXT
kafka.sasl.mechanism: PLAIN
kafka.sasl.jaas.config: 454f65ea6eef1256e3067104f82730e737b68959560966b811e7ff364116b03124917eb2b0f3596f14733aa29ebad9352644ce1a5c85991c6f01ba8a5e8f177a7ff0b2d3889a424249967b3870b50993d9644f239f0de82cdb13bdb502959e16afadffa49ef1e1d2b9c9b5113e619817
format: json
json.ignore.parse.errors: false
log.failures.only: true
clickhouse_sink: clickhouse_sink:
type: clickhouse type: clickhouse
properties: properties:
host: "{{ clickhouse_servers }}" host: {{ clickhouse_sink_host }}
table: tsg_galaxy_v3.dos_event_local table: tsg_galaxy_v3.dos_event_local
batch.size: 100000 batch.size: 100000
batch.interval: 30s batch.interval: 30s
@@ -37,13 +55,10 @@ sinks:
application: application:
env: env:
name: dos_event_kafka_to_clickhouse name: {{ job_name }}
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true # [boolean] Object Reuse, default is false object-reuse: true # [boolean] Object Reuse, default is false
topology: {{ topology }}
- name: kafka_source
downstream: [clickhouse_sink]
- name: clickhouse_sink

12
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/proxy_event.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: PROXY-EVENT topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -50,12 +50,6 @@ processing_pipelines:
parameters: parameters:
value_expression: recv_time value_expression: recv_time
- function: DOMAIN
lookup_fields: [http_host, ssl_sni, dtls_sni, quic_sni]
output_fields: [server_domain]
parameters:
option: FIRST_SIGNIFICANT_SUBDOMAIN
- function: BASE64_DECODE_TO_STRING - function: BASE64_DECODE_TO_STRING
output_fields: [mail_subject] output_fields: [mail_subject]
parameters: parameters:
@@ -107,7 +101,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: PROXY-EVENT topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
@@ -141,6 +135,4 @@ application:
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true object-reuse: true
topology:
{{ topology }} {{ topology }}

10
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/session_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: SESSION-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -50,12 +50,6 @@ processing_pipelines:
parameters: parameters:
value_expression: recv_time value_expression: recv_time
- function: DOMAIN
lookup_fields: [http_host, ssl_sni, dtls_sni, quic_sni]
output_fields: [server_domain]
parameters:
option: FIRST_SIGNIFICANT_SUBDOMAIN
- function: BASE64_DECODE_TO_STRING - function: BASE64_DECODE_TO_STRING
output_fields: [mail_subject] output_fields: [mail_subject]
parameters: parameters:
@@ -107,7 +101,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: SESSION-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10

9
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/traffic_sketch_metric.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: TRAFFIC-SKETCH-METRIC topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -62,12 +62,11 @@ processing_pipelines:
parameters: parameters:
data_center_id_num: 1 data_center_id_num: 1
sinks: sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: TRAFFIC-SKETCH-METRIC topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10
@@ -86,7 +85,7 @@ sinks:
clickhouse_sink: clickhouse_sink:
type: clickhouse type: clickhouse
properties: properties:
host: {{ clickhouse_servers }} host: {{ clickhouse_sink_host }}
table: tsg_galaxy_v3.traffic_sketch_metric_local table: tsg_galaxy_v3.traffic_sketch_metric_local
batch.size: 100000 batch.size: 100000
batch.interval: 30s batch.interval: 30s
@@ -97,7 +96,7 @@ sinks:
application: application:
env: # [object] Environment Variables env: # [object] Environment Variables
name: etl_traffic_sketch_metric # [string] Job Name name: {{ job_name }}
shade.identifier: aes shade.identifier: aes
pipeline: pipeline:
object-reuse: true # [boolean] Object Reuse, default is false object-reuse: true # [boolean] Object Reuse, default is false

4
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/transaction_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: TRANSACTION-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -107,7 +107,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: TRANSACTION-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10

10
tsg_olap/upgrade/TSG-24.06/groot_stream/templates/voip_record.yaml.j2
View File

@@ -2,7 +2,7 @@ sources:
kafka_source: kafka_source:
type: kafka type: kafka
properties: properties:
topic: VOIP-CONVERSATION-RECORD topic: {{ kafka_source_topic }}
kafka.bootstrap.servers: {{ kafka_source_servers }} kafka.bootstrap.servers: {{ kafka_source_servers }}
kafka.session.timeout.ms: 60000 kafka.session.timeout.ms: 60000
kafka.max.poll.records: 3000 kafka.max.poll.records: 3000
@@ -50,12 +50,6 @@ processing_pipelines:
parameters: parameters:
value_expression: recv_time value_expression: recv_time
- function: DOMAIN
lookup_fields: [http_host, ssl_sni, dtls_sni, quic_sni]
output_fields: [server_domain]
parameters:
option: FIRST_SIGNIFICANT_SUBDOMAIN
- function: BASE64_DECODE_TO_STRING - function: BASE64_DECODE_TO_STRING
output_fields: [mail_subject] output_fields: [mail_subject]
parameters: parameters:
@@ -107,7 +101,7 @@ sinks:
kafka_sink: kafka_sink:
type: kafka type: kafka
properties: properties:
topic: VOIP-CONVERSATION-RECORD topic: {{ kafka_sink_topic }}
kafka.bootstrap.servers: {{ kafka_sink_servers }} kafka.bootstrap.servers: {{ kafka_sink_servers }}
kafka.retries: 0 kafka.retries: 0
kafka.linger.ms: 10 kafka.linger.ms: 10