modify ddl and configuration template directory

tsg_olap/upgrade/2021/2021-02-01/Release.md

@@ -0,0 +1,29 @@
+# TSG-V21.02版本 2021-02-01更新记录
+
+
+## galaxy-qgw-service
+
+镜像版本：v3.3.210201
+
+>docker pull 192.168.40.153:9080/tsg/galaxy/galaxy-qgw-service:v3.3.210201
+
+更新内容：
+* 新增： 
+  
+  1.查询SQL任务执行状态。  
+  2.获取当前SQL Query ID。  
+  
+* 修复：
+  
+  1：[TSG-5494、TSG-5465] LiveCharts 协议分布数据接口，过滤异常数据。   
+  2：[TSG-5467] 修复代码可满足EAL4检测评分并合并到主分支。  
+  3：[TSG-5448] - 支持 TCP ISN 的显示与原始日志检索。  
+  4: 重命名系统配置文件属性，将clickhouse 配置文件 passwod 改为 userKey。  
+
+
+## Clickhouse
+
+更新内容：
+* 新增：
+ 
+   1：[TSG-5448] - 支持 TCP ISN 的显示与原始日志检索。  

tsg_olap/upgrade/2021/2021-02-01/clickhouse/20210201-5448-upsql.txt

@@ -0,0 +1,52 @@
+ALTER TABLE sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+------------------------------------------------
+
+ALTER TABLE proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+------------------------------------------------
+
+ALTER TABLE security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+------------------------------------------------
+
+ALTER TABLE connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+------------------------------------------------
+
+ALTER TABLE radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;
+
+ALTER TABLE radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_client_isn Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tcp_server_isn Int64 after common_tcp_client_isn;

tsg_olap/upgrade/2021/TSG-21.03/Clickhouse/add_column.sql

@@ -0,0 +1,191 @@
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from String after sip_call_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from String after sip_call_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to String after sip_from;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to String after sip_from;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to String after sip_from;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to String after sip_from;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_to;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_to;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_to;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_to;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_connect_ip String after sip_server;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_connect_ip String after sip_server;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_port Int64 after sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_port Int64 after sip_from_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_port Int64 after sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_port Int64 after sip_from_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_type String after sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_type String after sip_from_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_type String after sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_media_type String after sip_from_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_content String after sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_content String after sip_from_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_content String after sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_from_sdp_content String after sip_from_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_connect_ip String after sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_connect_ip String after sip_from_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_connect_ip String after sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_connect_ip String after sip_from_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_port Int64 after sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_port Int64 after sip_to_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_port Int64 after sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_port Int64 after sip_to_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_type String after sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_type String after sip_to_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_type String after sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_media_type String after sip_to_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_content String after sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_content String after sip_to_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_content String after sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_to_sdp_content String after sip_to_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_to_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_to_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_bye;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_bye;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_bye;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_bye;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_c2s String after rtp_payload_type_s2c;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_c2s String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_c2s String after rtp_payload_type_s2c;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_c2s String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_s2c String after rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_s2c String after rtp_pcap_dir_c2s;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_s2c String after rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_dir_s2c String after rtp_pcap_dir_c2s;
+
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to String after sip_from;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to String after sip_from;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_to;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_to;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_media_port Int64 after sip_from_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_media_port Int64 after sip_from_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_media_type String after sip_from_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_media_type String after sip_from_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_content String after sip_from_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_from_sdp_content String after sip_from_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_connect_ip String after sip_from_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_connect_ip String after sip_from_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_media_port Int64 after sip_to_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_media_port Int64 after sip_to_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_media_type String after sip_to_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_media_type String after sip_to_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_content String after sip_to_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_to_sdp_content String after sip_to_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_to_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_to_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_bye;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_bye;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_pcap_dir_c2s String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_pcap_dir_c2s String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_pcap_dir_s2c String after rtp_pcap_dir_c2s;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_pcap_dir_s2c String after rtp_pcap_dir_c2s;

tsg_olap/upgrade/2021/TSG-21.03/README.md

@@ -0,0 +1,66 @@
+# TSG-V21.03版本 2021-03-02更新记录
+
+
+## 查询引擎
+
+镜像版本:341
+
+更新内容:  
+  1:  扩展Schema，支持VOIP 协议 SIP/RTP 所有字段(TSG-5598)。  
+  2:  扩展Schema，描述SQL 支持的聚合和操作函数(TSG-5377)。  
+  3:  新增故障诊断-元数据与schema验证接口，可以校验schema与数据库字段的一致性。  
+  4:  新增故障诊断-SQL测试集接口，可动态评估查询引擎执行性能和留存统计结果。  
+  5:  改善原有test自检功能，包含runSchema 与 runSql。  
+  6:  改善系统接口调用方式，抽取为公共方法，包含:kill query，process 和query ID。  
+  7:  新增集成jar进行加密功能，docker部署可进行加密。  
+  8:  新增集成jar未变化情况下，MD5保持固定。  
+  9:  修复聚合查询分布式子查询与预期结果不一致(TSG-5634)  
+
+
+## 调度任务-admin
+
+镜像版本:v1.3.20210302
+
+
+更新内容:   
+  1:  新增集成jar未变化情况下，MD5保持固定。
+
+## 调度任务-executor
+
+镜像版本:v1.3.20210302
+
+
+更新内容:    
+  1:  新增集成jar未变化情况下，MD5保持固定。  
+  2:  新增集成jar进行加密功能，docker部署可进行加密。
+
+## 报表服务
+
+镜像版本:21.02.25
+
+
+更新内容:  
+  1:  新增集成jar未变化情况下，MD5保持固定。  
+  2:  新增集成jar进行加密功能，docker部署可进行加密。  
+  3:  新增从网关服务获取queryid功能。  
+  4:  改善调用kill query，process接口功能  
+  5:  改善生成hbase中reportid方式  
+  6:  修复EAL4漏洞  
+  
+
+## 对象存储
+
+镜像版本:21.03.01
+
+
+更新内容:  
+  1:  修复eal4漏洞。  
+  2:  新增集成jar未变化情况下，MD5保持固定。  
+  3:  新增集成jar进行加密功能，docker部署可进行加密。  
+  
+## 数据初始化
+
+更新内容:  
+  1:  新增日志VOIP协议字段。（TSG-5598）  
+  2:  Clickhouse初始化sql 支持VOIP协议字段  
+  3:  数据补全(storm) 日志入库(gohangout)支持 VOIP协议字段。  

tsg_olap/upgrade/2021/TSG-21.03/查询引擎/radius_record_log.avsc

@@ -0,0 +1,515 @@
+{
+  "type": "record",
+  "name": "radius_record_log",
+  "namespace": "tsg_galaxy_v3",
+  "doc": "{\"primary_key\":\"common_log_id\",\"partition_key\":\"common_recv_time\",\"functions\":{\"aggregation\":[{\"name\":\"COUNT\",\"function\":\"count(expr)\"},{\"name\":\"COUNT_DISTINCT\",\"function\":\"count(distinct expr)\"},{\"name\":\"AVG\",\"function\":\"avg(expr)\"},{\"name\":\"SUM\",\"function\":\"sum(expr)\"},{\"name\":\"MAX\",\"function\":\"max(expr)\"},{\"name\":\"MIN\",\"function\":\"min(expr)\"}],\"operator\":[{\"name\":\"=\",\"function\":\"expr = value\"},{\"name\":\"!=\",\"function\":\"expr != value\"},{\"name\":\">\",\"function\":\"expr > value\"},{\"name\":\"<\",\"function\":\"expr < value\"},{\"name\":\">=\",\"function\":\"expr >= value\"},{\"name\":\"<=\",\"function\":\"expr <= value\"},{\"name\":\"in\",\"function\":\"expr in (values)\"},{\"name\":\"not in\",\"function\":\"expr not in (values)\"},{\"name\":\"like\",\"function\":\"expr like value\"},{\"name\":\"not like\",\"function\":\"expr not like value\"},{\"name\":\"not empty\",\"function\":\"notEmpty(expr)\"},{\"name\":\"empty\",\"function\":\"empty(expr)\"}]},\"schema_query\":{\"dimensions\":[\"radius_nas_ip\",\"radius_framed_ip\",\"common_subscriber_id\"],\"metrics\":[\"radius_framed_ip\",\"radius_event_timestamp\",\"common_c2s_pkt_num\",\"common_s2c_pkt_num\",\"common_c2s_byte_num\",\"common_s2c_byte_num\"],\"filters\":[\"radius_framed_ip\",\"common_subscriber_id\",\"radius_packet_type\",\"radius_acct_session_id\",\"radius_acct_multi_session_id\",\"radius_acct_status_type\"],\"references\":{\"aggregation\":[{\"type\":\"int\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"long\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"float\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"double\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"string\",\"functions\":\"COUNT,COUNT_DISTINCT\"},{\"type\":\"date\",\"functions\":\"COUNT,COUNT_DISTINCT,MAX,MIN\"},{\"type\":\"timestamp\",\"functions\":\"COUNT,COUNT_DISTINCT,MAX,MIN\"}],\"operator\":[{\"type\":\"int\",\"functions\":\"=,!=,>,<,>=,<=,in,not in\"},{\"type\":\"long\",\"functions\":\"=,!=,>,<,>=,<=,in,not in\"},{\"type\":\"float\",\"functions\":\"=,!=,>,<,>=,<=\"},{\"type\":\"double\",\"functions\":\"=,!=,>,<,>=,<=\"},{\"type\":\"string\",\"functions\":\"=,!=,in,not in,like,not like,not empty,empty\"},{\"type\":\"date\",\"functions\":\"=,!=,>,<,>=,<=\"},{\"type\":\"timestamp\",\"functions\":\"=,!=,>,<,>=,<=\"}]}},\"schema_type\":{\"RADIUS\":{\"columns\":[\"common_recv_time\",\"common_log_id\",\"common_policy_id\",\"common_subscriber_id\",\"common_client_ip\",\"common_client_port\",\"common_internal_ip\",\"common_l4_protocol\",\"common_address_type\",\"common_server_ip\",\"common_server_port\",\"common_external_ip\",\"common_action\",\"common_direction\",\"common_entrance_id\",\"common_sled_ip\",\"common_client_location\",\"common_client_asn\",\"common_server_location\",\"common_server_asn\",\"common_sessions\",\"common_c2s_pkt_num\",\"common_s2c_pkt_num\",\"common_c2s_byte_num\",\"common_s2c_byte_num\",\"common_service\",\"common_schema_type\",\"common_user_tags\",\"common_sub_action\",\"common_user_region\",\"common_device_id\",\"common_link_id\",\"common_isp\",\"common_device_tag\",\"common_data_center\",\"common_encapsulation\",\"common_app_label\",\"common_protocol_label\",\"common_app_id\",\"common_app_surrogate_id\",\"common_l7_protocol\",\"common_start_time\",\"common_end_time\",\"common_establish_latency_ms\",\"common_con_duration_ms\",\"common_stream_dir\",\"common_address_list\",\"common_has_dup_traffic\",\"common_stream_error\",\"common_stream_trace_id\",\"common_link_info_c2s\",\"common_link_info_s2c\",\"common_c2s_ipfrag_num\",\"common_s2c_ipfrag_num\",\"common_c2s_tcp_lostlen\",\"common_s2c_tcp_lostlen\",\"common_c2s_tcp_unorder_num\",\"common_s2c_tcp_unorder_num\",\"common_tcp_client_isn\",\"common_tcp_server_isn\",\"common_first_ttl\",\"common_processing_time\",\"radius_packet_type\",\"radius_nas_ip\",\"radius_framed_ip\",\"radius_account\",\"radius_session_timeout\",\"radius_idle_timeout\",\"radius_acct_status_type\",\"radius_acct_terminate_cause\",\"radius_event_timestamp\",\"radius_nas_port\",\"radius_service_type\",\"radius_framed_protocol\",\"radius_callback_number\",\"radius_callback_id\",\"radius_termination_action\",\"radius_called_station_id\",\"radius_calling_station_id\",\"radius_acct_delay_time\",\"radius_acct_session_id\",\"radius_acct_multi_session_id\",\"radius_acct_input_octets\",\"radius_acct_output_octets\",\"radius_acct_input_packets\",\"radius_acct_output_packets\",\"radius_acct_session_time\",\"radius_acct_link_count\",\"radius_acct_interim_interval\"],\"default_columns\":[\"common_recv_time\",\"common_log_id\",\"common_subscriber_id\",\"radius_nas_ip\",\"radius_framed_ip\",\"radius_acct_status_type\"]}},\"default_columns\":[\"common_recv_time\",\"common_log_id\",\"common_subscriber_id\",\"radius_nas_ip\",\"radius_framed_ip\",\"radius_acct_status_type\"]}",
+  "fields": [
+    {
+      "name": "common_recv_time",
+      "label": "Receive Time",
+      "type": "long",
+      "doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"timestamp\"}}"
+    },
+    {
+      "name": "common_log_id",
+      "label": "Log ID",
+      "type": "long",
+      "doc": "{\"allow_query\":\"true\",\"format\":{\"functions\":\"snowflake_id\"}}"
+    },
+    {
+      "name": "common_policy_id",
+      "label": "Policy ID",
+      "type": "long",
+      "doc":"{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_subscriber_id",
+      "label": "Subscriber ID",
+      "type": "string",
+      "doc": "{\"allow_query\":\"true\"}"
+    },
+    {
+      "name": "common_client_ip",
+      "label": "Client IP",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_client_port",
+      "label": "Client Port",
+      "type": "int",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_internal_ip",
+      "label": "Internal IP",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_l4_protocol",
+      "label": "L4 Protocol",
+      "type": "string"
+    },
+    {
+      "name": "common_address_type",
+      "label": "Address Type",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"4\",\"value\":\"ipv4\"},{\"code\":\"6\",\"value\":\"ipv6\"}]}"
+    },
+    {
+      "name": "common_server_ip",
+      "label": "Server IP",
+      "type": "string",
+      "doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"},\"format\":{\"functions\":\"geo_asn\",\"appendTo\":\"common_server_asn\"}}"
+    },
+    {
+      "name": "common_server_port",
+      "label": "Server Port",
+      "type": "int",
+      "doc": "{\"allow_query\":\"true\"}"
+    },
+    {
+      "name": "common_external_ip",
+      "label": "External IP",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_action",
+      "label": "Action",
+      "type": "int",
+      "doc": "{\"visibility\":\"hidden\",\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"None\"},{\"code\":\"1\",\"value\":\"Monitor\"},{\"code\":\"2\",\"value\":\"Intercept\"},{\"code\":\"16\",\"value\":\"Deny\"},{\"code\":\"48\",\"value\":\"Manipulation\"},{\"code\":\"128\",\"value\":\"Allow\"}]}"
+    },
+    {
+      "name": "common_direction",
+      "label": "Direction",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"69\",\"value\":\"outbound\"},{\"code\":\"73\",\"value\":\"inbound\"}]}"
+    },
+    {
+      "name": "common_entrance_id",
+      "label": "Entrance ID",
+      "type": "int",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_sled_ip",
+      "label": "Sled IP",
+      "type": "string",
+      "doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"}}"
+    },
+    {
+      "name": "common_client_location",
+      "label": "Client Location",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_client_asn",
+      "label": "Client ASN",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_server_location",
+      "label": "Server Location",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_server_asn",
+      "label": "Server ASN",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_sessions",
+      "label": "Sessions",
+      "type": "long",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_c2s_pkt_num",
+      "label": "Packets Sent",
+      "type": "long"
+    },
+    {
+      "name": "common_s2c_pkt_num",
+      "label": "Packets Received",
+      "type": "long"
+    },
+    {
+      "name": "common_c2s_byte_num",
+      "label": "Bytes Sent",
+      "type": "long"
+    },
+    {
+      "name": "common_s2c_byte_num",
+      "label": "Bytes Received",
+      "type": "long"
+    },
+    {
+      "name": "common_service",
+      "label": "Service",
+      "type": "int",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_schema_type",
+      "label": "Schema Type",
+      "type": "string",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"BASE\",\"value\":\"BASE\"},{\"code\":\"HTTP\",\"value\":\"HTTP\"},{\"code\":\"MAIL\",\"value\":\"MAIL\"},{\"code\":\"DNS\",\"value\":\"DNS\"},{\"code\":\"SSL\",\"value\":\"SSL\"},{\"code\":\"FTP\",\"value\":\"FTP\"}],\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_user_tags",
+      "label": "User Tags",
+      "type": "string",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_sub_action",
+      "label": "Sub Action",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_user_region",
+      "label": "User Region",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_device_id",
+      "label": "Device ID",
+      "type": "string",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_link_id",
+      "label": "Link ID",
+      "type": "int",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_isp",
+      "label": "ISP",
+      "type": "string",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_device_tag",
+      "label": "Device Tag",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_data_center",
+      "label": "Data Center",
+      "type": "string",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"Nur-sultan\",\"value\":\"Nur-sultan\"},{\"code\":\"Aktau\",\"value\":\"Aktau\"},{\"code\":\"Aktubinsk\",\"value\":\"Aktubinsk\"},{\"code\":\"Almaty\",\"value\":\"Almaty\"},{\"code\":\"Atyrau\",\"value\":\"Atyrau\"},{\"code\":\"Karaganda\",\"value\":\"Karaganda\"},{\"code\":\"Kokshetau\",\"value\":\"Kokshetau\"},{\"code\":\"Kostanay\",\"value\":\"Kostanay\"},{\"code\":\"Kyzylorda\",\"value\":\"Kyzylorda\"},{\"code\":\"Pavlodar\",\"value\":\"Pavlodar\"},{\"code\":\"Petropavl\",\"value\":\"Petropavl\"},{\"code\":\"Semey\",\"value\":\"Semey\"},{\"code\":\"Shymkent\",\"value\":\"Shymkent\"},{\"code\":\"Taldykurgan\",\"value\":\"Taldykurgan\"},{\"code\":\"Taraz\",\"value\":\"Taraz\"},{\"code\":\"Uralsk\",\"value\":\"Uralsk\"},{\"code\":\"Ust-Kamenogorsk\",\"value\":\"Ust-Kamenogorsk\"},{\"code\":\"Zhezkazgan\",\"value\":\"Zhezkazgan\"}],\"allow_query\":\"true\"}"
+    },
+    {
+      "name": "common_encapsulation",
+      "label": "Encapsulation",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"Ethernet\"},{\"code\":\"8\",\"value\":\"PPP\"},{\"code\":\"12\",\"value\":\"CiscoHDLC\"}],\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_app_label",
+      "label": "Application Label",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_protocol_label",
+      "label": "Protocol Label",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_app_id",
+      "label": "Application ID",
+      "type": "int",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_app_surrogate_id",
+      "label": "Surrogate ID",
+      "type": "int",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_l7_protocol",
+      "label": "L7 Protocol",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_start_time",
+      "label": "Start Time",
+      "type": "long",
+      "doc": "{\"constraints\":{\"type\":\"timestamp\"},\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_end_time",
+      "label": "End Time",
+      "type": "long",
+      "doc": "{\"constraints\":{\"type\":\"timestamp\"},\"format\":{\"functions\":\"get_value\",\"appendTo\":\"common_recv_time\"},\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_establish_latency_ms",
+      "label": "Establish Latency(ms)",
+      "type": "int",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_con_duration_ms",
+      "label": "Duration(ms)",
+      "type": "int",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_stream_dir",
+      "label": "Stream Direction",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"1\",\"value\":\"c2s\"},{\"code\":\"2\",\"value\":\"s2c\"},{\"code\":\"3\",\"value\":\"double\"}]}"
+    },
+    {
+      "name": "common_address_list",
+      "label": "Address List",
+      "type": "string",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_has_dup_traffic",
+      "label": "Duplication Traffic",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"No\"},{\"code\":\"1\",\"value\":\"Yes\"}],\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_stream_error",
+      "label": "Stream Error",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_stream_trace_id",
+      "label": "Session ID",
+      "type": "long",
+      "doc": "{\"allow_query\":\"true\"}"
+    },
+    {
+      "name": "common_link_info_c2s",
+      "label": "Link Info(c2s)",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_link_info_s2c",
+      "label": "Link Info(s2c)",
+      "type": "string",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_c2s_ipfrag_num",
+      "label": "Fragmentation Packets(c2s)",
+      "type": "long",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_s2c_ipfrag_num",
+      "label": "Fragmentation Packets(s2c)",
+      "type": "long",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_c2s_tcp_lostlen",
+      "label": "Sequence Gap Loss(c2s)",
+      "type": "long",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_s2c_tcp_lostlen",
+      "label": "Sequence Gap Loss(s2c)",
+      "type": "long",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_c2s_tcp_unorder_num",
+      "label": "Unorder Packets(c2s)",
+      "type": "long",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_s2c_tcp_unorder_num",
+      "label": "Unorder Packets(s2c)",
+      "type": "long",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_tcp_client_isn",
+      "label": "TCP Client ISN",
+      "type": "long",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_tcp_server_isn",
+      "label": "TCP Server ISN",
+      "type": "long",
+      "doc": "{\"visibility\":\"disabled\"}"
+    },
+    {
+      "name": "common_first_ttl",
+      "label": "First TTL",
+      "type": "int",
+      "doc": "{\"visibility\":\"hidden\"}"
+    },
+    {
+      "name": "common_processing_time",
+      "label": "Processing Time",
+      "doc": "{\"constraints\":{\"type\":\"timestamp\"},\"format\":{\"functions\":\"current_timestamp\"}}",
+      "type": "long"
+    },
+    {
+      "name": "radius_packet_type",
+      "label": "Packet Type",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"1\",\"value\":\"Access-Request\"},{\"code\":\"2\",\"value\":\"Access-Accept\"},{\"code\":\"3\",\"value\":\"Access-Reject\"},{\"code\":\"4\",\"value\":\"Accounting-Request\"},{\"code\":\"5\",\"value\":\"Accounting-Response\"},{\"code\":\"11\",\"value\":\"Access-Challenge\"}]}"
+    },
+    {
+      "name": "radius_account",
+      "label": "Account",
+      "type": "string",
+      "doc": "{\"format\":{\"functions\":\"get_value\",\"appendTo\":\"common_subscriber_id\"}}"
+    },
+    {
+      "name": "radius_nas_ip",
+      "label": "Nas IP",
+      "type": "string"
+    },
+    {
+      "name": "radius_framed_ip",
+      "label": "Framed IP",
+      "type": "string",
+      "doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"}}"
+    },
+    {
+      "name": "radius_session_timeout",
+      "label": "Session Timeout",
+      "type": "int"
+    },
+    {
+      "name": "radius_idle_timeout",
+      "label": "Idle Timeout",
+      "type": "int"
+    },
+    {
+      "name": "radius_acct_status_type",
+      "label": "ACC Status Type",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"1\",\"value\":\"Start\"},{\"code\":\"2\",\"value\":\"Stop\"},{\"code\":\"3\",\"value\":\"Interim-Update\"},{\"code\":\"7\",\"value\":\"Accounting-On\"},{\"code\":\"8\",\"value\":\"Accounting-Off\"}]}"
+    },
+    {
+      "name": "radius_acct_terminate_cause",
+      "label": "Acct Terminate Cause",
+      "type": "int",
+      "doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"1\",\"value\":\"User Request\"},{\"code\":\"2\",\"value\":\"Lost Carrier\"},{\"code\":\"3\",\"value\":\"Lost Service\"},{\"code\":\"4\",\"value\":\"Idle Timeout\"},{\"code\":\"5\",\"value\":\"Session Timeout\"},{\"code\":\"6\",\"value\":\"Admin Reset\"},{\"code\":\"7\",\"value\":\"Admin Reboot\"},{\"code\":\"8\",\"value\":\"Port Error\"},{\"code\":\"9\",\"value\":\"NAS Error\"},{\"code\":\"10\",\"value\":\"NAS Request\"},{\"code\":\"11\",\"value\":\"NAS Reboot\"},{\"code\":\"12\",\"value\":\"Port Unneeded\"},{\"code\":\"13\",\"value\":\"Port Preempted\"},{\"code\":\"14\",\"value\":\"Port Suspended\"},{\"code\":\"15\",\"value\":\"Service Unavailable\"},{\"code\":\"16\",\"value\":\"Callback\"},{\"code\":\"17\",\"value\":\"User Error\"},{\"code\":\"18\",\"value\":\"Host Request\"}]}"
+    },
+    {
+      "name": "radius_event_timestamp",
+      "label": "Event Timestamp",
+      "type": "int"
+    },
+    {
+      "name": "radius_service_type",
+      "label": "Service Type",
+      "type": "int"
+    },
+    {
+      "name": "radius_nas_port",
+      "label": "Nas Port",
+      "type": "int"
+    },
+    {
+      "name": "radius_framed_protocol",
+      "label": "Framed Protocol",
+      "type": "int"
+    },
+    {
+      "name": "radius_callback_number",
+      "label": "Callback Number",
+      "type": "string"
+    },
+    {
+      "name": "radius_callback_id",
+      "label": "Callback ID",
+      "type": "string"
+    },
+    {
+      "name": "radius_termination_action",
+      "label": "Termination Action",
+      "type": "int"
+    },
+    {
+      "name": "radius_called_station_id",
+      "label": "Called Station Id",
+      "type": "string"
+    },
+    {
+      "name": "radius_calling_station_id",
+      "label": "Calling Station Id",
+      "type": "string"
+    },
+    {
+      "name": "radius_acct_delay_time",
+      "label": "Acct Delay Time",
+      "type": "int"
+    },
+    {
+      "name": "radius_acct_session_id",
+      "label": "Acct Session ID",
+      "type": "string"
+    },
+    {
+      "name": "radius_acct_multi_session_id",
+      "label": "Acct Multi Session ID",
+      "type": "string"
+    },
+    {
+      "name": "radius_acct_input_octets",
+      "label": "Acct Input Octets",
+      "type": "long"
+    },
+    {
+      "name": "radius_acct_output_octets",
+      "label": "Acct Output Octets",
+      "type": "long"
+    },
+    {
+      "name": "radius_acct_input_packets",
+      "label": "Acct Input Packets",
+      "type": "long"
+    },
+    {
+      "name": "radius_acct_output_packets",
+      "label": "Acct Output Packets",
+      "type": "long"
+    },
+    {
+      "name": "radius_acct_session_time",
+      "label": "Acct Session Time",
+      "type": "int"
+    },
+    {
+      "name": "radius_acct_link_count",
+      "label": "Acct Link Count",
+      "type": "int"
+    },
+    {
+      "name": "radius_acct_interim_interval",
+      "label": "Acct Interim Interval",
+      "type": "int"
+    }
+  ]
+}

tsg_olap/upgrade/2021/TSG-21.03/查询引擎/version.json

@@ -0,0 +1,95 @@
+{
+  "product": "XXG Test environment",
+  "version": "21.03",
+  "registered": "Geedge",
+  "updated":"2021-03-02 11:00:03",
+  "components": {
+    "oss": [
+      {
+        "name": "zookeeper",
+        "version": "3.4.9",
+        "licenseType": "Apache License 2.0",
+        "description": "分布式应用程序协调服务"
+      },
+      {
+        "name": "kafka",
+        "version": "2.11_1.0.0",
+        "licenseType": "Apache License 2.0",
+        "description": "消息队列"
+      },
+      {
+        "name": "habse",
+        "version": "2.2.3",
+        "licenseType": "Apache License 2.0",
+        "description": "用于文件系统和存储Radius数据"
+      },
+      {
+        "name": "flume",
+        "version": "1.9.0",
+        "licenseType": "Apache License 2.0",
+        "description": "日志补全传输"
+      },
+      {
+        "name": "clickhouse",
+        "version": "20.3.12.112",
+        "licenseType": "Apache License 2.0",
+        "description": "原始日志数据库"
+      },
+      {
+        "name": "druid",
+        "version": "0.18.1",
+        "licenseType": "Apache License 2.0",
+        "description": "分析实时数据并提供低延迟查询的OLAP应用程序"
+      },
+      {
+        "name": "gohangout",
+        "version": "1.15.2.20200921",
+        "description": "动态获取原始日志表schema入库程序"
+      }
+    ],
+    "apps": [
+      {
+        "name": "galaxy-qgw-service",
+        "version": "341",
+        "description": "数据平台对外统一查询网关"
+      },
+      {
+        "name": "galaxy-report-service",
+        "version": "21.02.25",
+        "description": "自定义报表查询服务"
+      },
+      {
+        "name": "galaxy-hos-service",
+        "version": "21.03.01",
+        "description": "对象存储服务"
+      },
+      {
+        "name": "xxl-job-admin",
+        "version": "v1.3.20210302",
+        "description": "分布式任务调度平台"
+      },
+      {
+        "name": "xxl-job-executor",
+        "version": "v1.3.20210302",
+        "description": "分布式任务调度平台-执行器"
+      }
+    ],
+    "tasks": [
+      {
+        "name": "flume",
+        "version": "flume-config-21.03",
+        "description": "原始日志补全、subscriber更新、Radius上下线功能"
+      },
+      {
+        "name": "druid",
+        "version": "druid-config-21.02",
+        "description": "所有分析日志任务"
+      },
+      {
+        "name": "gohangout",
+        "version": "gohangout-config-21.02",
+        "description": "原始日志入库、上下线日志入库"
+      }
+    ]
+  }
+}

tsg_olap/upgrade/2021/TSG-21.04/clickhouse/.gitkeep

@@ -0,0 +1,185 @@
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_call_id String after app_extra_info;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_call_id String after app_extra_info;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_call_id String after app_extra_info;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_description String after sip_call_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_description String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_description String after sip_call_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_description String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_description String after sip_call_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_description String after sip_call_id;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_description String after sip_originator_description;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_description String after sip_originator_description;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_description String after sip_originator_description;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_description String after sip_originator_description;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_description String after sip_originator_description;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_description String after sip_originator_description;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_user_agent String after sip_responder_description;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_user_agent String after sip_responder_description;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_user_agent String after sip_responder_description;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_user_agent String after sip_responder_description;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_user_agent String after sip_responder_description;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_user_agent String after sip_responder_description;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_server String after sip_user_agent;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_server String after sip_user_agent;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_server String after sip_user_agent;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_server String after sip_user_agent;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_connect_ip String after sip_server;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_connect_ip String after sip_server;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_connect_ip String after sip_server;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_connect_ip String after sip_server;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_content String after sip_originator_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_content String after sip_originator_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_content String after sip_originator_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_content String after sip_originator_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_content String after sip_originator_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_originator_sdp_content String after sip_originator_sdp_media_type;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_content String after sip_responder_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_content String after sip_responder_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_content String after sip_responder_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_content String after sip_responder_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_content String after sip_responder_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_responder_sdp_content String after sip_responder_sdp_media_type;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_duration Int64 after sip_responder_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_duration Int64 after sip_responder_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_duration Int64 after sip_responder_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_duration Int64 after sip_responder_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_duration Int64 after sip_responder_sdp_content;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_duration Int64 after sip_responder_sdp_content;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN sip_bye String after sip_duration;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN sip_bye String after sip_duration;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN sip_bye String after sip_duration;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN sip_bye String after sip_duration;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_c2s Int64 after sip_bye;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_c2s Int64 after sip_bye;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_c2s Int64 after sip_bye;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_c2s Int64 after sip_bye;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_c2s Int64 after sip_bye;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_c2s Int64 after sip_bye;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_s2c Int64 after rtp_payload_type_c2s;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_s2c Int64 after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_s2c Int64 after rtp_payload_type_c2s;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_s2c Int64 after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_s2c Int64 after rtp_payload_type_c2s;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_payload_type_s2c Int64 after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_pcap_path String after rtp_payload_type_s2c;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_pcap_path String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN rtp_pcap_path String after rtp_payload_type_s2c;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_pcap_path String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_pcap_path String after rtp_payload_type_s2c;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_pcap_path String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_originator_dir Int64 after rtp_pcap_path;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_originator_dir Int64 after rtp_pcap_path;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN rtp_originator_dir Int64 after rtp_pcap_path;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_originator_dir Int64 after rtp_pcap_path;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN rtp_originator_dir Int64 after rtp_pcap_path;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN rtp_originator_dir Int64 after rtp_pcap_path;
+

tsg_olap/upgrade/2021/TSG-21.04/clickhouse/add_column.sql

@@ -0,0 +1,505 @@
+CREATE TABLE IF NOT EXISTS tsg_galaxy_v3.voip_record_log_local on cluster ck_cluster(
+	common_log_id UInt64,
+	common_service Int64,
+	common_recv_time Int64,
+	common_direction Nullable(Int64),
+	common_l4_protocol String,
+	common_address_type Int64,
+	common_schema_type String,
+	common_policy_id Int64,
+	common_user_tags String,
+	common_action Int64,
+	common_sub_action String,
+	common_user_region String,
+	common_client_ip String,
+	common_client_port Int64,
+	common_internal_ip String,
+	common_entrance_id Int64,
+	common_device_id String,
+	common_link_id Int64,
+	common_isp String,
+	common_device_tag String,
+	common_data_center String,
+	common_encapsulation Int64,
+	common_tunnels String,
+	common_sled_ip String,
+	common_client_location String,
+	common_client_asn String,
+	common_subscriber_id String,
+	common_server_ip String,
+	common_server_port Int64,
+	common_external_ip String,
+	common_server_location String,
+	common_server_asn String,
+	common_protocol_label String,
+	common_app_label String,
+	common_app_id Int64,
+	common_app_surrogate_id Int64,
+	common_l7_protocol String,
+	common_sessions Int64,
+	common_c2s_pkt_num Int64,
+	common_s2c_pkt_num Int64,
+	common_c2s_byte_num Int64,
+	common_s2c_byte_num Int64,
+	common_start_time Int64,
+	common_end_time Int64,
+	common_establish_latency_ms Int64,
+	common_con_duration_ms Int64,
+	common_stream_dir Int64,
+	common_address_list String,
+	common_has_dup_traffic Int64,
+	common_stream_error String,
+	common_stream_trace_id UInt64,
+	common_link_info_c2s String,
+	common_link_info_s2c String,
+	common_c2s_ipfrag_num Int64,
+	common_s2c_ipfrag_num Int64,
+	common_c2s_tcp_lostlen Int64,
+	common_s2c_tcp_lostlen Int64,
+	common_c2s_tcp_unorder_num Int64,
+	common_s2c_tcp_unorder_num Int64,
+	common_tcp_client_isn Int64,
+    common_tcp_server_isn Int64,
+	common_first_ttl Int64,
+	common_processing_time Int64,
+	sip_call_id String,
+	sip_originator_description String,
+	sip_responder_description String,
+	sip_user_agent String,
+	sip_server String,
+	sip_originator_sdp_connect_ip String,
+	sip_originator_sdp_media_port Int64,
+	sip_originator_sdp_media_type String,
+	sip_originator_sdp_content String,
+	sip_responder_sdp_connect_ip String,
+	sip_responder_sdp_media_port Int64,
+	sip_responder_sdp_media_type String,
+	sip_responder_sdp_content String,
+	sip_duration Int64,
+	sip_bye String,
+	rtp_payload_type_c2s Nullable(Int64),
+	rtp_payload_type_s2c Nullable(Int64),
+	rtp_pcap_path String,
+	rtp_originator_dir Int64
+)ENGINE = MergeTree PARTITION BY toYYYYMMDD(toDate(common_recv_time)) ORDER BY (common_log_id,common_data_center,common_recv_time);
+
+CREATE TABLE IF NOT EXISTS tsg_galaxy_v3.voip_record_log on cluster ck_query(
+	common_log_id UInt64,
+	common_service Int64,
+	common_recv_time Int64,
+	common_direction Nullable(Int64),
+	common_l4_protocol String,
+	common_address_type Int64,
+	common_schema_type String,
+	common_policy_id Int64,
+	common_user_tags String,
+	common_action Int64,
+	common_sub_action String,
+	common_user_region String,
+	common_client_ip String,
+	common_client_port Int64,
+	common_internal_ip String,
+	common_entrance_id Int64,
+	common_device_id String,
+	common_link_id Int64,
+	common_isp String,
+	common_device_tag String,
+	common_data_center String,
+	common_encapsulation Int64,
+	common_tunnels String,
+	common_sled_ip String,
+	common_client_location String,
+	common_client_asn String,
+	common_subscriber_id String,
+	common_server_ip String,
+	common_server_port Int64,
+	common_external_ip String,
+	common_server_location String,
+	common_server_asn String,
+	common_protocol_label String,
+	common_app_label String,
+	common_app_id Int64,
+	common_app_surrogate_id Int64,
+	common_l7_protocol String,
+	common_sessions Int64,
+	common_c2s_pkt_num Int64,
+	common_s2c_pkt_num Int64,
+	common_c2s_byte_num Int64,
+	common_s2c_byte_num Int64,
+	common_start_time Int64,
+	common_end_time Int64,
+	common_establish_latency_ms Int64,
+	common_con_duration_ms Int64,
+	common_stream_dir Int64,
+	common_address_list String,
+	common_has_dup_traffic Int64,
+	common_stream_error String,
+	common_stream_trace_id UInt64,
+	common_link_info_c2s String,
+	common_link_info_s2c String,
+	common_c2s_ipfrag_num Int64,
+	common_s2c_ipfrag_num Int64,
+	common_c2s_tcp_lostlen Int64,
+	common_s2c_tcp_lostlen Int64,
+	common_c2s_tcp_unorder_num Int64,
+	common_s2c_tcp_unorder_num Int64,
+	common_tcp_client_isn Int64,
+    common_tcp_server_isn Int64,
+	common_first_ttl Int64,
+	common_processing_time Int64,
+	sip_call_id String,
+	sip_originator_description String,
+	sip_responder_description String,
+	sip_user_agent String,
+	sip_server String,
+	sip_originator_sdp_connect_ip String,
+	sip_originator_sdp_media_port Int64,
+	sip_originator_sdp_media_type String,
+	sip_originator_sdp_content String,
+	sip_responder_sdp_connect_ip String,
+	sip_responder_sdp_media_port Int64,
+	sip_responder_sdp_media_type String,
+	sip_responder_sdp_content String,
+	sip_duration Int64,
+	sip_bye String,
+	rtp_payload_type_c2s Nullable(Int64),
+	rtp_payload_type_s2c Nullable(Int64),
+	rtp_pcap_path String,
+	rtp_originator_dir Int64
+) ENGINE =Distributed(ck_cluster,tsg_galaxy_v3,voip_record_log_local,rand());
+
+CREATE TABLE IF NOT EXISTS tsg_galaxy_v3.voip_record_log on cluster ck_cluster(
+	common_log_id UInt64,
+	common_service Int64,
+	common_recv_time Int64,
+	common_direction Nullable(Int64),
+	common_l4_protocol String,
+	common_address_type Int64,
+	common_schema_type String,
+	common_policy_id Int64,
+	common_user_tags String,
+	common_action Int64,
+	common_sub_action String,
+	common_user_region String,
+	common_client_ip String,
+	common_client_port Int64,
+	common_internal_ip String,
+	common_entrance_id Int64,
+	common_device_id String,
+	common_link_id Int64,
+	common_isp String,
+	common_device_tag String,
+	common_data_center String,
+	common_encapsulation Int64,
+	common_tunnels String,
+	common_sled_ip String,
+	common_client_location String,
+	common_client_asn String,
+	common_subscriber_id String,
+	common_server_ip String,
+	common_server_port Int64,
+	common_external_ip String,
+	common_server_location String,
+	common_server_asn String,
+	common_protocol_label String,
+	common_app_label String,
+	common_app_id Int64,
+	common_app_surrogate_id Int64,
+	common_l7_protocol String,
+	common_sessions Int64,
+	common_c2s_pkt_num Int64,
+	common_s2c_pkt_num Int64,
+	common_c2s_byte_num Int64,
+	common_s2c_byte_num Int64,
+	common_start_time Int64,
+	common_end_time Int64,
+	common_establish_latency_ms Int64,
+	common_con_duration_ms Int64,
+	common_stream_dir Int64,
+	common_address_list String,
+	common_has_dup_traffic Int64,
+	common_stream_error String,
+	common_stream_trace_id UInt64,
+	common_link_info_c2s String,
+	common_link_info_s2c String,
+	common_c2s_ipfrag_num Int64,
+	common_s2c_ipfrag_num Int64,
+	common_c2s_tcp_lostlen Int64,
+	common_s2c_tcp_lostlen Int64,
+	common_c2s_tcp_unorder_num Int64,
+	common_s2c_tcp_unorder_num Int64,
+	common_tcp_client_isn Int64,
+    common_tcp_server_isn Int64,
+	common_first_ttl Int64,
+	common_processing_time Int64,
+	sip_call_id String,
+	sip_originator_description String,
+	sip_responder_description String,
+	sip_user_agent String,
+	sip_server String,
+	sip_originator_sdp_connect_ip String,
+	sip_originator_sdp_media_port Int64,
+	sip_originator_sdp_media_type String,
+	sip_originator_sdp_content String,
+	sip_responder_sdp_connect_ip String,
+	sip_responder_sdp_media_port Int64,
+	sip_responder_sdp_media_type String,
+	sip_responder_sdp_content String,
+	sip_duration Int64,
+	sip_bye String,
+	rtp_payload_type_c2s Nullable(Int64),
+	rtp_payload_type_s2c Nullable(Int64),
+	rtp_pcap_path String,
+	rtp_originator_dir Int64
+) ENGINE =Distributed(ck_cluster,tsg_galaxy_v3,voip_record_log_local,rand());
+
+
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_tunnels String after common_encapsulation;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_description String after sip_call_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_description String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_description String after sip_originator_description;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_description String after sip_originator_description;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_responder_description;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_responder_description;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_connect_ip String after sip_server;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_content String after sip_originator_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_content String after sip_originator_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_content String after sip_responder_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_content String after sip_responder_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_responder_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_responder_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_duration;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_path String after rtp_payload_type_s2c;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_path String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_originator_dir Int64 after rtp_pcap_path;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_originator_dir Int64 after rtp_pcap_path;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_description String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_description String after sip_originator_description;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_responder_description;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_content String after sip_originator_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_content String after sip_responder_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_responder_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_pcap_path String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_originator_dir Int64 after rtp_pcap_path;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_description String after sip_call_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_description String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_description String after sip_originator_description;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_description String after sip_originator_description;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_responder_description;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_responder_description;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_connect_ip String after sip_server;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_content String after sip_originator_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_originator_sdp_content String after sip_originator_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_content String after sip_responder_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_responder_sdp_content String after sip_responder_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_responder_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_responder_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_duration;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_path String after rtp_payload_type_s2c;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_pcap_path String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_originator_dir Int64 after rtp_pcap_path;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS rtp_originator_dir Int64 after rtp_pcap_path;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_call_id String after app_extra_info;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_description String after sip_call_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_description String after sip_originator_description;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_user_agent String after sip_responder_description;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_server String after sip_user_agent;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_connect_ip String after sip_server;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_port Int64 after sip_originator_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_media_type String after sip_originator_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_originator_sdp_content String after sip_originator_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_connect_ip String after sip_originator_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_port Int64 after sip_responder_sdp_connect_ip;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_media_type String after sip_responder_sdp_media_port;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_responder_sdp_content String after sip_responder_sdp_media_type;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_duration Int64 after sip_responder_sdp_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS sip_bye String after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_c2s Nullable(Int64) after sip_duration;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_payload_type_s2c Nullable(Int64) after rtp_payload_type_c2s;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_pcap_path String after rtp_payload_type_s2c;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS rtp_originator_dir Int64 after rtp_pcap_path;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_request_content String after http_response_header;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_content String after http_request_content;
+

tsg_olap/upgrade/2021/TSG-21.04/clickhouse/drop_cluster.sql

@@ -0,0 +1,51 @@
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_from;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_to;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local DROP COLUMN rtp_pcap_dir_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_from;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_to;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local DROP COLUMN rtp_pcap_dir_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN rtp_pcap_dir_s2c;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN rtp_pcap_dir_s2c;

tsg_olap/upgrade/2021/TSG-21.04/clickhouse/drop_query.sql

@@ -0,0 +1,25 @@
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.connection_record_log DROP COLUMN rtp_pcap_dir_s2c;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_from_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_connect_ip;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_media_port;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_media_type;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN sip_to_sdp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN rtp_pcap_dir_c2s;
+ALTER TABLE tsg_galaxy_v3.security_event_log DROP COLUMN rtp_pcap_dir_s2c;

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/change_colume_type_cluster.sql

@@ -0,0 +1,44 @@
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.connection_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.connection_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.radius_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.radius_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.security_event_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.security_event_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.voip_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.voip_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local MODIFY COLUMN common_app_id String;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log MODIFY COLUMN common_app_id String;

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/change_colume_type_query.sql

@@ -0,0 +1,27 @@
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.connection_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.radius_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.security_event_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.voip_record_log MODIFY COLUMN common_app_id String;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log MODIFY COLUMN common_app_surrogate_id String;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log MODIFY COLUMN common_app_id String;

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/connection_record_log.sql

@@ -0,0 +1,53 @@
+----------------5926-5918----------------------
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+
+----------------6031-6049----------------------
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/proxy_event_log.sql

@@ -0,0 +1,55 @@
+----------------5926-5918----------------------
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+
+----------------6031-6049----------------------
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/radius_record_log.sql

@@ -0,0 +1,55 @@
+----------------5926-5918----------------------
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+
+----------------6031-6049----------------------
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/security_event_log.sql

@@ -0,0 +1,54 @@
+----------------5926-5918----------------------
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+
+----------------6031-6049----------------------
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/sys_packet_capture_log.sql

@@ -0,0 +1,55 @@
+
+----------------5926-5918----------------------
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+
+----------------6031-6049----------------------
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+

tsg_olap/upgrade/2021/TSG-21.05/Clickhouse/voip_record_log.sql

@@ -0,0 +1,55 @@
+
+----------------5926-5918----------------------
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category String after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_diff Int64 after common_s2c_pkt_num;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_diff Int64 after common_c2s_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_diff Int64 after common_s2c_pkt_diff;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_diff Int64 after common_c2s_byte_diff;
+
+
+----------------6031-6049----------------------
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imei String after common_subscriber_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_imsi String after common_imei;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_phone_number String after common_imsi;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_pkt_retrans Int64 after common_s2c_tcp_unorder_num;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_pkt_retrans Int64 after common_c2s_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_c2s_byte_retrans Int64 after common_s2c_pkt_retrans;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_s2c_byte_retrans Int64 after common_c2s_byte_retrans;
+

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/connection_record_log.sql

@@ -0,0 +1,13 @@
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/createAllTables/dll.sql

@@ -0,0 +1,200 @@
+CREATE TABLE IF NOT EXISTS tsg_galaxy_v3.active_defence_event_log_local on cluster ck_cluster(
+common_log_id UInt64,
+common_recv_time Int64,
+common_entrance_id Int64,
+common_device_id String,
+common_link_id Int64,
+common_policy_id Int64,
+common_user_region String,
+ad_method String,
+ad_protocol String,
+common_address_type Int64,
+ad_target_ip String,
+ad_target_port String,
+ad_cc_target_url String,
+ad_target_ip_location String,
+ad_target_ip_asn String,
+ad_claimed_src_ip_profile_id Int64,
+ad_reflector_profile_id Int64,
+ad_sent_pkt_num Int64,
+ad_sent_byte_num Int64,
+ad_cc_initiate_connection_num Int64,
+ad_cc_established_connection_num Int64,
+ad_cc_rejected_connection_num Int64,
+ad_generate_time Int64
+)
+ENGINE = MergeTree PARTITION BY toYYYYMMDD(toDate(common_recv_time)) ORDER BY (common_log_id,common_policy_id,common_recv_time);
+
+create table IF NOT EXISTS tsg_galaxy_v3.active_defence_event_log on cluster ck_query(
+common_log_id UInt64,
+common_recv_time Int64,
+common_entrance_id Int64,
+common_device_id String,
+common_link_id Int64,
+common_policy_id Int64,
+common_user_region String,
+ad_method String,
+ad_protocol String,
+common_address_type Int64,
+ad_target_ip String,
+ad_target_port String,
+ad_cc_target_url String,
+ad_target_ip_location String,
+ad_target_ip_asn String,
+ad_claimed_src_ip_profile_id Int64,
+ad_reflector_profile_id Int64,
+ad_sent_pkt_num Int64,
+ad_sent_byte_num Int64,
+ad_cc_initiate_connection_num Int64,
+ad_cc_established_connection_num Int64,
+ad_cc_rejected_connection_num Int64,
+ad_generate_time Int64
+)
+ENGINE =Distributed(ck_cluster,tsg_galaxy_v3,active_defence_event_log_local,rand());
+
+create table IF NOT EXISTS tsg_galaxy_v3.active_defence_event_log on cluster ck_cluster(
+common_log_id UInt64,
+common_recv_time Int64,
+common_entrance_id Int64,
+common_device_id String,
+common_link_id Int64,
+common_policy_id Int64,
+common_user_region String,
+ad_method String,
+ad_protocol String,
+common_address_type Int64,
+ad_target_ip String,
+ad_target_port String,
+ad_cc_target_url String,
+ad_target_ip_location String,
+ad_target_ip_asn String,
+ad_claimed_src_ip_profile_id Int64,
+ad_reflector_profile_id Int64,
+ad_sent_pkt_num Int64,
+ad_sent_byte_num Int64,
+ad_cc_initiate_connection_num Int64,
+ad_cc_established_connection_num Int64,
+ad_cc_rejected_connection_num Int64,
+ad_generate_time Int64
+)
+ENGINE =Distributed(ck_cluster,tsg_galaxy_v3,active_defence_event_log_local,rand());
+
+
+
+CREATE DICTIONARY IF NOT EXISTS cdn on cluster ck_cluster (
+cdn_id UInt64,
+ domain String,
+ cname String) PRIMARY KEY cdn_id SOURCE(MYSQL(PORT 3306 USER 'root' PASSWORD 'bifang!@#' REPLICA (HOST '192.168.44.71' PRIORITY 1) DB 'tsg-bifang' TABLE 'tsg_cdn_domain_info')) LIFETIME(MIN 300 MAX 400) LAYOUT(FLAT());
+
+ create table IF NOT EXISTS tsg_galaxy_v3.cdn_dic on cluster ck_cluster (`cdn_id` UInt64,
+ `domain` String,
+ `cname` String) Engine = Dictionary(cdn);
+
+CREATE TABLE IF NOT EXISTS tsg_galaxy_v3.security_website_domain_info_local  on cluster ck_cluster(
+	stat_time Int64,
+	policy_id Int64,
+	domain String,
+	ip_list AggregateFunction(groupUniqArray,String),
+	cdn_list AggregateFunction(groupUniqArray,String),
+	protocol_type_list AggregateFunction(groupUniqArray,String),
+	port_list  AggregateFunction(groupUniqArray,Int64)
+) ENGINE = AggregatingMergeTree PARTITION BY toYYYYMMDD(toDate(stat_time)) ORDER BY (policy_id,domain,stat_time) SETTINGS index_granularity = 8192;
+
+
+
+CREATE MATERIALIZED VIEW IF NOT EXISTS tsg_galaxy_v3.security_website_domain_info_local_view  on cluster ck_cluster TO tsg_galaxy_v3.security_website_domain_info_local (
+stat_time UInt32,
+policy_id Int64,
+domain String,
+ip_list AggregateFunction(groupUniqArray,
+ String),
+ cdn_list AggregateFunction(groupUniqArray,
+ String),
+ protocol_type_list AggregateFunction(groupUniqArray,
+ String),
+ port_list AggregateFunction(groupUniqArray,
+ Int64)) AS SELECT toUnixTimestamp(toStartOfDay(toDate(common_recv_time))) AS stat_time,
+ common_policy_id AS policy_id,
+ http_domain AS domain,
+ groupUniqArrayState(common_server_ip) AS ip_list,
+ groupUniqArrayState(cc.domain) AS cdn_list,
+ groupUniqArrayState(common_schema_type) AS protocol_type_list,
+ groupUniqArrayState(common_server_port) AS port_list FROM (SELECT common_recv_time,
+ common_policy_id,
+ http_domain,
+ common_server_ip,
+ arrayJoin(splitByChar(';',
+ replaceAll(ssl_san,
+ '*',
+ ''))) AS san,
+ common_schema_type,
+ common_server_port FROM tsg_galaxy_v3.security_event_log_local) AS sell INNER JOIN tsg_galaxy_v3.cdn_dic AS cc ON sell.san = cc.domain GROUP BY toStartOfDay(toDate(common_recv_time)),
+ common_policy_id,
+ http_domain;
+ 
+CREATE TABLE IF NOT EXISTS tsg_galaxy_v3.security_ip_info_local  on cluster ck_cluster (
+	stat_time Int64,
+	policy_id Int64,
+	ip String,
+	domain_list AggregateFunction(groupUniqArray,String),
+	port_list  AggregateFunction(groupUniqArray,Int64)
+) ENGINE = AggregatingMergeTree PARTITION BY toYYYYMMDD(toDate(stat_time)) ORDER BY (policy_id,ip,stat_time) SETTINGS index_granularity = 8192;
+
+
+CREATE MATERIALIZED VIEW IF NOT EXISTS tsg_galaxy_v3.security_ip_info_local_view  on cluster ck_cluster TO tsg_galaxy_v3.security_ip_info_local AS
+SELECT
+	toUnixTimestamp(toStartOfDay(toDate(common_recv_time))) as stat_time,
+	common_policy_id as policy_id,
+	common_server_ip as ip,
+	groupUniqArrayState(http_domain) as domain_list ,
+	groupUniqArrayState(common_server_port) as port_list
+FROM
+	tsg_galaxy_v3.security_event_log_local
+group BY
+	toStartOfDay(toDate(common_recv_time)),
+	common_policy_id,
+	common_server_ip;
+
+
+CREATE TABLE IF NOT EXISTS tsg_galaxy_v3.proxy_ip_info_local  on cluster ck_cluster(
+	stat_time Int64,
+	policy_id Int64,
+	ip_list AggregateFunction(groupUniqArray,String)
+) ENGINE = AggregatingMergeTree PARTITION BY toYYYYMMDD(toDate(stat_time)) ORDER BY (policy_id,stat_time) SETTINGS index_granularity = 8192;
+
+
+CREATE MATERIALIZED VIEW IF NOT EXISTS tsg_galaxy_v3.proxy_ip_info_local_view on cluster ck_cluster TO tsg_galaxy_v3.proxy_ip_info_local   (
+ stat_time UInt32,
+ policy_id Int64,
+ ip_list AggregateFunction(groupUniqArray,
+ String)) AS SELECT toUnixTimestamp(toStartOfMinute(toDateTime(common_recv_time))) AS stat_time,
+ common_policy_id AS policy_id,
+ groupUniqArrayState(common_client_ip) AS ip_list FROM tsg_galaxy_v3.proxy_event_log_local GROUP BY toStartOfMinute(toDateTime(common_recv_time)),
+ common_policy_id;
+
+create table IF NOT EXISTS tsg_galaxy_v3.security_website_domain_info on cluster ck_query 
+(
+	stat_time Int64,
+	policy_id Int64,
+	domain String,
+	ip_list AggregateFunction(groupUniqArray,String),
+	cdn_list AggregateFunction(groupUniqArray,String),
+	protocol_type_list AggregateFunction(groupUniqArray,String),
+	port_list  AggregateFunction(groupUniqArray,Int64)
+)
+ENGINE =Distributed(ck_cluster,tsg_galaxy_v3,security_website_domain_info_local,rand());
+
+create table IF NOT EXISTS tsg_galaxy_v3.security_ip_info on cluster ck_query (
+stat_time Int64,
+	policy_id Int64,
+	ip String,
+	domain_list AggregateFunction(groupUniqArray,String),
+	port_list  AggregateFunction(groupUniqArray,Int64)
+) ENGINE =Distributed(ck_cluster,tsg_galaxy_v3,security_ip_info_local,rand());
+
+create table IF NOT EXISTS tsg_galaxy_v3.proxy_ip_info on cluster ck_query (
+stat_time Int64,
+	policy_id Int64,
+	ip_list AggregateFunction(groupUniqArray,String)
+) ENGINE =Distributed(ck_cluster,tsg_galaxy_v3,proxy_ip_info_local,rand());
+

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/gtpc_record_log.sql

@@ -0,0 +1,9 @@
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/live_session_record_log.sql

@@ -0,0 +1,13 @@
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;
+
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/proxy_event_log.sql

@@ -0,0 +1,8 @@
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/radius_record_log.sql

@@ -0,0 +1,10 @@
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/security_event_log.sql

@@ -0,0 +1,13 @@
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;
+
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS ftp_link_type String after ftp_content;

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/sys_packet_capture_log.sql

@@ -0,0 +1,11 @@
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/transaction_record_log.sql

@@ -0,0 +1,9 @@
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;

tsg_olap/upgrade/2021/TSG-21.06/clickhouse/voip_record_log.sql

@@ -0,0 +1,10 @@
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_service_category;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_service_category;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;
+
+
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_service_category Array(Int64) after common_protocol_label;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/active_defence_event_log.sql

@@ -0,0 +1,13 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.active_defence_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/connection_record_log.sql

@@ -0,0 +1,30 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+--------https://jira.geedge.net/browse/TSG-6957
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/gtpc_record_log.sql

@@ -0,0 +1,20 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/live_session_record_log.sql

@@ -0,0 +1,30 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+--------https://jira.geedge.net/browse/TSG-6957
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/proxy_event_log.sql

@@ -0,0 +1,31 @@
+--------https://jira.geedge.net/browse/TSG-6945
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+
+--------https://jira.geedge.net/browse/TSG-6957
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/radius_record_log.sql

@@ -0,0 +1,20 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/security_event_log.sql

@@ -0,0 +1,30 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+--------https://jira.geedge.net/browse/TSG-6957
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/sys_packet_capture_log.sql

@@ -0,0 +1,20 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/transaction_record_log.sql

@@ -0,0 +1,30 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+--------https://jira.geedge.net/browse/TSG-6957
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS http_response_lantency_ms;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS http_response_lantency_ms;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS http_response_latency_ms Int64 after http_version;

tsg_olap/upgrade/2021/TSG-21.07/clickhouse/voip_record_log.sql

@@ -0,0 +1,20 @@
+--------https://jira.geedge.net/browse/TSG-6878
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query DROP COLUMN IF EXISTS common_link_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_link_id;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_egress_link_id Nullable(Int64) after common_device_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_ingress_link_id Nullable(Int64) after common_egress_link_id;
+
+--------https://jira.geedge.net/browse/TSG-6878
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_userdefine_app_name String after common_app_id;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/ck_column_2108_gal72.sql

@@ -0,0 +1,83 @@
+----通联日志
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+
+
+
+----事务日志
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+
+
+----活跃日志
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);
+
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_l7_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_l4_protocol LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_schema_type LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_client_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_server_location LowCardinality(String);
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query MODIFY COLUMN IF EXISTS common_app_label LowCardinality(String);

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/ck_column_2108_gal74.sql

@@ -0,0 +1,92 @@
+--删除子表
+DROP TABLE IF EXISTS tsg_galaxy_v3.common_client_ip ON CLUSTER ck_cluster ;
+DROP TABLE IF EXISTS tsg_galaxy_v3.common_server_ip ON CLUSTER ck_cluster ;
+DROP TABLE IF EXISTS tsg_galaxy_v3.common_subscriber_id ON CLUSTER ck_cluster ;
+DROP TABLE IF EXISTS tsg_galaxy_v3.common_http_domain ON CLUSTER ck_cluster ;
+DROP TABLE IF EXISTS tsg_galaxy_v3.connection_record_log_common_subscriber_id_local ON CLUSTER ck_cluster ;
+DROP TABLE IF EXISTS tsg_galaxy_v3.connection_record_log_common_subscriber_id ON CLUSTER ck_cluster ;
+DROP TABLE IF EXISTS tsg_galaxy_v3.connection_record_log_common_subscriber_id ON CLUSTER ck_query ;
+
+--删除子表多余字段
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_action;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_action;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain_local ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_action;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_action;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_action;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_cluster DROP COLUMN IF EXISTS common_action;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_query DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_query DROP COLUMN IF EXISTS common_action;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_query DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_query DROP COLUMN IF EXISTS common_action;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_query DROP COLUMN IF EXISTS common_policy_id;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_query DROP COLUMN IF EXISTS common_action;
+
+--增加子表字段
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_client_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_common_server_ip ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_schema_type LowCardinality(String) after ssl_sni;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_client_port Int64 after common_schema_type;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_server_port Int64 after common_client_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_app_label LowCardinality(String) after common_server_port;
+ALTER TABLE tsg_galaxy_v3.connection_record_log_http_domain ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_direction Int64 after common_app_label;
+
+
+--创建视图
+CREATE MATERIALIZED VIEW IF NOT EXISTS tsg_galaxy_v3.common_client_ip ON CLUSTER ck_cluster TO tsg_galaxy_v3.connection_record_log_common_client_ip_local AS SELECT common_log_id, common_recv_time, common_server_ip, common_client_ip, common_sled_ip, common_entrance_id, common_subscriber_id, common_stream_trace_id, http_domain, ssl_sni,common_schema_type,common_client_port,common_server_port,common_app_label,common_direction FROM tsg_galaxy_v3.connection_record_log_local;
+CREATE MATERIALIZED VIEW IF NOT EXISTS tsg_galaxy_v3.common_server_ip ON CLUSTER ck_cluster TO tsg_galaxy_v3.connection_record_log_common_server_ip_local AS SELECT common_log_id, common_recv_time, common_server_ip, common_client_ip, common_sled_ip, common_entrance_id, common_subscriber_id, common_stream_trace_id, http_domain, ssl_sni,common_schema_type,common_client_port,common_server_port,common_app_label,common_direction FROM tsg_galaxy_v3.connection_record_log_local;
+CREATE MATERIALIZED VIEW IF NOT EXISTS tsg_galaxy_v3.common_http_domain ON CLUSTER ck_cluster TO tsg_galaxy_v3.connection_record_log_http_domain_local AS SELECT common_log_id, common_recv_time, common_server_ip, common_client_ip, common_sled_ip, common_entrance_id, common_subscriber_id, common_stream_trace_id, http_domain, ssl_sni,common_schema_type,common_client_port,common_server_port,common_app_label,common_direction FROM tsg_galaxy_v3.connection_record_log_local;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/connection_record_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.connection_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/create_dos_tables.sql

@@ -0,0 +1,49 @@
+CREATE TABLE tsg_galaxy_v3.dos_event_log_local on cluster ck_cluster(
+ log_id UInt64,
+ start_time Int64,
+ end_time Int64,
+ attack_type String,
+ severity String,
+ conditions String,
+ destination_ip String,
+ destination_country String,
+ source_ip_list String,
+ source_country_list String,
+ session_rate Int64,
+ packet_rate Int64,
+ bit_rate Int64
+) ENGINE = MergeTree PARTITION BY toYYYYMMDD(toDate(start_time)) ORDER BY (log_id, start_time, destination_ip) SETTINGS index_granularity = 8192;
+
+
+CREATE TABLE tsg_galaxy_v3.dos_event_log on cluster ck_query(
+ log_id UInt64,
+ start_time Int64,
+ end_time Int64,
+ attack_type String,
+ severity String,
+ conditions String,
+ destination_ip String,
+ destination_country String,
+ source_ip_list String,
+ source_country_list String,
+ session_rate Int64,
+ packet_rate Int64,
+ bit_rate Int64
+) ENGINE = Distributed('ck_cluster', 'tsg_galaxy_v3', 'dos_event_log_local', rand());
+
+
+CREATE TABLE tsg_galaxy_v3.dos_event_log on cluster ck_cluster(
+ log_id UInt64,
+ start_time Int64,
+ end_time Int64,
+ attack_type String,
+ severity String,
+ conditions String,
+ destination_ip String,
+ destination_country String,
+ source_ip_list String,
+ source_country_list String,
+ session_rate Int64,
+ packet_rate Int64,
+ bit_rate Int64
+) ENGINE = Distributed('ck_cluster', 'tsg_galaxy_v3', 'dos_event_log_local', rand());

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/gtpc_record_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.gtpc_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/live_session_record_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.live_session_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/proxy_event_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.proxy_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/radius_record_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.radius_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/security_event_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.security_event_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/sys_packet_capture_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.sys_packet_capture_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/transaction_record_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.transaction_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/clickhouse/voip_record_log.sql

@@ -0,0 +1,9 @@
+--------https://jira.geedge.net/browse/TSG-7197
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log_local ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_cluster ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;
+
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_pkts Int64 after common_tcp_server_isn;
+ALTER TABLE tsg_galaxy_v3.voip_record_log ON CLUSTER ck_query ADD COLUMN IF NOT EXISTS common_mirrored_bytes Int64 after common_mirrored_pkts;

tsg_olap/upgrade/2021/TSG-21.08/druid/traffic_destination_ip_metrics_log.json

@@ -0,0 +1,55 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "traffic_top_destination_ip_metrics_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "sketch_start_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	  "common_sled_ip",
+	  "destination_ip",
+	  "common_data_center",
+	  "attack_type",
+	  { "type": "long", "name": "partition_num" }
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+	{ "type" : "longSum", "name" : "session_rate","fieldName" : "session_rate"},
+        { "type" : "longSum", "name" : "packet_rate", "fieldName" : "packet_rate" },
+        { "type" : "longSum", "name" : "bit_rate", "fieldName" : "bit_rate" },
+	{ "type" : "HLLSketchBuild", "name" : "ip_object", "fieldName" : "common_client_ip" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT10M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[]
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "resetOffsetAutomatically": true,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TRAFFIC-TOP-DESTINATION-IP-METRICS-LOG",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "192.168.44.12:9092"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.08/druid/traffic_summary_log.json

@@ -0,0 +1,72 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "traffic_summary_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "common_recv_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "isp",
+	   "data_center",
+           "schema_type",
+           { "name": "entrance_id", "type": "long" }
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+	{ "type" : "HLLSketchBuild", "name" : "ip_object", "fieldName" : "common_client_ip" },
+        { "type" : "longSum", "name" : "sessions", "fieldName" : "common_sessions" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "common_c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "common_s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "common_c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "common_s2c_byte_num" },
+        { "type" : "longSum", "name" : "one_sided_connections", "fieldName" : "one_sided_connections" },
+        { "type" : "longSum", "name" : "uncategorized_bytes", "fieldName" : "uncategorized_bytes" },
+        { "type" : "longSum", "name" : "fragmentation_packets", "fieldName" : "fragmentation_packets" },
+        { "type" : "longSum", "name" : "sequence_gap_loss", "fieldName" : "sequence_gap_loss" },
+        { "type" : "longSum", "name" : "unorder_packets", "fieldName" : "unorder_packets" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT15S", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[
+        {"type": "expression","name": "isp","expression": "common_isp"},
+        {"type": "expression","name": "data_center","expression": "common_data_center"},
+        {"type": "expression","name": "entrance_id","expression": "common_entrance_id"},
+        {"type": "expression","name": "schema_type","expression": "common_schema_type"},
+	{"type": "expression", "name": "one_sided_connections", "expression": "if(common_stream_dir!=3,common_sessions,0)"},
+        {"type": "expression", "name": "uncategorized_bytes", "expression": "if(\"common_l7_protocol\"=='UNCATEGORIZED',\"common_c2s_byte_num\"+\"common_s2c_byte_num\",0)"},
+        {"type": "expression","name": "fragmentation_packets","expression": "\"common_c2s_ipfrag_num\"+\"common_s2c_ipfrag_num\""},
+        {"type": "expression","name": "sequence_gap_loss","expression": "\"common_c2s_tcp_lostlen\"+\"common_s2c_tcp_lostlen\""},
+        {"type": "expression","name": "unorder_packets","expression": "\"common_c2s_tcp_unorder_num\"+\"common_s2c_tcp_unorder_num\""}
+      ]
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 20000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "CONNECTION-RECORD-COMPLETED-LOG",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap:9092",
+      "group.id": "kafka-indexing-service"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.08/gohangout/bin/ghoStart/start_gohangout_k2ck_dos_event_log_tsgv3.sh

@@ -0,0 +1,51 @@
+#!/bin/sh
+
+#gohangout启动文件
+
+#配置文件名称,注意配置文件需要放在$BASE_DIR/conf文件夹下
+YML_NAME=k2ck_dos_event_log_tsgv3
+#gohangout的二进制启动文件路径
+BASE_DIR=$(cd $(dirname $0); cd ../../; pwd)
+#日志级别,1,5,10,数字越大日志越详细
+LOG_LV=3
+#线程总数,即开启worker数量,每个线程拥有自己的filter, output,占用多份内存,默认1个线程
+THREAD_SUM=1
+#进程总数
+PROCESS_SUM=$1
+
+if [ ! -d "$BASE_DIR/logs" ]; then
+        mkdir -p $BASE_DIR/logs
+fi
+
+echo "###########################$(date +%Y%m%d%H%M%S)###########################" >> $BASE_DIR/bin/start_log/${YML_NAME}_restart.log
+id=0
+logid=0
+while true ; do
+    NUM=`ps -ef | grep -w ${YML_NAME}.yml | grep -v grep |wc -l`
+    pids=$(ps -ef | grep -w ${YML_NAME}.yml | grep -v grep | awk '{print $2}')
+    time_stamp=$(date +%Y%m%d%H%M%S)
+    if [ "${NUM}" -lt ${PROCESS_SUM} ];then
+	$BASE_DIR/bin/gohangout --config $BASE_DIR/conf/${YML_NAME}.yml --logtostderr --v ${LOG_LV} --worker ${THREAD_SUM} >> $BASE_DIR/logs/${YML_NAME}.log 2>&1 &
+    echo "${time_stamp} ---> the ${YML_NAME}APP restart ---> $id" >> $BASE_DIR/bin/start_log/${YML_NAME}_restart.log
+    ((logid++))
+    ((id++))
+     if [ ${logid} -gt ${PROCESS_SUM} ];then
+      logid=0
+      pids=$(ps -ef | grep -w ${YML_NAME}.yml | grep -v grep | awk '{print $2}')
+        for pid in $pids
+        do
+         kill -9  $pid
+        done
+        echo "kafka or clickhouse is error,reset gohangout,sleep 30s... ..." >> $BASE_DIR/bin/start_log/${YML_NAME}_restart.log
+        sleep 30
+     fi
+    #大于设置进程数,杀掉所有进程,重启
+    elif [ "${NUM}" -gt ${PROCESS_SUM} ];then
+        for pid in $pids
+        do
+         kill -9  $pid
+        done
+    id=0
+    fi
+        sleep 1
+done

tsg_olap/upgrade/2021/TSG-21.08/gohangout/conf/k2ck_dos_event_log_tsgv3.yml

@@ -0,0 +1,29 @@
+inputs:
+    - Kafka:
+        topic:
+            DOS-EVENT-LOG: 1
+        #assign:
+        #  weblog: [0,9]
+        codec: json
+        consumer_settings:
+            bootstrap.servers: "ip:9092"
+            group.id: gohangout_dos_event_log_tsgv3_1
+            max.partition.fetch.bytes: '10485760'
+            auto.commit.interval.ms: '5000'
+            # from.beginning: 'true'
+            # sasl.mechanism: PLAIN
+            # sasl.user: admin
+            # sasl.password: admin-secret
+
+outputs:
+    - Clickhouse:
+        table: 'tsg_galaxy_v3.dos_event_log_local'
+        username: 'default'
+        password: 'ceiec2019'
+        conn_max_life_time: 60
+        hosts:
+        - 'tcp://ip:9001'
+        bulk_actions: 100000
+        flush_interval: 10
+        concurrent: 2
+        conn_max_life_time: 60

tsg_olap/upgrade/2021/TSG-21.08/gohangout/start_all.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+STARTDIR=$(cd $(dirname $0); pwd)
+
+#docker模式
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_active_defence_event_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_connection_record_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_proxy_event_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_radius_record_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_radius_onff_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_sys_packet_capture_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_voip_record_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_gtpc_record_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_live_session_record_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_transaction_record_log_tsgv3.sh $1 > /dev/null 2>&1 &
+nohup $STARTDIR/bin/ghoStart/start_gohangout_k2ck_dos_event_log_tsgv3.sh $1 > /dev/null 2>&1 &
+$STARTDIR/bin/ghoStart/start_gohangout_k2ck_security_event_log_tsgv3.sh $1

tsg_olap/upgrade/2021/TSG-21.09/Clickhouse/bloom_filter.sql

@@ -0,0 +1,3 @@
+alter table tsg_galaxy_v3.session_record_local on cluster ck_cluster add INDEX IF NOT EXISTS client_index common_client_ip type bloom_filter(0.05) GRANULARITY 1;
+alter table tsg_galaxy_v3.transaction_record_local on cluster ck_cluster add INDEX IF NOT EXISTS client_index common_client_ip type bloom_filter(0.05) GRANULARITY 1;
+alter table tsg_galaxy_v3.interim_session_record_local on cluster ck_cluster add INDEX IF NOT EXISTS client_index common_client_ip type bloom_filter(0.05) GRANULARITY 1;

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks.txt

@@ -0,0 +1,17 @@
+proxy_event_hits_log.json
+security_event_hits_log.json
+sys_storage_log.json
+top_client_ip_log.json
+top_external_host_log.json
+top_internal_host_log.json
+top_server_ip_log.json
+top_urls_log.json
+top_user_log.json
+top_website_domain_log.json
+traffic_metrics_log.json
+traffic_protocol_stat_log.json
+traffic_summary_log.json
+traffic_top_destination_ip_metrics_log.json
+urls_proxy_hot.json
+urls_security_hot.json
+traffic_app_stat_log.json

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/proxy_event_hits_log.json

@@ -0,0 +1,96 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "proxy_event_hits_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "common_recv_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   { "name": "policy_id", "type": "long" },
+	   "isp",
+	   "country",
+	   "location",
+           { "name": "entrance_id", "type": "long" },
+           { "name": "action", "type": "long" },
+	   "sub_action"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+	{ "type" : "HLLSketchBuild", "name" : "ip_object", "fieldName" : "common_client_ip" },
+        { "type" : "count", "name" : "hits" },
+	{ "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "common_c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "common_s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT1M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[
+        {
+          "type": "expression",
+          "name": "country",
+          "expression": "array_ordinal(string_to_array(common_client_location,','),3)"
+        },
+	{
+          "type": "expression",
+          "name": "location",
+          "expression": "array_ordinal(string_to_array(common_client_location,','),2)"
+        },
+        {
+         "type": "expression",
+         "name": "policy_id",
+         "expression": "common_policy_id"
+        },
+        {
+         "type": "expression",
+         "name": "isp",
+         "expression": "common_isp"
+        },
+        {
+         "type": "expression",
+         "name": "entrance_id",
+         "expression": "common_entrance_id"
+        },
+        {
+         "type": "expression",
+         "name": "sub_action",
+         "expression": "common_sub_action"
+        },
+        {
+         "type": "expression",
+         "name": "action",
+         "expression": "common_action"
+        }
+      ]
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 20000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "PROXY-EVENT-COMPLETED",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/security_event_hits_log.json

@@ -0,0 +1,76 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "security_event_hits_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "common_recv_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   { "name": "policy_id", "type": "long" },
+	   "isp",
+	   { "name": "entrance_id", "type": "long" },
+	   { "name": "action", "type": "long" }
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "count", "name" : "hits" },
+	{ "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "common_c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "common_s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT1M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[
+        {
+         "type": "expression",
+         "name": "policy_id",
+         "expression": "common_policy_id"
+        },
+        {
+         "type": "expression",
+         "name": "isp",
+         "expression": "common_isp"
+        },
+        {
+         "type": "expression",
+         "name": "entrance_id",
+         "expression": "common_entrance_id"
+        },
+        {
+         "type": "expression",
+         "name": "action",
+         "expression": "common_action"
+        }
+      ]
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "SECURITY-EVENT-COMPLETED",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/sys_storage_log.json

@@ -0,0 +1,51 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "sys_storage_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "log_type",
+	   "data_center",
+	   { "name": "used_size", "type": "long" },
+	   { "name": "max_size", "type": "long" },
+	   { "name": "aggregate_size", "type": "long" },
+	   { "name": "last_storage", "type": "long" }
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+   ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": false
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "SYS-STORAGE",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/top_client_ip_log.json

@@ -0,0 +1,52 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "top_client_ip_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "iso"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "source",
+	   "order_by"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "session_num", "fieldName" : "session_num" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TOP-CLIENT-IP",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/top_external_host_log.json

@@ -0,0 +1,53 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "top_external_host_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "iso"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "destination",
+	   "order_by" 
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "session_num", "fieldName" : "session_num" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 5000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TOP-EXTERNAL-HOST",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/top_internal_host_log.json

@@ -0,0 +1,52 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "top_internal_host_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "iso"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "source",
+	   "order_by"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "session_num", "fieldName" : "session_num" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TOP-INTERNAL-HOST",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/top_server_ip_log.json

@@ -0,0 +1,53 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "top_server_ip_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "iso"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "destination",
+	   "order_by" 
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "session_num", "fieldName" : "session_num" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 5000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TOP-SERVER-IP",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/top_urls_log.json

@@ -0,0 +1,49 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "top_urls_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "iso"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "url"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "session_num", "fieldName" : "session_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{}
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 5000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TOP-URLS",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/top_user_log.json

@@ -0,0 +1,52 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "top_user_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "iso"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "subscriber_id",
+	   "order_by"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "session_num", "fieldName" : "session_num" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TOP-USER",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/top_website_domain_log.json

@@ -0,0 +1,53 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "top_website_domain_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "iso"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "domain",
+	   "order_by" 
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "session_num", "fieldName" : "session_num" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 5000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TOP-WEBSITE-DOMAIN",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/traffic_app_stat_log.json

@@ -0,0 +1,63 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "traffic_app_stat_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "common_recv_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	  "app_name",
+	  "sub_app_name"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+	{ "type" : "longSum", "name" : "session_num","fieldName" : "common_sessions"},
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "common_c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "common_s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "common_c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "common_s2c_byte_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[
+        {"type": "expression", "name": "app_name", "expression": "array_ordinal(string_to_array(replace(common_app_label, '.', '/'),'/'),1)"},
+        {"type": "expression", "name": "sub_app_name", "expression": "array_ordinal(string_to_array(replace(common_app_label, '.', '/'),'/'),2)"}
+      ],
+      "filter": {
+        "type": "not",
+        "field":{ "type": "selector", "dimension": "app_name", "value": "" }
+      }
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "SESSION-RECORD-COMPLETED",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "earlyMessageRejectionPeriod": "PT6H",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/traffic_metrics_log.json

@@ -0,0 +1,152 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "traffic_metrics_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "timestamp",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "device_id",
+	   "entrance_id"
+          ]
+        },
+	"flattenSpec": {
+  	  "useFieldDiscovery": true,
+  	  "fields": [
+	    	{ "name": "allow_conn_num", "type": "path", "expr": "$.fields.allow_conn_num" },
+                { "name": "allow_in_bytes", "type": "path", "expr": "$.fields.allow_in_bytes" },
+                { "name": "allow_in_packets", "type": "path", "expr": "$.fields.allow_in_packets" },
+                { "name": "allow_out_bytes", "type": "path", "expr": "$.fields.allow_out_bytes" },
+                { "name": "allow_out_packets", "type": "path", "expr": "$.fields.allow_out_packets" },
+                { "name": "close_conn_num", "type": "path", "expr": "$.fields.close_conn_num" },
+                { "name": "default_conn_num", "type": "path", "expr": "$.fields.default_conn_num" },
+                { "name": "default_in_bytes", "type": "path", "expr": "$.fields.default_in_bytes" },
+                { "name": "default_in_packets", "type": "path", "expr": "$.fields.default_in_packets" },
+                { "name": "default_out_bytes", "type": "path", "expr": "$.fields.default_out_bytes" },
+                { "name": "default_out_packets", "type": "path", "expr": "$.fields.default_out_packets" },
+                { "name": "deny_conn_num", "type": "path", "expr": "$.fields.deny_conn_num" },
+                { "name": "deny_in_bytes", "type": "path", "expr": "$.fields.deny_in_bytes" },
+                { "name": "deny_in_packets", "type": "path", "expr": "$.fields.deny_in_packets" },
+                { "name": "deny_out_bytes", "type": "path", "expr": "$.fields.deny_out_bytes" },
+                { "name": "deny_out_packets", "type": "path", "expr": "$.fields.deny_out_packets" },
+                { "name": "established_conn_num", "type": "path", "expr": "$.fields.established_conn_num" },
+                { "name": "intercept_conn_num", "type": "path", "expr": "$.fields.intercept_conn_num" },
+                { "name": "intercept_in_bytes", "type": "path", "expr": "$.fields.intercept_in_bytes" },
+                { "name": "intercept_in_packets", "type": "path", "expr": "$.fields.intercept_in_packets" },
+                { "name": "intercept_out_bytes", "type": "path", "expr": "$.fields.intercept_out_bytes" },
+                { "name": "intercept_out_packets", "type": "path", "expr": "$.fields.intercept_out_packets" },
+                { "name": "monitor_conn_num", "type": "path", "expr": "$.fields.monitor_conn_num" },
+                { "name": "monitor_in_bytes", "type": "path", "expr": "$.fields.monitor_in_bytes" },
+                { "name": "monitor_in_packets", "type": "path", "expr": "$.fields.monitor_in_packets" },
+                { "name": "monitor_out_bytes", "type": "path", "expr": "$.fields.monitor_out_bytes" },
+                { "name": "monitor_out_packets", "type": "path", "expr": "$.fields.monitor_out_packets" },
+                { "name": "new_conn_num", "type": "path", "expr": "$.fields.new_conn_num" },
+                { "name": "total_in_bytes", "type": "path", "expr": "$.fields.total_in_bytes" },
+                { "name": "total_in_packets", "type": "path", "expr": "$.fields.total_in_packets" },
+                { "name": "total_out_bytes", "type": "path", "expr": "$.fields.total_out_bytes" },
+                { "name": "total_out_packets", "type": "path", "expr": "$.fields.total_out_packets" },
+                { "name": "pinning_num", "type": "path", "expr": "$.fields.pinning_num" },
+                { "name": "not_pinning_num", "type": "path", "expr": "$.fields.not_pinning_num" },
+                { "name": "maybe_pinning_num", "type": "path", "expr": "$.fields.maybe_pinning_num" },
+                { "name": "alert_bytes", "type": "path", "expr": "$.fields.alert_bytes" },
+                { "name": "insert_bytes", "type": "path", "expr": "$.fields.insert_bytes" },
+                { "name": "hijack_bytes", "type": "path", "expr": "$.fields.hijack_bytes" },
+                { "name": "ad_reflection_bytes", "type": "path", "expr": "$.fields.ad_reflection_bytes" },
+                { "name": "ad_flood_bytes", "type": "path", "expr": "$.fields.ad_flood_bytes" },
+                { "name": "ad_cc_bytes", "type": "path", "expr": "$.fields.ad_cc_bytes" },
+                { "name": "intercept_monitor_conn_num", "type": "path", "expr": "$.fields.intcp_mon_num" },
+                { "name": "intercept_allow_conn_num", "type": "path", "expr": "$.fields.intcp_allow_num" },
+                { "name": "intercept_deny_conn_num", "type": "path", "expr": "$.fields.intcp_deny_num" },
+                { "name": "intercept_redirect_conn_num", "type": "path", "expr": "$.fields.intcp_rdirt_num" },
+                { "name": "intercept_replace_conn_num", "type": "path", "expr": "$.fields.intcp_repl_num" },
+                { "name": "intercept_hijack_conn_num", "type": "path", "expr": "$.fields.intcp_hijk_num" },
+                { "name": "intercept_insert_conn_num", "type": "path", "expr": "$.fields.intcp_ins_num" },
+                { "name": "app_name", "type": "path", "expr": "$.tags.app_name" },
+                { "name": "device_id", "type": "path", "expr": "$.tags.device_id" },
+		{ "name": "entrance_id", "type": "path", "expr": "$.tags.entrance_id" }
+  	  ]
+	}
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "longSum", "name" : "new_conn_num", "fieldName" : "new_conn_num" },
+        { "type" : "longMax", "name" : "established_conn_num", "fieldName" : "established_conn_num" },
+        { "type" : "longSum", "name" : "close_conn_num", "fieldName" : "close_conn_num" },
+        { "type" : "longSum", "name" : "total_in_bytes", "fieldName" : "total_in_bytes" },
+        { "type" : "longSum", "name" : "total_out_bytes", "fieldName" : "total_out_bytes" },
+        { "type" : "longSum", "name" : "total_in_packets", "fieldName" : "total_in_packets" },
+        { "type" : "longSum", "name" : "total_out_packets", "fieldName" : "total_out_packets" },
+        { "type" : "longSum", "name" : "default_conn_num", "fieldName" : "default_conn_num" },
+        { "type" : "longSum", "name" : "default_in_bytes", "fieldName" : "default_in_bytes" },
+        { "type" : "longSum", "name" : "default_out_bytes", "fieldName" : "default_out_bytes" },
+        { "type" : "longSum", "name" : "default_in_packets", "fieldName" : "default_in_packets" },
+        { "type" : "longSum", "name" : "default_out_packets", "fieldName" : "default_out_packets" },
+        { "type" : "longSum", "name" : "allow_conn_num", "fieldName" : "allow_conn_num" },
+        { "type" : "longSum", "name" : "allow_in_bytes", "fieldName" : "allow_in_bytes" },
+        { "type" : "longSum", "name" : "allow_out_bytes", "fieldName" : "allow_out_bytes" },
+        { "type" : "longSum", "name" : "allow_in_packets", "fieldName" : "allow_in_packets" },
+        { "type" : "longSum", "name" : "allow_out_packets", "fieldName" : "allow_out_packets" },
+        { "type" : "longSum", "name" : "deny_conn_num", "fieldName" : "deny_conn_num" },
+        { "type" : "longSum", "name" : "deny_in_bytes", "fieldName" : "deny_in_bytes" },
+        { "type" : "longSum", "name" : "deny_out_bytes", "fieldName" : "deny_out_bytes" },
+        { "type" : "longSum", "name" : "deny_in_packets", "fieldName" : "deny_in_packets" },
+        { "type" : "longSum", "name" : "deny_out_packets", "fieldName" : "deny_out_packets" },
+        { "type" : "longSum", "name" : "monitor_conn_num", "fieldName" : "monitor_conn_num" },
+        { "type" : "longSum", "name" : "monitor_in_bytes", "fieldName" : "monitor_in_bytes" },
+        { "type" : "longSum", "name" : "monitor_out_bytes", "fieldName" : "monitor_out_bytes" },
+        { "type" : "longSum", "name" : "monitor_in_packets", "fieldName" : "monitor_in_packets" },
+        { "type" : "longSum", "name" : "monitor_out_packets", "fieldName" : "monitor_out_packets" },
+        { "type" : "longSum", "name" : "intercept_conn_num", "fieldName" : "intercept_conn_num" },
+        { "type" : "longSum", "name" : "intercept_in_bytes", "fieldName" : "intercept_in_bytes" },
+        { "type" : "longSum", "name" : "intercept_out_bytes", "fieldName" : "intercept_out_bytes" },
+        { "type" : "longSum", "name" : "intercept_in_packets", "fieldName" : "intercept_in_packets" },
+        { "type" : "longSum", "name" : "intercept_out_packets", "fieldName" : "intercept_out_packets" },
+        { "type" : "longSum", "name" : "pinning_num", "fieldName" : "pinning_num" },
+        { "type" : "longSum", "name" : "not_pinning_num", "fieldName" : "not_pinning_num" },
+        { "type" : "longSum", "name" : "maybe_pinning_num", "fieldName" : "maybe_pinning_num" },
+        { "type" : "longSum", "name" : "alert_bytes", "fieldName" : "alert_bytes" },
+        { "type" : "longSum", "name" : "ins_bytes", "fieldName" : "insert_bytes" },
+        { "type" : "longSum", "name" : "hijk_bytes", "fieldName" : "hijack_bytes" },
+        { "type" : "longSum", "name" : "ad_reflection_bytes", "fieldName" : "ad_reflection_bytes" },
+        { "type" : "longSum", "name" : "ad_flood_bytes", "fieldName" : "ad_flood_bytes" },
+        { "type" : "longSum", "name" : "ad_cc_bytes", "fieldName" : "ad_cc_bytes" },
+        { "type" : "longSum", "name" : "intcp_mon_num", "fieldName" : "intercept_monitor_conn_num" },
+        { "type" : "longSum", "name" : "intcp_allow_num", "fieldName" : "intercept_allow_conn_num" },
+        { "type" : "longSum", "name" : "intcp_deny_num", "fieldName" : "intercept_deny_conn_num" },
+        { "type" : "longSum", "name" : "intcp_rdirt_num", "fieldName" : "intercept_redirect_conn_num" },
+        { "type" : "longSum", "name" : "intcp_repl_num", "fieldName" : "intercept_replace_conn_num" },
+        { "type" : "longSum", "name" : "intcp_hijk_num", "fieldName" : "intercept_hijack_conn_num" },
+        { "type" : "longSum", "name" : "intcp_ins_num", "fieldName" : "intercept_insert_conn_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5S", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{}
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TRAFFIC-METRICS",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/traffic_protocol_stat_log.json

@@ -0,0 +1,65 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "traffic_protocol_stat_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "stat_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+            "protocol_id",
+            "isp",
+	    "data_center",
+            {
+              "name": "entrance_id",
+              "type": "long"
+            }
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+      { "type" : "longSum", "name" : "sessions", "fieldName" : "sessions" },
+      { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "c2s_pkt_num" },
+      { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "s2c_pkt_num" },
+      { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "c2s_byte_num" },
+      { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "s2c_byte_num" },
+      { "type" : "longSum", "name" : "c2s_ipfrag_num", "fieldName" : "c2s_ipfrag_num" },
+      { "type" : "longSum", "name" : "s2c_ipfrag_num", "fieldName" : "s2c_ipfrag_num" },
+      { "type" : "longSum", "name" : "c2s_tcp_lostlen", "fieldName" : "c2s_tcp_lostlen" },
+      { "type" : "longSum", "name" : "s2c_tcp_lostlen", "fieldName" : "s2c_tcp_lostlen" },
+      { "type" : "longSum", "name" : "c2s_tcp_unorder_num", "fieldName" : "c2s_tcp_unorder_num" },
+      { "type" : "longSum", "name" : "s2c_tcp_unorder_num", "fieldName" : "s2c_tcp_unorder_num" }
+    ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT15S", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{}
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 5000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TRAFFIC-PROTOCOL-STAT",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/traffic_summary_log.json

@@ -0,0 +1,74 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "traffic_summary_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "common_recv_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "isp",
+	   "data_center",
+           "schema_type",
+           { "name": "entrance_id", "type": "long" }
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+	{ "type" : "HLLSketchBuild", "name" : "ip_object", "fieldName" : "common_client_ip" },
+        { "type" : "longSum", "name" : "sessions", "fieldName" : "common_sessions" },
+        { "type" : "longSum", "name" : "c2s_pkt_num", "fieldName" : "common_c2s_pkt_num" },
+        { "type" : "longSum", "name" : "s2c_pkt_num", "fieldName" : "common_s2c_pkt_num" },
+        { "type" : "longSum", "name" : "c2s_byte_num", "fieldName" : "common_c2s_byte_num" },
+        { "type" : "longSum", "name" : "s2c_byte_num", "fieldName" : "common_s2c_byte_num" },
+        { "type" : "longSum", "name" : "one_sided_connections", "fieldName" : "one_sided_connections" },
+        { "type" : "longSum", "name" : "uncategorized_bytes", "fieldName" : "uncategorized_bytes" },
+        { "type" : "longSum", "name" : "fragmentation_packets", "fieldName" : "fragmentation_packets" },
+        { "type" : "longSum", "name" : "sequence_gap_loss", "fieldName" : "sequence_gap_loss" },
+        { "type" : "longSum", "name" : "unorder_packets", "fieldName" : "unorder_packets" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT15S", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[
+        {"type": "expression","name": "isp","expression": "common_isp"},
+        {"type": "expression","name": "data_center","expression": "common_data_center"},
+        {"type": "expression","name": "entrance_id","expression": "common_entrance_id"},
+        {"type": "expression","name": "schema_type","expression": "common_schema_type"},
+	{"type": "expression", "name": "one_sided_connections", "expression": "if(common_stream_dir!=3,common_sessions,0)"},
+        {"type": "expression", "name": "uncategorized_bytes", "expression": "if(array_ordinal(string_to_array(common_protocol_label,'/'),1)=='UNCATEGORIZED',\"common_c2s_byte_num\"+\"common_s2c_byte_num\",0)"},
+        {"type": "expression","name": "fragmentation_packets","expression": "\"common_c2s_ipfrag_num\"+\"common_s2c_ipfrag_num\""},
+        {"type": "expression","name": "sequence_gap_loss","expression": "\"common_c2s_tcp_lostlen\"+\"common_s2c_tcp_lostlen\""},
+        {"type": "expression","name": "unorder_packets","expression": "\"common_c2s_tcp_unorder_num\"+\"common_s2c_tcp_unorder_num\""}
+      ]
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 20000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "SESSION-RECORD-COMPLETED",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/traffic_top_destination_ip_metrics_log.json

@@ -0,0 +1,58 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "traffic_top_destination_ip_metrics_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "sketch_start_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	  "common_sled_ip",
+	  "destination_ip",
+	  "common_data_center",
+	  "attack_type",
+	  { "type": "long", "name": "partition_num" }
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+	{ "type" : "longSum", "name" : "session_rate","fieldName" : "session_rate"},
+        { "type" : "longSum", "name" : "packet_rate", "fieldName" : "packet_rate" },
+        { "type" : "longSum", "name" : "bit_rate", "fieldName" : "bit_rate" },
+	{ "type" : "HLLSketchBuild", "name" : "ip_object", "fieldName" : "common_client_ip" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT10M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[]
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "resetOffsetAutomatically": true,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "TRAFFIC-TOP-DESTINATION-IP-METRICS",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/urls_proxy_hot.json

@@ -0,0 +1,61 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "proxy_event_urls_hot_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "common_recv_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "url"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "count", "name" : "session_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[
+        {
+         "type": "expression",
+         "name": "url",
+         "expression": "http_url"
+        }
+      ],
+      "filter": {
+        "type": "not",
+        "field":{ "type": "selector", "dimension": "url", "value": "" }
+      }
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 5000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "PROXY-EVENT-COMPLETED",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Druid/tasks/urls_security_hot.json

@@ -0,0 +1,61 @@
+{
+  "type": "kafka",
+  "dataSchema": {
+    "dataSource": "security_event_urls_hot_log",
+    "parser": {
+      "type": "string",
+      "parseSpec": {
+        "format": "json",
+        "timestampSpec": {
+          "column": "common_recv_time",
+          "format": "posix"
+        },
+        "dimensionsSpec": {
+          "dimensions": [
+	   "url"
+          ]
+        }
+      }
+    },
+    "metricsSpec" : [
+        { "type" : "count", "name" : "session_num" }
+  ],
+    "granularitySpec": {
+      "type": "uniform",
+      "segmentGranularity": "DAY",
+      "queryGranularity": {"type": "period", "period": "PT5M", "timeZone": "Asia/Hong_Kong"},
+      "rollup": true
+    },
+    "transformSpec" :{
+      "transforms":[
+        {
+         "type": "expression",
+         "name": "url",
+         "expression": "http_url"
+        }
+      ],
+      "filter": {
+        "type": "not",
+        "field":{ "type": "selector", "dimension": "url", "value": "" }
+      }
+    }
+  },
+  "tuningConfig": {
+    "type": "kafka",
+    "maxRowsPerSegment": 5000000,
+    "reportParseExceptions": false
+  },
+  "ioConfig": {
+    "topic": "SECURITY-EVENT-COMPLETED",
+    "taskCount": 1,
+    "replicas": 1,
+    "taskDuration": "PT1H",
+    "completionTimeout": "PT30M",
+    "consumerProperties": {
+      "bootstrap.servers": "kafkabootstrap",
+      "sasl.mechanism": "PLAIN",
+      "security.protocol": "SASL_PLAINTEXT",
+      "sasl.jaas.config": "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"galaxy2019\";"
+    }
+  }
+}

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-job-service/admin/logback.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration scan="true" scanPeriod="60 seconds" debug="false">
+
+    <!--每100M压缩日志文件-->
+    <property name="LOG_SIZE" value="100MB"/>
+    <!--日志文件路径-->
+    <property name="LOG_PATH" value="/logs"/>
+    <!--日志文件名称-->
+    <property name="LOG_FILE_NAME" value="galaxy-job-admin"/>
+    <!--日志打印等级-->
+    <property name="LOG_LEVEL" value="info"/>
+    <!--日志最大的历史30天 -->
+    <property name="LOG_DAYS" value="60"/>
+    <!--日志打印格式-->
+    <property name="LOG_PATTERN" value="%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger -%msg%n"/>
+
+    <!--    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+            <encoder>
+                <pattern>${LOG_PATTERN}</pattern>
+            </encoder>
+        </appender>
+    -->
+
+    <appender name="ALL" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${LOG_PATH}/${LOG_FILE_NAME}.log</file>
+        <filter class="ch.qos.logback.classic.filter.LevelFilter">
+            <level>ALL</level>
+        </filter>
+        <encoder>
+            <pattern>${LOG_PATTERN}</pattern>
+        </encoder>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <fileNamePattern>
+                ${LOG_PATH}/history/${LOG_FILE_NAME}-%d{yyyy-MM-dd}-%i.log.gz
+            </fileNamePattern>
+            <maxHistory>${LOG_DAYS}</maxHistory>
+            <maxFileSize>${LOG_SIZE}</maxFileSize>
+        </rollingPolicy>
+    </appender>
+
+    <root level="${LOG_LEVEL}">
+        <appender-ref ref="ALL"/>
+<!--        <appender-ref ref="STDOUT"/>-->
+    </root>
+
+</configuration>

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-job-service/executor/galaxy-job-executor

@@ -0,0 +1,67 @@
+################################静态参数配置(修改后需要重启项目)################################
+### web port
+server.port = 8182
+spring.application.name=galaxy-job-executor
+### actuator
+management.server.servlet.context-path=/actuator
+management.health.mail.enabled=false
+management.endpoints.web.exposure.include=*
+#详细的应用健康信息
+management.endpoint.health.show-details=always
+management.endpoint.metrics.enabled=true
+management.endpoint.prometheus.enabled=true
+management.metrics.export.prometheus.enabled=true
+management.metrics.tags.application=${spring.application.name}
+zookeeper.server=192.168.44.12:2181
+
+################################动态参数配置(修改后不需要重启项目)################################
+##存储配额文件服务器
+#storge.files.hos-server=Nur-sultan|192.168.44.12:9098,Aktau|,Aktubinsk|,Almaty|,Atyrau|,Karaganda|,Kokshetau|,Kostanay|,Kyzylorda|,Pavlodar|,Semey|,Shymkent|,Taldykurgan|,Taraz|,Uralsk|,Ust-Kamenogorsk|,Zhezkazgan|
+storge.files.hos-server=XXG|192.168.44.12:9098
+storge.files.token=c21f969b5f03d33d43e04f8f136e7682
+##存储配额查询druid
+storge.analytic.server=XXG|192.168.44.12:8089
+##存储配额查询clickhouse
+storge.traffic.server=XXG|192.168.44.12:8124
+storge.traffic.datasource=tsg_galaxy_v3
+storge.traffic.username=default
+storge.traffic.password=ceiec2019
+#删除ttl
+storge.traffic.system.parts=system.parts
+#存储配额查询
+storge.traffic.system.partsclusters=system.parts_cluster
+storge.traffic.system.disks=system.disks_cluster
+storge.traffic.system.tables=system.tables
+storge.traffic.system.clusters=system.clusters
+#删除ttl白名单,多个逗号分隔
+storge.files.delete.exclusion=
+storge.analytic.delete.exclusion=traffic_metrics_log
+storge.taffic.delete.exclusion=
+### xxl-job admin address list, such as "http://address" or "http://address01,http://address02"
+xxl.job.admin.addresses=http://192.168.44.12:8181/xxl-job-admin
+
+### xxl-job, access token
+xxl.job.accessToken=
+### xxl-job executor registry-address: default use address to registry , otherwise use ip:po
+xxl.job.executor.appname=galaxy-executor
+### xxl-job executor registry-address: default use address to registry , otherwise use ip:port if address is null
+xxl.job.executor.address=
+### xxl-job executor server-info
+xxl.job.executor.ip=
+xxl.job.executor.port=8886
+### xxl-job executor log-path
+xxl.job.executor.logpath=/data/logs/jobhandler
+### xxl-job executor log-retention-days
+xxl.job.executor.logretentiondays=30
+## http pool config
+### max connection number
+http.pool.max.connection=500
+http.pool.request.timeout=120000
+http.pool.response.timeout=120000
+http.pool.max.per.route=300
+http.pool.connect.timeout=10000
+##指定kafka server的地址，集群配多个，中间，逗号隔开
+spring.kafka.bootstrap-servers=192.168.44.12:9092
+spring.kafka.ssl.enable=true
+spring.kafka.ssl.username=admin
+spring.kafka.ssl.pin=galaxy2019

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-job-service/executor/logback.xml

@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration scan="true" scanPeriod="60 seconds" debug="false">
+
+    <!--每100M压缩日志文件-->
+    <property name="LOG_SIZE" value="100MB"/>
+    <!--日志文件路径-->
+    <property name="LOG_PATH" value="/logs"/>
+    <!--日志文件名称-->
+    <property name="LOG_FILE_NAME" value="galaxy-job-executor"/>
+    <!--日志打印等级-->
+    <property name="LOG_LEVEL" value="info"/>
+    <!--日志最大的历史30天 -->
+    <property name="LOG_DAYS" value="60"/>
+    <!--日志打印格式-->
+    <property name="LOG_PATTERN" value="%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger -%msg%n"/>
+    <!--
+        <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+            <encoder>
+                <pattern>${LOG_PATTERN}</pattern>
+            </encoder>
+        </appender>
+    -->
+        <appender name="ALL" class="ch.qos.logback.core.rolling.RollingFileAppender">
+            <file>${LOG_PATH}/${LOG_FILE_NAME}.log</file>
+            <filter class="ch.qos.logback.classic.filter.LevelFilter">
+                <level>ALL</level>
+            </filter>
+            <encoder>
+                <pattern>${LOG_PATTERN}</pattern>
+            </encoder>
+            <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+                <fileNamePattern>
+                    ${LOG_PATH}/history/${LOG_FILE_NAME}-%d{yyyy-MM-dd}-%i.log.gz
+                </fileNamePattern>
+                <maxHistory>${LOG_DAYS}</maxHistory>
+                <maxFileSize>${LOG_SIZE}</maxFileSize>
+            </rollingPolicy>
+        </appender>
+
+        <root level="${LOG_LEVEL}">
+            <appender-ref ref="ALL"/>
+<!--            <appender-ref ref="STDOUT"/>-->
+        </root>
+
+    </configuration>

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/log4j2.xml

@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+    <!--日志打印相关参数配置-->
+    <Properties>
+        <!--每5M压缩日志文件-->
+        <property name="LOG_SIZE">5M</property>
+        <!--最多产生10个压缩文件-->
+        <property name="LOG_NUMS">10</property>
+        <!--日志打印等级-->
+        <property name="LOG_LEVEL">info</property>
+        <!--日志文件路径-->
+        <property name="LOG_PATH">logs</property>
+        <!--日志文件名称-->
+        <property name="LOG_FILE_NAME">galaxy-qgw-service</property>
+        <!--日志打印格式-->
+        <property name="LOG_PATTERN">[%d{yyyy-MM-dd HH:mm:ss}] [%p] [Thread:%t] %l %x - %m%n</property>
+    </Properties>
+
+    <appenders>
+      <!--  <Console name="consoleSystemOutAppender" target="SYSTEM_OUT">
+            <ThresholdFilter level="DEBUG" onMatch="ACCEPT" onMismatch="DENY"/>
+            <PatternLayout pattern="${LOG_PATTERN}"/>
+        </Console>
+       -->
+        <RollingFile name="rollingFileAllAppender"
+                     fileName="${LOG_PATH}/${LOG_FILE_NAME}.log"
+                     filePattern="${LOG_PATH}/history/$${date:yyyy-MM-dd}/${LOG_FILE_NAME}-%d{yyyy-MM-dd}-%i.log.gz">
+            <PatternLayout pattern="${LOG_PATTERN}"/>
+            <Policies>
+                <SizeBasedTriggeringPolicy size="${LOG_SIZE}"/>
+                <TimeBasedTriggeringPolicy interval="1" modulate="true"/>
+            </Policies>
+            <Filters>
+                <ThresholdFilter level="all" onMatch="ACCEPT" onMismatch="DENY"/>
+            </Filters>
+            <DefaultRolloverStrategy max="${LOG_NUMS}">
+                <Delete basePath="${LOG_PATH}/history" maxDepth="1">
+                    <IfFileName glob="*.log.gz">
+                        <IfLastModified age="90d">
+                            <IfAny>
+                                <IfAccumulatedFileSize exceeds="200 GB" />
+                            </IfAny>
+                        </IfLastModified>
+                    </IfFileName>
+                </Delete>
+            </DefaultRolloverStrategy>
+        </RollingFile>
+    </appenders>
+    <loggers>
+        <root level="${LOG_LEVEL}">
+<!--            <appender-ref ref="consoleSystemOutAppender"/>-->
+            <appender-ref ref="rollingFileAllAppender"/>
+        </root>
+    </loggers>
+</configuration>

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/schema/active_defence_event.json

@@ -0,0 +1,322 @@
+{
+  "type": "record",
+  "name": "active_defence_event",
+  "namespace": "tsg_galaxy_v3",
+  "doc": {
+    "primary_key": "common_log_id",
+    "partition_key": "common_recv_time",
+    "schema_query": {
+      "dimensions": [
+        "common_policy_id",
+        "ad_target_ip",
+        "ad_cc_target_url"
+      ],
+      "metrics": [
+        "ad_target_ip",
+        "ad_sent_byte_num",
+        "ad_sent_pkt_num",
+        "ad_cc_initiate_connection_num",
+        "ad_cc_established_connection_num",
+        "ad_cc_rejected_connection_num"
+      ],
+      "filters": [
+        "common_policy_id",
+        "ad_target_ip",
+        "ad_target_port",
+        "ad_protocol",
+        "common_address_type",
+        "ad_sent_byte_num",
+        "ad_sent_pkt_num",
+        "ad_cc_initiate_connection_num",
+        "ad_cc_established_connection_num",
+        "ad_cc_rejected_connection_num"
+      ]
+    },
+    "schema_type": {
+      "REFLECTION": {
+        "columns": [
+          "common_recv_time",
+          "common_log_id",
+          "common_policy_id",
+          "common_address_type",
+          "common_device_id",
+          "common_egress_link_id",
+          "common_ingress_link_id",
+          "common_entrance_id",
+          "common_user_region",
+          "ad_method",
+          "ad_protocol",
+          "ad_target_ip",
+          "ad_target_port",
+          "ad_target_ip_location",
+          "ad_target_ip_asn",
+          "ad_reflector_profile_id",
+          "ad_sent_pkt_num",
+          "ad_sent_byte_num",
+          "ad_generate_time"
+        ],
+        "default_columns": [
+          "common_recv_time",
+          "common_log_id",
+          "common_policy_id",
+          "ad_target_ip",
+          "ad_target_port",
+          "ad_reflector_profile_id",
+          "ad_sent_pkt_num",
+          "ad_sent_byte_num"
+        ]
+      },
+      "FLOOD": {
+        "columns": [
+          "common_recv_time",
+          "common_log_id",
+          "common_policy_id",
+          "common_address_type",
+          "common_device_id",
+          "common_egress_link_id",
+          "common_ingress_link_id",
+          "common_entrance_id",
+          "common_user_region",
+          "ad_method",
+          "ad_protocol",
+          "ad_target_ip",
+          "ad_target_port",
+          "ad_target_ip_location",
+          "ad_target_ip_asn",
+          "ad_claimed_src_ip_profile_id",
+          "ad_sent_pkt_num",
+          "ad_sent_byte_num",
+          "ad_generate_time"
+        ],
+        "default_columns": [
+          "common_recv_time",
+          "common_log_id",
+          "common_policy_id",
+          "ad_target_ip",
+          "ad_target_port",
+          "ad_claimed_src_ip_profile_id",
+          "ad_protocol"
+        ]
+      },
+      "CC": {
+        "columns": [
+          "common_recv_time",
+          "common_log_id",
+          "common_policy_id",
+          "common_address_type",
+          "common_device_id",
+          "common_egress_link_id",
+          "common_ingress_link_id",
+          "common_entrance_id",
+          "common_user_region",
+          "ad_method",
+          "ad_protocol",
+          "ad_cc_target_url",
+          "ad_claimed_src_ip_profile_id",
+          "ad_cc_initiate_connection_num",
+          "ad_cc_established_connection_num",
+          "ad_cc_rejected_connection_num",
+          "ad_generate_time"
+        ],
+        "default_columns": [
+          "common_recv_time",
+          "common_log_id",
+          "common_policy_id",
+          "ad_cc_target_url",
+          "ad_claimed_src_ip_profile_id",
+          "ad_protocol"
+        ]
+      }
+    },
+    "default_columns": [
+      "common_recv_time",
+      "common_log_id",
+      "common_policy_id",
+      "ad_target_ip",
+      "ad_target_port",
+      "ad_cc_target_url"
+    ]
+  },
+  "fields": [
+    {
+      "name": "common_recv_time",
+      "label": "Receive Time",
+      "doc": {
+        "allow_query": "true",
+        "constraints": {
+          "type": "timestamp"
+        },
+        "format": {
+          "functions": "current_timestamp"
+        }
+      },
+      "type": "long"
+    },
+    {
+      "name": "common_log_id",
+      "label": "Log ID",
+      "doc": {
+        "allow_query": "true",
+        "format": {
+          "functions": "snowflake_id"
+        }
+      },
+      "type": "long"
+    },
+    {
+      "name": "common_policy_id",
+      "label": "Policy ID",
+      "doc": {
+        "allow_query": "true"
+      },
+      "type": "long"
+    },
+    {
+      "name": "common_address_type",
+      "label": "Address Type",
+      "doc": {
+        "data": [
+          {
+            "code": "4",
+            "value": "ipv4"
+          },
+          {
+            "code": "6",
+            "value": "ipv6"
+          }
+        ]
+      },
+      "type": "int"
+    },
+    {
+      "name": "common_entrance_id",
+      "label": "Entrance ID",
+      "doc": {
+        "visibility": "disabled"
+      },
+      "type": "int"
+    },
+    {
+      "name": "common_device_id",
+      "label": "Device ID",
+      "type": "string"
+    },
+    {
+      "name": "common_egress_link_id",
+      "label": "Egress Link ID",
+      "doc": {
+        "visibility": "hidden"
+      },
+      "type": "int"
+    },
+    {
+      "name": "common_ingress_link_id",
+      "label": "Ingress Link ID",
+      "doc": {
+        "visibility": "hidden"
+      },
+      "type": "int"
+    },
+    {
+      "name": "common_user_region",
+      "label": "User Region",
+      "doc": {
+        "visibility": "hidden"
+      },
+      "type": "string"
+    },
+    {
+      "name": "ad_target_ip",
+      "label": "Target IP",
+      "doc": {
+        "allow_query": "true",
+        "constraints": {
+          "type": "ip"
+        },
+        "format": {
+          "functions": "geo_ip_country,geo_asn",
+          "appendTo": "ad_target_ip_location,ad_target_ip_asn"
+        }
+      },
+      "type": "string"
+    },
+    {
+      "name": "ad_target_port",
+      "label": "Target Port",
+      "type": "int"
+    },
+    {
+      "name": "ad_cc_target_url",
+      "label": "Target URL",
+      "doc": {
+        "allow_query": "true"
+      },
+      "type": "string"
+    },
+    {
+      "name": "ad_target_ip_location",
+      "label": "Target Location",
+      "type": "string"
+    },
+    {
+      "name": "ad_target_ip_asn",
+      "label": "Target ASN",
+      "type": "string"
+    },
+    {
+      "name": "ad_protocol",
+      "label": "Protocol",
+      "type": "string"
+    },
+    {
+      "name": "ad_method",
+      "label": "Method",
+      "type": "string"
+    },
+    {
+      "name": "ad_claimed_src_ip_profile_id",
+      "label": "Claimed Profile ID",
+      "type": "int"
+    },
+    {
+      "name": "ad_reflector_profile_id",
+      "label": "Reflector Profile ID",
+      "type": "int"
+    },
+    {
+      "name": "ad_sent_pkt_num",
+      "label": "Packets Sent",
+      "type": "int"
+    },
+    {
+      "name": "ad_sent_byte_num",
+      "label": "Bytes Sent",
+      "type": "int"
+    },
+    {
+      "name": "ad_cc_initiate_connection_num",
+      "label": "Initiate Numbers",
+      "type": "int"
+    },
+    {
+      "name": "ad_cc_established_connection_num",
+      "label": "Established Numbers",
+      "type": "int"
+    },
+    {
+      "name": "ad_cc_rejected_connection_num",
+      "label": "Rejected Numbers",
+      "type": "int"
+    },
+    {
+      "name": "ad_generate_time",
+      "label": "Generate Time",
+      "doc": {
+        "constraints": {
+          "type": "timestamp"
+        }
+      },
+      "type": "int"
+    }
+  ]
+}

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/schema/ck-filter.json

@@ -0,0 +1,71 @@
+{
+  "version": "1.0",
+  "name": "ClickHouse-Raw",
+  "namespace": "ClickHouse",
+  "filters": [
+    {
+      "name":"@start",
+      "value": "'2021-06-06 11:00:00'"
+    },
+    {
+      "name":"@end",
+      "value": "'2021-06-06 12:00:00'"
+    },
+    {
+      "name":"@common_filter",
+      "value": [
+        "common_log_id=296041175962310656",
+        "common_client_ip='39.144.200.172'",
+        "common_internal_ip='39.144.200.172'",
+        "common_server_ip='119.29.29.29'",
+        "common_external_ip='119.29.29.29'",
+        "common_client_port=27579",
+        "common_server_port=80",
+        "common_c2s_pkt_num>5",
+        "common_s2c_pkt_num>5",
+        "common_c2s_byte_num>100",
+        "common_s2c_byte_num<200",
+        "common_schema_type='DNS'",
+        "common_establish_latency_ms>200",
+        "common_con_duration_ms>10000",
+        "common_stream_trace_id=29320301981854648",
+        "common_tcp_client_isn=0",
+        "common_tcp_server_isn=2558591239",
+        "http_domain='qq.com'",
+        "mail_account='beitun'",
+        "mail_subject='乌鲁木齐IC卡系统提醒:站点状态有变动测试  (自动邮件)'",
+        "dns_qname='sdfp.snssdk.com'",
+        "ssl_sni='nlp.map.qq.com'",
+        "ssl_con_latency_ms>100",
+        "ssl_ja3_hash='9b02ebd3a43b62d825e1ac605b621dc8'",
+        "common_client_ip='39.144.200.172' and common_server_ip='119.29.29.29'",
+        "common_server_ip='119.29.29.29' and common_server_port=80",
+        "mail_account like 'abc@%'",
+        "http_domain like '%baidu.com%'",
+        "ssl_sni like '%qq.com'",
+        "common_client_ip in ('39.144.200.172','117.146.25.170')",
+        "common_server_port not in (80,443)",
+        "notEmpty(http_domain)",
+        "http_domain not like '%qq.com'"
+      ]
+    },
+    {
+        "name":"@index_filter",
+        "value": [
+          "common_log_id=1153021139190754263",
+          "common_client_ip='223.116.144.70'",
+          "common_server_ip='8.8.8.8'",
+          "common_sled_ip='%192.168%'",
+          "common_stream_trace_id=274722500909265827",
+          "http_domain='qq.com'",
+          "ssl_sni='httpdns.push.heytapmobi.com'",
+          "common_subscriber_id='%test%'",
+          "http_domain like '%baidu.com%'",
+          "ssl_sni like '%qq.com'",
+          "common_client_ip in ('221.181.49.180','223.115.225.203')",
+          "notEmpty(http_domain)",
+          "http_domain not like '%apmobi.com'"
+        ]
+    }
+  ]
+}

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/schema/ck-queries-template.sql

@@ -0,0 +1,122 @@
+--Q01.Count(1)
+select count(1) from session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end)
+--Q02.All Fields Query (default)
+SELECT * FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) LIMIT 30
+--Q03.All Fields Query order by Time desc
+SELECT * FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY common_recv_time DESC LIMIT 30
+--Q04.All Fields Query order by Time asc
+SELECT * FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY common_recv_time asc LIMIT 30
+--Q05.All Fields Query by Filter
+SELECT * FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @common_filter ORDER BY common_recv_time DESC LIMIT 30
+--Q06.Default Fields Query by Filter
+SELECT toDateTime(common_recv_time) AS common_recv_time , common_log_id , common_client_ip , common_client_port , common_server_ip , common_server_port FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @common_filter ORDER BY common_recv_time DESC LIMIT 30
+--Q07.All Fields Query (sub query by time)
+SELECT * FROM session_record AS session_record WHERE toDateTime(common_recv_time) IN ( SELECT toDateTime(common_recv_time) FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY common_recv_time DESC LIMIT 30 ) AND common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY common_recv_time DESC LIMIT 30
+--Q08.All Fields Query (sub query by log id)
+SELECT  *  FROM session_record AS session_record WHERE common_log_id IN ( SELECT common_log_id FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY common_recv_time DESC LIMIT 30 ) AND common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY common_recv_time DESC LIMIT 30
+--Q09.Default Field Query (sub query by time)
+SELECT toDateTime(common_recv_time) AS common_recv_time_str , common_log_id , common_client_ip , common_client_port , common_server_ip , common_server_port FROM session_record AS session_record WHERE toDateTime(common_recv_time) IN ( SELECT toDateTime(common_recv_time) FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY toDateTime(common_recv_time) DESC LIMIT 30 ) AND common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY common_recv_time DESC LIMIT 30
+--Q10.Default Field Query (sub query by log id)
+SELECT toDateTime(common_recv_time) AS common_recv_time_str , common_log_id , common_client_ip , common_client_port , common_server_ip , common_server_port FROM session_record AS session_record WHERE common_log_id IN ( select common_log_id FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ORDER BY toDateTime(common_recv_time) DESC LIMIT 30 ) AND ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end)) ORDER BY common_recv_time DESC LIMIT 30
+--Q11.Default Field Query by Server IP (sub query by log id with Index Table)
+SELECT toDateTime(common_recv_time) AS common_recv_time_str , common_log_id , common_client_ip , common_client_port , common_server_ip , common_server_port FROM session_record AS session_record WHERE common_log_id IN ( Select common_log_id FROM session_record_common_server_ip AS session_record_common_server_ip WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ORDER BY toDateTime(common_recv_time) DESC LIMIT 30 ) AND ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ) ORDER BY common_recv_time DESC LIMIT 30
+--Q12.Default Field Query by Client IP (sub query by log id with Index Table)
+SELECT toDateTime(common_recv_time) AS common_recv_time_str , common_log_id , common_client_ip , common_client_port , common_server_ip , common_server_port FROM session_record AS session_record WHERE common_log_id IN ( Select common_log_id FROM session_record_common_client_ip AS session_record_common_client_ip WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ORDER BY toDateTime(common_recv_time) DESC LIMIT 30 ) AND ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ) ORDER BY common_recv_time DESC LIMIT 30
+--Q13.Default Field Query by Domain (sub query by log id with Index Table)
+SELECT toDateTime(common_recv_time) AS common_recv_time_str , common_log_id , common_client_ip , common_client_port , common_server_ip , common_server_port FROM session_record AS session_record WHERE common_log_id IN ( Select common_log_id FROM session_record_http_domain AS session_record_http_domain WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ORDER BY toDateTime(common_recv_time) DESC LIMIT 30 ) AND ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ) ORDER BY common_recv_time DESC LIMIT 30
+--Q14.All Fields Query by Client IP (sub query by log id with index Table)
+SELECT * FROM session_record AS session_record WHERE common_log_id IN ( SELECT common_log_id FROM session_record_common_client_ip AS session_record_common_client_ip WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ORDER BY toDateTime(common_recv_time) DESC LIMIT 30 ) AND ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ) ORDER BY common_recv_time desc LIMIT 30
+--Q15.All Fields Query by Server IP(sub query by log id with index Table)
+SELECT * FROM session_record AS session_record WHERE common_log_id IN ( SELECT common_log_id FROM session_record_common_server_ip AS session_record_common_server_ip WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ORDER BY common_recv_time LIMIT 30 ) AND ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ) ORDER BY common_recv_time desc LIMIT 30
+--Q16.All Fields Query by Domain(sub query by log id with index Table)
+SELECT * FROM session_record AS session_record WHERE common_log_id IN ( SELECT common_log_id FROM session_record_http_domain AS session_record_http_domain WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ORDER BY common_recv_time LIMIT 30 ) AND ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) AND @index_filter ) ORDER BY common_recv_time desc LIMIT 30
+--Q17.Session Logs Sent to Database Trend(Time Grain 5 minute)
+SELECT toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE))) AS "Receive Time", count(common_log_id) AS "logs" FROM session_record AS session_record WHERE ( ( common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) ) ) GROUP BY "Receive Time" LIMIT 10000
+--Q18.Traffic Bandwidth Trend(Time Grain 30 second)
+SELECT toDateTime(toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 30 SECOND)))) AS stat_time, sum(common_c2s_byte_num) AS bytes_sent, sum(common_s2c_byte_num) AS bytes_received, sum(common_c2s_byte_num + common_s2c_byte_num) AS bytes, sum(common_c2s_pkt_num + common_s2c_pkt_num) AS packets, sum(common_sessions) AS sessions FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) GROUP BY stat_time ORDER BY stat_time ASC LIMIT 10000
+--Q19.Log Tend by Type (Time Grain 5 minute)
+SELECT toDateTime(toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE)))) AS stat_time, common_schema_type AS type, sum(common_sessions) AS sessions, sum(common_c2s_byte_num + common_s2c_byte_num) AS bytes, sum(common_c2s_pkt_num + common_s2c_pkt_num) AS packets FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end) GROUP BY stat_time, common_schema_type ORDER BY stat_time ASC LIMIT 10000
+--Q20.Traffic Metrics Analytic
+SELECT round(sum(common_s2c_byte_num) * 8 / 300,2) AS trafficInBits, round(sum(common_c2s_byte_num) * 8 / 300,2) AS trafficOutBits, round(sum(common_s2c_byte_num + common_c2s_byte_num) * 8 / 300,2) AS trafficTotalBits, round(sum(common_s2c_pkt_num) / 300,2) AS trafficInPackets, round(sum(common_c2s_pkt_num) / 300,2) AS trafficOutPackets, round(sum(common_s2c_pkt_num + common_c2s_pkt_num) / 300,2) AS trafficTotalPackets, round(sum(common_sessions) / 300,2) AS sessions FROM session_record AS session_record WHERE common_recv_time >= toUnixTimestamp(@start) AND common_recv_time < toUnixTimestamp(@end)
+--Q21.Traffic Endpoints Metrics Trend(Time Grain 5 minute)
+SELECT toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE))) AS "Receive Time", uniq(common_internal_ip) AS "Unique Internal IP", uniq(common_external_ip) AS "Unique External IP", uniq(common_subscriber_id) AS "Unique Subscriber ID", sum(coalesce(common_c2s_byte_num + common_s2c_byte_num, 0)) AS "Bytes", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "Receive Time" LIMIT 10000
+--Q22.Endpoint Unique Num by L4 Protocol
+SELECT 'all' AS type, uniq(common_client_ip) AS client_ips, uniq(common_internal_ip) AS internal_ips, uniq(common_server_ip) AS server_ips, uniq(common_external_ip) AS external_ips, uniq(common_subscriber_id) as subscriber_ids FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) UNION ALL SELECT 'tcp' AS type, uniq(common_client_ip) AS client_ips, uniq(common_internal_ip) AS internal_ips, uniq(common_server_ip) AS server_ips, uniq(common_external_ip) AS external_ips, uniq(common_subscriber_id) as subscriber_ids FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) AND common_l4_protocol IN ( 'IPv4_TCP', 'IPv6_TCP' ) UNION ALL SELECT 'UDP' AS type, uniq(common_client_ip) AS client_ips, uniq(common_internal_ip) AS internal_ips, uniq(common_server_ip) AS server_ips, uniq(common_external_ip) AS external_ips, uniq(common_subscriber_id) as subscriber_ids FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) AND common_l4_protocol IN ( 'IPv4_UDP', 'IPv6_UDP' )
+--Q23.One-sided Connection Trend(Time Grain 5 minute)
+SELECT toDateTime(toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE)))) AS stat_time, (CASE WHEN common_stream_dir = 1 THEN 'c2s' WHEN common_stream_dir = 2 THEN 's2c' WHEN common_stream_dir = 3 THEN 'double' ELSE 'None' END) AS type, sum(common_sessions) AS sessions FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) GROUP BY stat_time, common_stream_dir ORDER BY stat_time ASC LIMIT 10000
+--Q24. Estimated One-sided Sessions with Bandwidth
+SELECT toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE))) AS "Receive Time", sum(common_sessions) AS "sessions", sum(if(common_stream_dir <> 3, common_sessions, 0)) AS "one_side_sessions", sum(coalesce(common_c2s_byte_num + common_s2c_byte_num, 0)) AS "Bytes", round(one_side_sessions / sessions, 2) AS one_side_percent FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "Receive Time" LIMIT 10000
+--Q25.Estimated TCP Sequence Gap Loss
+SELECT toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE))) AS "Receive Time", sum(common_c2s_byte_num + common_s2c_byte_num) AS "bytes", sum(common_c2s_tcp_lostlen + common_s2c_tcp_lostlen) AS "gap_loss_bytes", round(gap_loss_bytes / bytes, 2) AS gap_loss_percent FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( common_l4_protocol IN ( 'IPv4_TCP', 'IPv6_TCP' ) ) GROUP BY "Receive Time" LIMIT 10000
+--Q26.Top30 Server IP by Bytes
+SELECT "server_ip" AS "server_ip" , SUM(coalesce("bytes",0)) AS "bytes" , SUM(coalesce("bytes_sent",0)) AS "Sent" , SUM(coalesce("bytes_received",0)) AS "Received" , SUM(coalesce("sessions",0)) AS "sessions" FROM ( SELECT SUM(coalesce(common_c2s_byte_num,0)) AS "bytes_sent" , SUM(coalesce(common_s2c_byte_num,0)) AS "bytes_received" , SUM(common_c2s_byte_num+common_s2c_byte_num) AS "bytes" , SUM(coalesce(common_sessions,0)) AS "sessions" , common_server_ip AS "server_ip" FROM session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty( common_server_ip) ) GROUP BY "server_ip" ORDER BY "bytes" desc ) GROUP BY "server_ip" ORDER BY "bytes" desc LIMIT 30
+--Q27.Top30 Client IP by Sessions
+SELECT common_client_ip , COUNT(*) AS sessions FROM session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) GROUP BY common_client_ip ORDER BY sessions desc LIMIT 0,30
+--Q28.Top30 TCP Server Ports by Sessions
+SELECT "Server Port" AS "Server Port", sum(coalesce("Sessions", 0)) AS "Sessions" FROM (SELECT common_server_port AS "Server Port", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( common_l4_protocol IN ( 'IPv4_TCP', 'IPv6_TCP' ) ) GROUP BY "Server Port" LIMIT 1048576) GROUP BY "Server Port" ORDER BY "Sessions" DESC LIMIT 30
+--Q29.Top30 Domian by Bytes
+SELECT "domain" AS "Website Domain" , SUM(coalesce("bytes",0)) AS "Throughput" FROM ( SELECT SUM(coalesce(common_c2s_byte_num,0)) AS "bytes_sent" , SUM(coalesce(common_s2c_byte_num,0)) AS "bytes_received" , SUM(coalesce(common_c2s_byte_num+common_s2c_byte_num,0)) AS "bytes" , http_domain AS "domain" FROM session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty( http_domain) ) GROUP BY "domain" ORDER BY "bytes" desc ) GROUP BY "domain" ORDER BY "Throughput" desc LIMIT 30
+--Q30.Top30 Endpoint Devices by Bandwidth
+SELECT "device_id" AS "device_id", sum(coalesce("bytes", 0)) AS "bytes", sum(coalesce("bytes_sent", 0)) AS "Sent", sum(coalesce("bytes_received", 0)) AS "Received" FROM (SELECT sum(coalesce(common_c2s_byte_num, 0)) AS "bytes_sent", sum(coalesce(common_s2c_byte_num, 0)) AS "bytes_received", sum(common_c2s_byte_num + common_s2c_byte_num) AS bytes, common_device_id AS "device_id" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "device_id" ORDER BY "bytes" DESC LIMIT 1048576) GROUP BY "device_id" ORDER BY "bytes" DESC LIMIT 30
+--Q31.Top30 Domain by Unique Client IP
+SELECT "Http.Domain" AS "Http.Domain", sum(coalesce("Client IP", 0)) AS "Client IP" FROM (SELECT http_domain AS "Http.Domain", uniq(common_client_ip) AS "Client IP" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty(http_domain) ) GROUP BY "Http.Domain" ORDER BY "Client IP" DESC LIMIT 1048576) GROUP BY "Http.Domain" ORDER BY "Client IP" DESC LIMIT 30
+--Q32.Top100 Most Time Consuming Domains
+SELECT "Domain" AS "Domain", avg(coalesce("Avg Establish Latency(ms)", 0)) AS "Avg Establish Latency(ms)" FROM (SELECT http_domain AS "Domain", avg(coalesce(common_establish_latency_ms, 0)) AS "Avg Establish Latency(ms)" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty(http_domain) ) GROUP BY "Domain" LIMIT 1048576) GROUP BY "Domain" ORDER BY "Avg Establish Latency(ms)" DESC LIMIT 100
+--Q33.Top30 Sources by Sessions
+SELECT "source" AS "source", sum(coalesce("sessions", 0)) AS "sessions" FROM (SELECT coalesce(nullif(common_subscriber_id, ''), nullif(common_client_ip, '')) AS "source", sum(coalesce(common_sessions, 0)) AS "sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "source" ORDER BY "sessions" DESC LIMIT 1048576) GROUP BY "source" ORDER BY "sessions" DESC LIMIT 30
+--Q34.Top30 Destinations by Sessions
+SELECT "destination" AS "destination", sum(coalesce("sessions", 0)) AS "sessions" FROM (SELECT coalesce(nullif(http_domain, ''), nullif(common_server_ip, '')) AS "destination", sum(coalesce(common_sessions, 0)) AS "sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "destination" ORDER BY "sessions" DESC LIMIT 1048576) GROUP BY "destination" ORDER BY "sessions" DESC LIMIT 30
+--Q35.Top30 Destination Regions by Bandwidth
+SELECT "server_location" AS "server_location", sum(coalesce("bytes", 0)) AS "bytes", sum(coalesce("bytes_sent", 0)) AS "Sent", sum(coalesce("bytes_received", 0)) AS "Received" FROM (SELECT arrayElement(splitByString(',', common_server_location), length(splitByString(',', common_server_location))) AS "server_location", sum(coalesce(common_c2s_byte_num, 0)) AS "bytes_sent", sum(coalesce(common_s2c_byte_num, 0)) AS "bytes_received", sum(coalesce(common_c2s_byte_num + common_s2c_byte_num, 0)) AS "bytes", sum(coalesce(common_sessions, 0)) AS "sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "server_location" ORDER BY "bytes" DESC LIMIT 1048576) GROUP BY "server_location" ORDER BY "bytes" DESC LIMIT 30
+--Q36.Top30 URLS by Sessions
+SELECT "Http URL" AS "Http URL", sum(coalesce("Sessions", 0)) AS "Sessions" FROM (SELECT http_url AS "Http URL", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "Http URL" LIMIT 1048576) GROUP BY "Http URL" ORDER BY "Sessions" DESC LIMIT 30
+--Q37.Top30 Destination Transmission APP by Bandwidth
+SELECT "server_ip" AS "server_ip", groupUniqArray(coalesce("trans_app", 0)) AS "trans_app", sum(coalesce("bytes", 0)) AS "bytes", sum(coalesce("bytes_sent", 0)) AS "Sent", sum(coalesce("bytes_received", 0)) AS "Received" FROM (SELECT sum(coalesce(common_c2s_byte_num, 0)) AS "bytes_sent", sum(coalesce(common_s2c_byte_num, 0)) AS "bytes_received", sum(common_c2s_byte_num + common_s2c_byte_num) AS "bytes", groupUniqArray(concat(common_l4_protocol, '/', toString(common_server_port))) AS "trans_app", common_server_ip AS "server_ip" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty(common_server_ip) ) GROUP BY "server_ip" ORDER BY "bytes" DESC LIMIT 1048576) GROUP BY "server_ip" ORDER BY "bytes" DESC LIMIT 30
+--Q38.Browsing Users by Website domains and Sessions
+SELECT "Subscriber ID" AS "Subscriber ID", "Http.Domain" AS "Http.Domain", sum(coalesce("sessions", 0)) AS "sessions" FROM (SELECT http_domain AS "Http.Domain", common_subscriber_id AS "Subscriber ID", sum(coalesce(common_sessions, 0)) AS "sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty(http_domain) AND notEmpty(common_subscriber_id) ) GROUP BY "Http.Domain", "Subscriber ID" ORDER BY "sessions" DESC LIMIT 1048576) GROUP BY "Subscriber ID", "Http.Domain" ORDER BY "sessions" DESC LIMIT 10000
+--Q39.Top Domain and Server IP by Bytes Sent
+SELECT "Http.Domain" AS "Http.Domain" , "Server IP" AS "Server IP" , SUM(coalesce("Bytes Sent",0)) AS "Bytes Sent" FROM ( SELECT common_server_ip AS "Server IP" , http_domain AS "Http.Domain" , SUM(coalesce(common_c2s_byte_num+common_s2c_byte_num,0)) AS "Bytes" , SUM(coalesce(common_c2s_byte_num,0)) AS "Bytes Sent" , SUM(coalesce(common_s2c_byte_num,0)) AS "Bytes Received" FROM session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty( http_domain) ) GROUP BY "Server IP" , "Http.Domain" ORDER BY "Bytes" desc LIMIT 1048576 ) GROUP BY "Http.Domain" , "Server IP" ORDER BY "Bytes Sent" desc LIMIT 10000
+--Q40.Top30 Website Domains by Client IP and Sessions
+SELECT "Http.Domain" AS "Http.Domain", "Client IP" AS "Client IP", sum(coalesce("sessions", 0)) AS "sessions" FROM (SELECT common_client_ip AS "Client IP", http_domain AS "Http.Domain", sum(coalesce(common_sessions, 0)) AS "sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty(http_domain) ) GROUP BY "Client IP", "Http.Domain" ORDER BY "sessions" DESC LIMIT 1048576) GROUP BY "Http.Domain", "Client IP" ORDER BY "sessions" DESC LIMIT 10000
+--Q41.Domain is Accessed by Unique Client IP Trend(bytes Time Grain 5 minute)
+SELECT toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))),300)*300) AS _time , http_domain AS Domain, COUNT(DISTINCT(common_client_ip)) AS nums FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) AND notEmpty(http_domain) AND http_domain IN ( SELECT http_domain FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) AND notEmpty(http_domain) GROUP BY http_domain ORDER BY SUM(common_s2c_byte_num+common_c2s_byte_num) DESC LIMIT 5 ) GROUP BY toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))),300)*300) , http_domain ORDER BY toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))),300)*300) DESC LIMIT 10000
+--Q42. Domain is Accessed by Unique Client IP Trend(sessions,Time Grain 5 minute)
+SELECT toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))),3600)*3600) AS stat_time , http_domain , uniq (common_client_ip) AS nums FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start)-604800 AND common_recv_time < toDateTime(@end) AND http_domain IN ( SELECT http_domain FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) AND notEmpty(http_domain) GROUP BY http_domain ORDER BY COUNT(*) desc LIMIT 5 ) group by toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))), 3600)*3600), http_domain ORDER BY stat_time desc LIMIT 10000
+--Q43.Bandwidth Trend with Device ID(Time Grain 5 minute)
+SELECT toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE))) AS "Receive Time", common_device_id AS "Device ID", sum(coalesce(common_c2s_byte_num + common_s2c_byte_num, 0)) AS "Bytes" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "Receive Time", "Device ID" LIMIT 10000
+--Q44.Internal IP by Sled IP and Sessions
+SELECT "Internal IP" AS "Internal IP", "Sled IP" AS "Sled IP", sum(coalesce("Sessions", 0)) AS "Sessions" FROM (SELECT common_sled_ip AS "Sled IP", common_internal_ip AS "Internal IP", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "Sled IP", "Internal IP" LIMIT 1048576) GROUP BY "Internal IP", "Sled IP" ORDER BY "Sessions" DESC LIMIT 10000
+--Q45.Bandwidth Trend with Internal IP (Time Grain 5 minute)
+SELECT toUnixTimestamp(toDateTime(toStartOfInterval(toDateTime(common_recv_time),INTERVAL 5 MINUTE))) AS "Receive Time", sum(coalesce(common_c2s_byte_num + common_s2c_byte_num, 0)) AS "Bytes", sum(coalesce(common_c2s_pkt_num + common_s2c_pkt_num, 0)) AS "Packets", sum(coalesce(common_sessions, 0)) AS "New Sessions", sum(coalesce(common_c2s_byte_num, 0)) AS "Bytes Sent", sum(coalesce(common_s2c_byte_num, 0)) AS "Bytes Received", sum(coalesce(common_c2s_pkt_num, 0)) AS "Packets Sent", sum(coalesce(common_s2c_pkt_num, 0)) AS "Packets Received" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) AND @common_filter ) GROUP BY "Receive Time" LIMIT 10000
+--Q46.Top30 Domains Detail with Internal IP
+SELECT "Domain" AS "Domain", sum(coalesce("Sessions", 0)) AS "Sessions" FROM (SELECT http_domain AS "Domain", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) AND @common_filter ) AND ( notEmpty(http_domain) ) GROUP BY "Domain" LIMIT 1048576) GROUP BY "Domain" ORDER BY "Sessions" DESC LIMIT 30
+--Q47.Top30 URLS Detail with Internal IP
+SELECT "URL" AS "URL", sum(coalesce("Sessions", 0)) AS "Sessions" FROM (SELECT http_url AS "URL", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) AND @common_filter ) AND ( notEmpty(http_url) ) GROUP BY "URL" LIMIT 1048576) GROUP BY "URL" ORDER BY "Sessions" DESC LIMIT 30
+--Q48.Top Domains with Unique Client IP and Subscriber ID
+SELECT "Http.Domain" AS "Http.Domain", sum(coalesce("Unique Client IP", 0)) AS "Unique Client IP", sum(coalesce("Unique Subscriber ID", 0)) AS "Unique Subscriber ID" FROM (SELECT http_domain AS "Http.Domain", uniq(common_client_ip) AS "Unique Client IP", uniq(common_subscriber_id) AS "Unique Subscriber ID" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( notEmpty(http_domain) ) GROUP BY "Http.Domain" LIMIT 1048576) GROUP BY "Http.Domain" ORDER BY "Unique Client IP" DESC LIMIT 100
+--Q49.Top100 Domains by Packets sent
+SELECT "Http.Domain" AS "Http.Domain", sum(coalesce("Packets Sent", 0)) AS "Packets Sent" FROM (SELECT http_domain AS "Http.Domain", sum(coalesce(common_c2s_pkt_num, 0)) AS "Packets Sent" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "Http.Domain" LIMIT 1048576) GROUP BY "Http.Domain" ORDER BY "Packets Sent" DESC LIMIT 100
+--Q50.Internal and External asymmetric traffic
+SELECT "Internal IP" AS "Internal IP", "External IP" AS "External IP", "Sled IP" AS "Sled IP", sum(coalesce("Sessions", 0)) AS "Sessions" FROM (SELECT common_sled_ip AS "Sled IP", common_external_ip AS "External IP", common_internal_ip AS "Internal IP", sum(coalesce(common_c2s_byte_num + common_s2c_byte_num, 0)) AS "Bytes Sent+Bytes Received", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( common_stream_dir != 3 ) GROUP BY "Sled IP", "External IP", "Internal IP" LIMIT 1048576) GROUP BY "Internal IP", "External IP", "Sled IP" ORDER BY "Sessions" DESC LIMIT 500
+--Q51.Client and Server ASN asymmetric traffic
+SELECT "Client ASN" AS "Client ASN", "Server ASN" AS "Server ASN", sum(coalesce("Sessions", 0)) AS "Sessions" FROM (SELECT common_server_asn AS "Server ASN", common_client_asn AS "Client ASN", sum(coalesce(common_sessions, 0)) AS "Sessions" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) AND ( common_stream_dir != 3 ) GROUP BY "Server ASN", "Client ASN" LIMIT 1048576) GROUP BY "Client ASN", "Server ASN" ORDER BY "Sessions" DESC LIMIT 500
+--Q52.Top handshake latency by Website and Client IPs
+SELECT "SSL.SNI" AS "SSL.SNI", "Client IP" AS "Client IP", avg(coalesce("Establish Latency(ms)", 0)) AS "Establish Latency(ms)" FROM (SELECT common_client_ip AS "Client IP", ssl_sni AS "SSL.SNI", avg(coalesce(common_establish_latency_ms, 0)) AS "Establish Latency(ms)" FROM session_record AS session_record WHERE ( ( common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) ) ) GROUP BY "Client IP", "SSL.SNI" LIMIT 1048576) GROUP BY "SSL.SNI", "Client IP" ORDER BY "Establish Latency(ms)" DESC LIMIT 500
+--Q53.Domain Baidu.com Metrics
+select  FROM_UNIXTIME(min(common_recv_time)) as "First Seen" , FROM_UNIXTIME(max(common_recv_time)) as "Last Seen" ,  median(http_response_latency_ms) as "Server Processing Time Median(ms)", count(1) as Responses,any(common_server_location)  as Location from session_record WHERE  common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end)  AND  http_domain='baidu.com'
+--Q54.Domain baidu.com Drill down Client IP
+select common_client_ip as "Client IP" , avg(common_establish_latency_ms) as "Establishing Time Mean(ms)", count(1) as Responses,any(common_client_location) as Location from session_record where  common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end)  and http_domain='baidu.com' group by "Client IP" order by Responses desc limit 100
+--Q55.Domain baidu.com Drill down Server IP
+select common_server_ip as "Server IP" , avg(http_response_latency_ms) as "Server Processing Time Mean(ms)", count(1) as Responses,any(common_server_location) as Location from session_record where common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) and http_domain='baidu.com' group by "Server IP" order by Responses desc limit 100
+--Q56.Domain baidu.com Drill down URI
+select http_url as "URI" , avg(http_response_latency_ms) as "Server Processing Time Mean(ms)", count(1) as Responses from session_record where  common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) and http_domain='baidu.com' group by "URI" order by Responses desc limit 100
+--Q57.L7 Protocol Metrics
+select  common_l7_protocol as "Protocol" , uniq(common_client_ip) as "Clients" , uniq(common_server_ip) as "Servers", count(1) as Sessions,sum(common_c2s_byte_num+common_s2c_byte_num)  as bytes from session_record where common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) and notEmpty(common_l7_protocol)  group by common_l7_protocol  order by bytes desc
+--Q58.L7 Protocol SIP Drill down Client IP
+select common_client_ip as "Client IP" , count(1) as Sessions,sum(common_c2s_byte_num) as "Bytes Out", sum(common_s2c_byte_num) as "Bytes In",any(common_client_location) as Location from session_record where common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) and common_l7_protocol='SIP' group by "Client IP" order by Sessions desc limit 100
+--Q59.L7 Protocol SIP Drill down Server IP
+select common_server_ip as "Server IP" , count(1) as Sessions,sum(common_c2s_byte_num) as "Bytes Out", sum(common_s2c_byte_num) as "Bytes In",any(common_server_location) as Location from session_record where common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) and common_l7_protocol='SIP' group by "Server IP" order by Sessions desc limit 100
+--Q60.Top5 Server IP keys with Unique Client IPs Trend (Grain 5 minute)
+SELECT toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))),300)*300) AS _time , common_server_ip AS server_ip, COUNT(DISTINCT(common_client_ip)) AS nums FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) AND common_server_ip IN ( SELECT common_server_ip FROM session_record AS session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end)  GROUP BY common_server_ip ORDER BY count(*) DESC LIMIT 5 ) GROUP BY toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))),300)*300) , server_ip ORDER BY toDateTime(intDiv(toUInt32(toDateTime(toDateTime(common_recv_time))),300)*300) DESC LIMIT 10000
+--Q61.TopN Optimizer
+SELECT http_url AS url, SUM(common_sessions) AS sessions FROM session_record WHERE common_recv_time >= toDateTime(@start) AND common_recv_time < toDateTime(@end) AND notEmpty(http_url) GROUP BY http_url ORDER BY sessions DESC limit 10

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/schema/columns_cluster.json

@@ -0,0 +1,11 @@
+{
+  "namespace": "system",
+  "type": "record",
+  "name": "columns_cluster",
+  "fields": [
+    {
+      "name": "database",
+      "type": "string"
+    }
+  ]
+}

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/schema/disks_cluster.json

@@ -0,0 +1,11 @@
+{
+  "namespace": "system",
+  "type": "record",
+  "name": "disks_cluster",
+  "fields": [
+    {
+      "name": "name",
+      "type": "string"
+    }
+  ]
+}

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/schema/dos_event.json

@@ -0,0 +1,344 @@
+{
+  "type": "record",
+  "name": "dos_event",
+  "namespace": "tsg_galaxy_v3",
+  "doc": {
+    "primary_key": "log_id",
+    "partition_key": "start_time",
+    "functions": {
+      "aggregation": [
+        {
+          "name": "COUNT",
+          "label": "COUNT",
+          "function": "count(expr)"
+        },
+        {
+          "name": "COUNT_DISTINCT",
+          "label": "COUNT_DISTINCT",
+          "function": "count(distinct expr)"
+        },
+        {
+          "name": "AVG",
+          "label": "AVG",
+          "function": "avg(expr)"
+        },
+        {
+          "name": "SUM",
+          "label": "SUM",
+          "function": "sum(expr)"
+        },
+        {
+          "name": "MAX",
+          "label": "MAX",
+          "function": "max(expr)"
+        },
+        {
+          "name": "MIN",
+          "label": "MIN",
+          "function": "min(expr)"
+        }
+      ],
+      "operator": [
+        {
+          "name": "=",
+          "label": "=",
+          "function": "expr = value"
+        },
+        {
+          "name": "!=",
+          "label": "!=",
+          "function": "expr != value"
+        },
+        {
+          "name": ">",
+          "label": ">",
+          "function": "expr > value"
+        },
+        {
+          "name": "<",
+          "label": "<",
+          "function": "expr < value"
+        },
+        {
+          "name": ">=",
+          "label": ">=",
+          "function": "expr >= value"
+        },
+        {
+          "name": "<=",
+          "label": "<=",
+          "function": "expr <= value"
+        },
+        {
+          "name": "has",
+          "label": "HAS",
+          "function": "has(expr, value)"
+        },
+        {
+          "name": "in",
+          "label": "IN",
+          "function": "expr in (values)"
+        },
+        {
+          "name": "not in",
+          "label": "NOT IN",
+          "function": "expr not in (values)"
+        },
+        {
+          "name": "like",
+          "label": "LIKE",
+          "function": "expr like value"
+        },
+        {
+          "name": "not like",
+          "label": "NOT LIKE",
+          "function": "expr not like value"
+        },
+        {
+          "name": "notEmpty",
+          "label": "NOT EMPTY",
+          "function": "notEmpty(expr)"
+        },
+        {
+          "name": "empty",
+          "label": "EMPTY",
+          "function": "empty(expr)"
+        }
+      ]
+    },
+    "schema_query": {
+      "references": {
+        "aggregation": [
+          {
+            "type": "int",
+            "functions": "COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
+          },
+          {
+            "type": "long",
+            "functions": "COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
+          },
+          {
+            "type": "float",
+            "functions": "COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
+          },
+          {
+            "type": "double",
+            "functions": "COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
+          },
+          {
+            "type": "string",
+            "functions": "COUNT,COUNT_DISTINCT"
+          },
+          {
+            "type": "date",
+            "functions": "COUNT,COUNT_DISTINCT,MAX,MIN"
+          },
+          {
+            "type": "timestamp",
+            "functions": "COUNT,COUNT_DISTINCT,MAX,MIN"
+          }
+        ],
+        "operator": [
+          {
+            "type": "int",
+            "functions": "=,!=,>,<,>=,<=,in,not in"
+          },
+          {
+            "type": "long",
+            "functions": "=,!=,>,<,>=,<=,in,not in"
+          },
+          {
+            "type": "float",
+            "functions": "=,!=,>,<,>=,<="
+          },
+          {
+            "type": "double",
+            "functions": "=,!=,>,<,>=,<="
+          },
+          {
+            "type": "string",
+            "functions": "=,!=,in,not in,like,not like,notEmpty,empty"
+          },
+          {
+            "type": "date",
+            "functions": "=,!=,>,<,>=,<="
+          },
+          {
+            "type": "timestamp",
+            "functions": "=,!=,>,<,>=,<="
+          },
+          {
+            "type": "array",
+            "functions": "has"
+          }
+        ]
+      }
+    },
+    "default_columns": [
+      "log_id",
+      "attack_type",
+      "source_ip_list",
+      "destination_ip",
+      "severity",
+      "start_time",
+      "end_time",
+      "packet_rate",
+      "bit_rate",
+      "session_rate"
+    ]
+  },
+  "fields": [
+    {
+      "name": "start_time",
+      "label": "Start Time",
+      "doc": {
+        "allow_query": "true",
+        "constraints": {
+          "type": "timestamp"
+        }
+      },
+      "type": "long"
+    },
+    {
+      "name": "end_time",
+      "label": "End Time",
+      "doc": {
+        "constraints": {
+          "type": "timestamp"
+        }
+      },
+      "type": "long"
+    },
+    {
+      "name": "log_id",
+      "label": "Log ID",
+      "doc": {
+        "allow_query": "true",
+        "format": {
+          "functions": "snowflake_id"
+        }
+      },
+      "type": "long"
+    },
+    {
+      "name": "attack_type",
+      "label": "Attack Type",
+      "doc": {
+        "allow_query": "true",
+        "constraints": {
+          "operator_functions": "=,!="
+        },
+        "data": [
+          {
+            "code": "TCP SYN Flood",
+            "value": "TCP SYN Flood"
+          },
+          {
+            "code": "UDP Flood",
+            "value": "UDP Flood"
+          },
+          {
+            "code": "ICMP Flood",
+            "value": "ICMP Flood"
+          },
+          {
+            "code": "DNS Amplification",
+            "value": "DNS Amplification"
+          }
+        ]
+      },
+      "type": "string"
+    },
+    {
+      "name": "severity",
+      "label": "Severity",
+      "doc": {
+        "allow_query": "true",
+        "constraints": {
+          "operator_functions": "=,!="
+        },
+        "data": [
+          {
+            "code": "Critical",
+            "value": "Critical"
+          },
+          {
+            "code": "Severe",
+            "value": "Severe"
+          },
+          {
+            "code": "Major",
+            "value": "Major"
+          },
+          {
+            "code": "Warning",
+            "value": "Warning"
+          },
+          {
+            "code": "Minor",
+            "value": "Minor"
+          }
+        ]
+      },
+      "type": "string"
+    },
+    {
+      "name": "conditions",
+      "label": "Conditions",
+      "type": "string"
+    },
+    {
+      "name": "destination_ip",
+      "label": "Destination IP",
+      "doc": {
+        "allow_query": "true"
+      },
+      "type": "string"
+    },
+    {
+      "name": "destination_country",
+      "label": "Destination Country",
+      "type": "string"
+    },
+    {
+      "name": "source_ip_list",
+      "label": "Source IPs",
+      "type": "string"
+    },
+    {
+      "name": "source_country_list",
+      "label": "Source Countries",
+      "type": "string"
+    },
+    {
+      "name": "session_rate",
+      "label": "Sessions/s",
+      "doc": {
+        "constraints": {
+          "type": "sessions/sec"
+        }
+      },
+      "type": "long"
+    },
+    {
+      "name": "packet_rate",
+      "label": "Packets/s",
+      "doc": {
+        "constraints": {
+          "type": "packets/sec"
+        }
+      },
+      "type": "long"
+    },
+    {
+      "name": "bit_rate",
+      "label": "Bits/s",
+      "doc": {
+        "constraints": {
+          "type": "bits/sec"
+        }
+      },
+      "type": "long"
+    }
+  ]
+}

tsg_olap/upgrade/2021/TSG-21.09/Galaxy-qgw-service/schema/druid-filter.json

@@ -0,0 +1,21 @@
+{
+  "version": "1.0",
+  "name": "druid-Raw",
+  "namespace": "druid",
+  "filters": [
+    {
+      "name":"@start",
+      "value": "'2021-01-11 10:00:00'"
+    },
+    {
+      "name":"@end",
+      "value": "'2021-01-13 11:00:00'"
+    },
+    {
+      "name":"@common_filter",
+      "value": [
+          "common_client_ip='192.168.44.21'and common_server_port=443"
+      ]
+    }
+  ]
+}