gfwleak/galaxy-deployment-updata-record
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://git.mesalab.cn/galaxy/deployment/updata-record

Browse Source
This commit is contained in:
lifengchao
2023-09-25 11:54:14 +08:00
parent 1cd77d48a5 d28ed9d661
commit c56b4e9680
3 changed files with 238 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
CN发布版本更新记录/CN-23.09/clickhouse/update-23.09-ck.sql
View File

@@ -1,5 +1,36 @@
set distributed_ddl_task_timeout = 180; set distributed_ddl_task_timeout = 180;
drop table IF EXISTS cyber_narrator_galaxy.metric_idc_renter_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_idc_renter on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_idc_renter on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.metric_ssl_sni_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_ssl_sni on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_ssl_sni on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.metric_http_host_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_http_host on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_http_host on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.metric_region_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_region on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_region on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.cn_entity_relation_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_entity_relation on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_entity_relation on cluster ck_query;
drop view IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation_view on cluster ck_cluster;
drop view IF EXISTS cyber_narrator_galaxy.cn_entity_relation_view on cluster ck_cluster;
ALTER table cyber_narrator_galaxy.session_record_cn_local on cluster ck_cluster add column IF NOT EXISTS common_flags UInt64 after common_recv_time , add column IF NOT EXISTS common_log_id UInt64 after common_recv_time , add column IF NOT EXISTS common_app_full_path String after common_app_label , add column IF NOT EXISTS domain_sld String after domain; ALTER table cyber_narrator_galaxy.session_record_cn_local on cluster ck_cluster add column IF NOT EXISTS common_flags UInt64 after common_recv_time , add column IF NOT EXISTS common_log_id UInt64 after common_recv_time , add column IF NOT EXISTS common_app_full_path String after common_app_label , add column IF NOT EXISTS domain_sld String after domain;
ALTER table cyber_narrator_galaxy.session_record_cn on cluster ck_cluster add column IF NOT EXISTS common_flags UInt64 after common_recv_time ,add column IF NOT EXISTS common_log_id UInt64 after common_recv_time , add column IF NOT EXISTS common_app_full_path String after common_app_label , add column IF NOT EXISTS domain_sld String after domain; ALTER table cyber_narrator_galaxy.session_record_cn on cluster ck_cluster add column IF NOT EXISTS common_flags UInt64 after common_recv_time ,add column IF NOT EXISTS common_log_id UInt64 after common_recv_time , add column IF NOT EXISTS common_app_full_path String after common_app_label , add column IF NOT EXISTS domain_sld String after domain;
ALTER table cyber_narrator_galaxy.session_record_cn on cluster ck_query add column IF NOT EXISTS common_flags UInt64 after common_recv_time ,add column IF NOT EXISTS common_log_id UInt64 after common_recv_time , add column IF NOT EXISTS common_app_full_path String after common_app_label , add column IF NOT EXISTS domain_sld String after domain; ALTER table cyber_narrator_galaxy.session_record_cn on cluster ck_query add column IF NOT EXISTS common_flags UInt64 after common_recv_time ,add column IF NOT EXISTS common_log_id UInt64 after common_recv_time , add column IF NOT EXISTS common_app_full_path String after common_app_label , add column IF NOT EXISTS domain_sld String after domain;
@@ -38,23 +69,6 @@ ALTER table cyber_narrator_galaxy.metric_domain on cluster ck_cluster add colum
ALTER table cyber_narrator_galaxy.metric_domain on cluster ck_query add column IF NOT EXISTS domain_sld String after domain; ALTER table cyber_narrator_galaxy.metric_domain on cluster ck_query add column IF NOT EXISTS domain_sld String after domain;
drop table IF EXISTS cyber_narrator_galaxy.metric_idc_renter_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_idc_renter on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_idc_renter on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.metric_ssl_sni_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_ssl_sni on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_ssl_sni on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.metric_http_host_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_http_host on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_http_host on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.metric_region_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_region on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.metric_region on cluster ck_query;
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.metric_region_local ON CLUSTER ck_cluster ( CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.metric_region_local ON CLUSTER ck_cluster (
country_region String, country_region String,
@@ -240,19 +254,6 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.metric_ip_dynamic_attribute ON
drop table IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation on cluster ck_query;
drop table IF EXISTS cyber_narrator_galaxy.cn_entity_relation_local on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_entity_relation on cluster ck_cluster;
drop table IF EXISTS cyber_narrator_galaxy.cn_entity_relation on cluster ck_query;
drop view IF EXISTS cyber_narrator_galaxy.cn_dynamic_info_relation_view on cluster ck_cluster;
drop view IF EXISTS cyber_narrator_galaxy.cn_entity_relation_view on cluster ck_cluster;
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_entity_relation_local on cluster ck_cluster CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_entity_relation_local on cluster ck_cluster
( (

102
CN发布版本更新记录/CN-23.10/clickhouse/update-23.10-ck.sql
View File

@@ -39,3 +39,105 @@ ALTER table cyber_narrator_galaxy.metric_ip on cluster ck_query add column IF NO
ALTER table cyber_narrator_galaxy.metric_ip_local on cluster ck_cluster add column IF NOT EXISTS bidirectional_sessions Int64 after random_looking_sessions; ALTER table cyber_narrator_galaxy.metric_ip_local on cluster ck_cluster add column IF NOT EXISTS bidirectional_sessions Int64 after random_looking_sessions;
ALTER table cyber_narrator_galaxy.metric_ip on cluster ck_cluster add column IF NOT EXISTS bidirectional_sessions Int64 after random_looking_sessions; ALTER table cyber_narrator_galaxy.metric_ip on cluster ck_cluster add column IF NOT EXISTS bidirectional_sessions Int64 after random_looking_sessions;
ALTER table cyber_narrator_galaxy.metric_ip on cluster ck_query add column IF NOT EXISTS bidirectional_sessions Int64 after random_looking_sessions; ALTER table cyber_narrator_galaxy.metric_ip on cluster ck_query add column IF NOT EXISTS bidirectional_sessions Int64 after random_looking_sessions;
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event_local ON CLUSTER ck_cluster
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
offender_ip String,
event_info String,
event_key String,
severity String,
event_type String,
duration_s Int64,
event_name String,
app String,
domain String,
event_id Int64,
rule_id Int64,
start_time Int64,
end_time Int64,
match_times Int64
)
ENGINE = MergeTree
ORDER BY event_id
TTL toDateTime(end_time) + toIntervalSecond(2592000),
toDateTime(end_time) + toIntervalSecond(1) GROUP BY event_id
SET
status = anyLast(status),
is_builtin = anyLast(is_builtin),
rule_type = anyLast(rule_type),
victim_ip = anyLast(victim_ip),
offender_ip = anyLast(offender_ip),
event_info = anyLast(event_info),
event_key = anyLast(event_key),
severity = anyLast(severity),
event_type = anyLast(event_type),
duration_s = anyLast(duration_s),
event_name = anyLast(event_name),
app = anyLast(app),
domain = anyLast(domain),
rule_id = anyLast(rule_id),
start_time = anyLast(start_time),
end_time = max(end_time),
match_times = anyLast(match_times);
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event ON CLUSTER ck_cluster
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
offender_ip String,
event_info String,
event_key String,
severity String,
event_type String,
duration_s Int64,
event_name String,
app String,
domain String,
event_id Int64,
rule_id Int64,
start_time Int64,
end_time Int64,
match_times Int64
)
ENGINE = Distributed('ck_cluster',
'cyber_narrator_galaxy',
'cn_security_event_local',
rand());
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event ON CLUSTER ck_query
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
offender_ip String,
event_info String,
event_key String,
severity String,
event_type String,
duration_s Int64,
event_name String,
app String,
domain String,
event_id Int64,
rule_id Int64,
start_time Int64,
end_time Int64,
match_times Int64
)
ENGINE = Distributed('ck_cluster',
'cyber_narrator_galaxy',
'cn_security_event_local',
rand());

106
Clickhouse最新全量建表语句/Clickhouse_CN_建表语句.sql
View File

@@ -1694,4 +1694,108 @@ FROM cyber_narrator_galaxy.metric_ip_dynamic_attribute_local AS c1
GROUP BY GROUP BY
ip, ip,
l7_protocol, l7_protocol,
port; port;
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event_local ON CLUSTER ck_cluster
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
offender_ip String,
event_info String,
event_key String,
severity String,
event_type String,
duration_s Int64,
event_name String,
app String,
domain String,
event_id Int64,
rule_id Int64,
start_time Int64,
end_time Int64,
match_times Int64
)
ENGINE = MergeTree
ORDER BY event_id
TTL toDateTime(end_time) + toIntervalSecond(2592000),
toDateTime(end_time) + toIntervalSecond(1) GROUP BY event_id
SET
status = anyLast(status),
is_builtin = anyLast(is_builtin),
rule_type = anyLast(rule_type),
victim_ip = anyLast(victim_ip),
offender_ip = anyLast(offender_ip),
event_info = anyLast(event_info),
event_key = anyLast(event_key),
severity = anyLast(severity),
event_type = anyLast(event_type),
duration_s = anyLast(duration_s),
event_name = anyLast(event_name),
app = anyLast(app),
domain = anyLast(domain),
rule_id = anyLast(rule_id),
start_time = anyLast(start_time),
end_time = max(end_time),
match_times = anyLast(match_times);
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event ON CLUSTER ck_cluster
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
offender_ip String,
event_info String,
event_key String,
severity String,
event_type String,
duration_s Int64,
event_name String,
app String,
domain String,
event_id Int64,
rule_id Int64,
start_time Int64,
end_time Int64,
match_times Int64
)
ENGINE = Distributed('ck_cluster',
'cyber_narrator_galaxy',
'cn_security_event_local',
rand());
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event ON CLUSTER ck_query
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
offender_ip String,
event_info String,
event_key String,
severity String,
event_type String,
duration_s Int64,
event_name String,
app String,
domain String,
event_id Int64,
rule_id Int64,
start_time Int64,
end_time Int64,
match_times Int64
)
ENGINE = Distributed('ck_cluster',
'cyber_narrator_galaxy',
'cn_security_event_local',
rand());