gfwleak/galaxy-deployment-updata-record
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[CN-1568] 数字地平线相关ck库表调整

Browse Source
This commit is contained in:
houjinchuan
2024-03-29 17:14:43 +08:00
parent 93debf817a
commit f39322ec5a
3 changed files with 81 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CN发布版本更新记录/2024/CN-24.01.rc1/clickhouse/check-24.01.rc1-ck.sql Normal file
View File

@@ -0,0 +1,4 @@
set distributed_ddl_task_timeout = 180;
SELECT status, is_builtin, rule_type, victim_ip,victim_country_region, victim_super_admin_area, victim_admin_area, victim_longitude, victim_latitude, offender_ip, offender_country_region, offender_super_admin_area, offender_admin_area, offender_longitude, offender_latitude, offender_ip, event_info, event_key, severity, event_type, duration_s, event_name, app, `domain`, event_id, rule_id, start_time, end_time, match_times
FROM cyber_narrator_galaxy.cn_security_event where start_time >= toUnixTimestamp('2030-01-01 00:00:00') AND start_time <toUnixTimestamp('2030-01-01 00:00:01');

37
CN发布版本更新记录/2024/CN-24.01.rc1/clickhouse/update-24.01.rc1-ck.sql Normal file
View File

@@ -0,0 +1,37 @@
set distributed_ddl_task_timeout = 180;
ALTER table cyber_narrator_galaxy.cn_security_event_local on cluster ck_cluster
add column IF NOT EXISTS offender_latitude Nullable(Float64) after offender_ip,
add column IF NOT EXISTS offender_longitude Nullable(Float64) after offender_ip,
add column IF NOT EXISTS offender_admin_area String after offender_ip,
add column IF NOT EXISTS offender_super_admin_area String after offender_ip,
add column IF NOT EXISTS offender_country_region String after offender_ip,
add column IF NOT EXISTS victim_latitude Nullable(Float64) after victim_ip,
add column IF NOT EXISTS victim_longitude Nullable(Float64) after victim_ip,
add column IF NOT EXISTS victim_admin_area String after victim_ip,
add column IF NOT EXISTS victim_super_admin_area String after victim_ip,
add column IF NOT EXISTS victim_country_region String after victim_ip;
ALTER table cyber_narrator_galaxy.cn_security_event on cluster ck_cluster
add column IF NOT EXISTS offender_latitude Nullable(Float64) after offender_ip,
add column IF NOT EXISTS offender_longitude Nullable(Float64) after offender_ip,
add column IF NOT EXISTS offender_admin_area String after offender_ip,
add column IF NOT EXISTS offender_super_admin_area String after offender_ip,
add column IF NOT EXISTS offender_country_region String after offender_ip,
add column IF NOT EXISTS victim_latitude Nullable(Float64) after victim_ip,
add column IF NOT EXISTS victim_longitude Nullable(Float64) after victim_ip,
add column IF NOT EXISTS victim_admin_area String after victim_ip,
add column IF NOT EXISTS victim_super_admin_area String after victim_ip,
add column IF NOT EXISTS victim_country_region String after victim_ip;
ALTER table cyber_narrator_galaxy.cn_security_event on cluster ck_query
add column IF NOT EXISTS offender_latitude Nullable(Float64) after offender_ip,
add column IF NOT EXISTS offender_longitude Nullable(Float64) after offender_ip,
add column IF NOT EXISTS offender_admin_area String after offender_ip,
add column IF NOT EXISTS offender_super_admin_area String after offender_ip,
add column IF NOT EXISTS offender_country_region String after offender_ip,
add column IF NOT EXISTS victim_latitude Nullable(Float64) after victim_ip,
add column IF NOT EXISTS victim_longitude Nullable(Float64) after victim_ip,
add column IF NOT EXISTS victim_admin_area String after victim_ip,
add column IF NOT EXISTS victim_super_admin_area String after victim_ip,
add column IF NOT EXISTS victim_country_region String after victim_ip;

47
Clickhouse最新全量建表语句/Clickhouse_CN_建表语句.sql
View File

@@ -1906,12 +1906,21 @@ GROUP BY
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event_local ON CLUSTER ck_cluster
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
victim_country_region String,
victim_super_admin_area String,
victim_admin_area String,
victim_longitude Nullable(Float64),
victim_latitude Nullable(Float64),
offender_ip String,
offender_country_region String,
offender_super_admin_area String,
offender_admin_area String,
offender_longitude Nullable(Float64),
offender_latitude Nullable(Float64),
event_info String,
event_key String,
severity String,
@@ -1935,7 +1944,17 @@ TTL toDateTime(end_time) + toIntervalSecond(2592000),
is_builtin = anyLast(is_builtin),
rule_type = anyLast(rule_type),
victim_ip = anyLast(victim_ip),
victim_country_region = anyLast(victim_country_region),
victim_super_admin_area = anyLast(victim_super_admin_area),
victim_admin_area = anyLast(victim_admin_area),
victim_longitude = anyLast(victim_longitude),
victim_latitude = anyLast(victim_latitude),
offender_ip = anyLast(offender_ip),
offender_country_region = anyLast(offender_country_region),
offender_super_admin_area = anyLast(offender_super_admin_area),
offender_admin_area = anyLast(offender_admin_area),
offender_longitude = anyLast(offender_longitude),
offender_latitude = anyLast(offender_latitude),
event_info = anyLast(event_info),
event_key = anyLast(event_key),
severity = anyLast(severity),
@@ -1952,12 +1971,21 @@ TTL toDateTime(end_time) + toIntervalSecond(2592000),
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event ON CLUSTER ck_cluster
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
victim_country_region String,
victim_super_admin_area String,
victim_admin_area String,
victim_longitude Nullable(Float64),
victim_latitude Nullable(Float64),
offender_ip String,
offender_country_region String,
offender_super_admin_area String,
offender_admin_area String,
offender_longitude Nullable(Float64),
offender_latitude Nullable(Float64),
event_info String,
event_key String,
severity String,
@@ -1979,12 +2007,21 @@ ENGINE = Distributed('ck_cluster',
CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_security_event ON CLUSTER ck_query
(
status Int64,
is_builtin Int64,
rule_type String,
victim_ip String,
victim_country_region String,
victim_super_admin_area String,
victim_admin_area String,
victim_longitude Nullable(Float64),
victim_latitude Nullable(Float64),
offender_ip String,
offender_country_region String,
offender_super_admin_area String,
offender_admin_area String,
offender_longitude Nullable(Float64),
offender_latitude Nullable(Float64),
event_info String,
event_key String,
severity String,
@@ -2003,7 +2040,3 @@ ENGINE = Distributed('ck_cluster',
'cyber_narrator_galaxy',
'cn_security_event_local',
rand());