diff --git a/pom.xml b/pom.xml
index 221db19..aa4dbae 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.zdjizhi
knowledge-log
- 20220722
+ 20220819
log-completion-schema
http://www.example.com
@@ -218,7 +218,7 @@
ru.yandex.clickhouse
clickhouse-jdbc
- 0.2.6
+ 0.2.4
diff --git a/properties/default_config.properties b/properties/default_config.properties
index 25a975d..0adb876 100644
--- a/properties/default_config.properties
+++ b/properties/default_config.properties
@@ -44,4 +44,4 @@ mail.default.charset=UTF-8
log.transform.type=1
#\u4E24\u4E2A\u8F93\u51FA\u4E4B\u95F4\u7684\u6700\u5927\u65F6\u95F4(\u5355\u4F4Dmilliseconds)
-buffer.timeout=5000
+buffer.timeout=15000
diff --git a/properties/service_flow_config.properties b/properties/service_flow_config.properties
index 874188e..3f47eda 100644
--- a/properties/service_flow_config.properties
+++ b/properties/service_flow_config.properties
@@ -8,23 +8,23 @@ sink.kafka.servers=
tools.library=
#--------------------------------Kafka\u6D88\u8D39/\u751F\u4EA7\u914D\u7F6E------------------------------#
#\u8BFB\u53D6topic,\u5B58\u50A8\u8BE5spout id\u7684\u6D88\u8D39offset\u4FE1\u606F\uFF0C\u53EF\u901A\u8FC7\u8BE5\u62D3\u6251\u547D\u540D;\u5177\u4F53\u5B58\u50A8offset\u7684\u4F4D\u7F6E\uFF0C\u786E\u5B9A\u4E0B\u6B21\u8BFB\u53D6\u4E0D\u91CD\u590D\u7684\u6570\u636E\uFF1B
-group.id=KNOWLEDGE-GROUP3
+group.id=KNOWLEDGE-GROUP5
#--------------------------------topology\u914D\u7F6E------------------------------#
#consumer \u5E76\u884C\u5EA6
source.parallelism=1
#\u8F6C\u6362\u51FD\u6570\u5E76\u884C\u5EA6
transform.parallelism=1
#kafka producer \u5E76\u884C\u5EA6
-sink.parallelism=1
+sink.parallelism=3
#--------------------------------\u4E1A\u52A1\u914D\u7F6E------------------------------#
#1 connection\u65E5\u5FD7 \uFF0C2 dns\u65E5\u5FD7
-log.type=1
+log.type=2
#\u751F\u4EA7\u8005\u538B\u7F29\u6A21\u5F0F none or snappy
producer.kafka.compression.type=none
#kafka\u6570\u636E\u6E90topic
-source.kafka.topic.connection=test12
+source.kafka.topic.connection=CONNECTION-RECORD-LOG
source.kafka.topic.sketch=CONNECTION-SKETCH-RECORD-LOG
source.kafka.topic.dns=DNS-RECORD-LOG
#\u5199\u5165clickhouse\u672C\u5730\u8868
@@ -43,27 +43,27 @@ sink.arangodb.table.r.nx.domain2domain=R_NX_DOMAIN2DOMAIN
#\u4F7F\u7528flink\u5165\u5E93\u539F\u59CB\u65E5\u5FD70\uFF1A\u5426\uFF0C1\uFF1A\u662F
sink.ck.raw.log.insert.open=1
#clickhouse\u914D\u7F6E\uFF0C\u591A\u4E2A\u9017\u53F7\u8FDE\u63A5 ip1:8123,ip2:8123
-ck.hosts=192.168.44.12:8123
+ck.hosts=192.168.44.85:8123,192.168.44.86:8123,192.168.44.87:8123
ck.database=tsg_galaxy_v3
-ck.username=default
+ck.username=tsg_insert
ck.pin=galaxy2019
#\u8D85\u65F6\u65F6\u95F4\u5355\u4F4D\u6BEB\u79D2
ck.connection.timeout=10000
-ck.socket.timeout=300000
+ck.socket.timeout=600000
#clickhouse\u5165\u5E93\u6279\u91CF\u5355\u4F4D\u6761
-ck.batch=10
+ck.batch=100000
#clickhouse\u5165\u5E93\u524D\u79EF\u7D2F\u6279\u91CF\u65F6\u95F4\u5355\u4F4D\u6BEB\u79D2
-sink.ck.batch.delay.time=2000
+sink.ck.batch.delay.time=30000
#flink \u65E5\u5FD7\u5EF6\u8FDF\u8D85\u65F6\u65F6\u95F4
-flink.watermark.max.delay.time=50
+flink.watermark.max.delay.time=60
#ck relation\u7EDF\u8BA1\u65F6\u95F4\u95F4\u9694 \u5355\u4F4Ds
-log.aggregate.duration=5
+log.aggregate.duration=30
#arangodb \u7EDF\u8BA1\u65F6\u95F4\u95F4\u9694 \u5355\u4F4Ds
-log.aggregate.duration.graph=5
+log.aggregate.duration.graph=600
#arangoDB\u53C2\u6570\u914D\u7F6E
-arangodb.host=192.168.44.12
+arangodb.host=192.168.44.83
arangodb.port=8529
arangodb.user=root
arangodb.password=galaxy_2019
diff --git a/src/main/java/com/zdjizhi/enums/LogMetadata.java b/src/main/java/com/zdjizhi/enums/LogMetadata.java
index d3a7f49..2949085 100644
--- a/src/main/java/com/zdjizhi/enums/LogMetadata.java
+++ b/src/main/java/com/zdjizhi/enums/LogMetadata.java
@@ -1,6 +1,11 @@
package com.zdjizhi.enums;
import cn.hutool.core.util.EnumUtil;
+import cn.hutool.core.util.StrUtil;
+
+import java.util.Arrays;
+
+import static com.zdjizhi.common.FlowWriteConfig.CK_DATABASE;
/**
* @description: \
@@ -10,23 +15,27 @@ import cn.hutool.core.util.EnumUtil;
public enum LogMetadata {
/*
- * 日志名称topic,表名
+ * 日志名称,表名,字段
* */
- CONNECTION_RECORD_LOG("connection_record_log", "connection_record_log"),
- CONNECTION_SKETCH_RECORD_LOG("connection_sketch_record_log", "connection_sketch_record_log"),
- DNS_RECORD_LOG("dns_record_log", "dns_record_log"),
+ CONNECTION_RECORD_LOG("connection_record_log", "connection_record_log_local", new String[]{"cap_ip", "recv_ip", "src_ip", "dst_ip", "src_port", "dst_port", "addr_type", "protocol", "fxo_id", "link_status", "dir_status", "total_cs_pkts", "total_sc_pkts", "total_cs_bytes", "total_sc_bytes", "log_gen_time", "aa", "wv", "yy", "user_mask", "conn_start_time", "app_class", "app_id", "http_host", "http_url", "http_cookie", "http_user_agent", "http_method", "http_accept", "http_accept_encoding", "http_referer", "http_rescode", "tls_sni", "tls_cert", "phone_num", "imei", "imsi"}),
+ CONNECTION_RELATION_LOG("connection_relation_log", "connection_relation_log_local", new String[]{"start_time", "end_time", "src_ip", "dst_ip", "sessions", "packets", "bytes"}),
+ CONNECTION_SKETCH_RECORD_LOG("connection_sketch_record_log", "connection_sketch_record_log_local", new String[]{"sled_ip", "sketch_start_time", "sketch_duration", "src_ip", "dst_ip", "sketch_sessions", "sketch_packets", "sketch_bytes"}),
+ DNS_RECORD_LOG("dns_record_log", "dns_record_log_local", new String[]{"capture_time", "recv_ip", "src_ip", "dst_ip", "src_port", "dst_port", "addr_type", "dns_flag", "ttl", "protocol", "fxo_id", "req_type", "qname", "response", "dns_a", "dns_a_num", "dns_cname", "dns_cname_num", "dns_aaaa", "dns_aaaa_num", "dns_mx", "dns_mx_num", "dns_ns", "dns_ns_num"}),
+ DNS_RELATION_LOG("dns_relation_log", "dns_relation_log_local", new String[]{"start_time", "end_time", "record_type", "qname", "record", "sessions"}),
;
private String source;
private String sink;
+ private String[] fields;
LogMetadata() {
}
- LogMetadata(String source, String sink) {
+ LogMetadata(String source, String sink, String[] fields) {
this.source = source;
this.sink = sink;
+ this.fields = fields;
}
public String getSource() {
@@ -37,10 +46,31 @@ public enum LogMetadata {
return sink;
}
+ public String[] getFields() {
+ return fields;
+ }
+
public static String getLogSink(String source) {
LogMetadata logMetadata = EnumUtil.fromString(LogMetadata.class, source);
return logMetadata.getSink();
-
}
+ public static String[] getLogFields(String tableName) {
+ LogMetadata[] values = LogMetadata.values();
+ for (LogMetadata value : values) {
+ if (value.sink.equals(tableName)) {
+ return value.fields;
+ }
+ }
+ return null;
+ }
+
+ public static String preparedSql(String tableName) {
+ String[] fields = LogMetadata.getLogFields(tableName);
+ String[] placeholders = new String[fields.length];
+ Arrays.fill(placeholders, "?");
+
+ return StrUtil.concat(true, "INSERT INTO ", CK_DATABASE, ".", tableName,
+ "(", StrUtil.join(",", fields), ") VALUES (", StrUtil.join(",", placeholders), ")");
+ }
}
diff --git a/src/main/java/com/zdjizhi/etl/LogFormat.java b/src/main/java/com/zdjizhi/etl/LogFormat.java
deleted file mode 100644
index c0edaa8..0000000
--- a/src/main/java/com/zdjizhi/etl/LogFormat.java
+++ /dev/null
@@ -1,19 +0,0 @@
-package com.zdjizhi.etl;
-
-import com.zdjizhi.utils.json.TypeUtils;
-
-import java.util.Map;
-
-public class LogFormat {
-
- public static Map connTime(Map value) {
- value.put("conn_start_time", TypeUtils.coverMSToS(value.get("conn_start_time")));
- return value;
- }
-
-
- public static Map sketchTime(Map value) {
- value.put("sketch_start_time", TypeUtils.coverMSToS(value.get("sketch_start_time")));
- return value;
- }
-}
diff --git a/src/main/java/com/zdjizhi/etl/LogService.java b/src/main/java/com/zdjizhi/etl/LogService.java
new file mode 100644
index 0000000..56989b1
--- /dev/null
+++ b/src/main/java/com/zdjizhi/etl/LogService.java
@@ -0,0 +1,38 @@
+package com.zdjizhi.etl;
+
+import com.zdjizhi.etl.connection.ArangodbBatchIPWindow;
+import com.zdjizhi.utils.arangodb.ArangoDBSink;
+import com.zdjizhi.utils.ck.ClickhouseSink;
+import org.apache.flink.streaming.api.TimeCharacteristic;
+import org.apache.flink.streaming.api.datastream.DataStream;
+import org.apache.flink.streaming.api.windowing.assigners.TumblingProcessingTimeWindows;
+import org.apache.flink.streaming.api.windowing.time.Time;
+
+import java.util.Map;
+
+import static com.zdjizhi.common.FlowWriteConfig.*;
+
+public interface LogService {
+
+ public static void getLogCKSink(DataStream> sourceStream, String sink) throws Exception{
+
+ sourceStream.windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_CK_BATCH_DELAY_TIME)))
+ .trigger(new CountTriggerWithTimeout<>(sink, CK_BATCH, TimeCharacteristic.ProcessingTime))
+ .apply(new CKBatchWindow())
+ .addSink(new ClickhouseSink(sink))
+ .setParallelism(SINK_PARALLELISM)
+ .name(sink)
+ .setParallelism(SINK_PARALLELISM);
+
+ }
+
+ public static void getLogArangoSink(DataStream> sourceStream, String sink) throws Exception{
+ sourceStream.windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_ARANGODB_BATCH_DELAY_TIME)))
+ .trigger(new CountTriggerWithTimeout<>(sink, ARANGODB_BATCH, TimeCharacteristic.ProcessingTime))
+ .apply(new ArangodbBatchIPWindow())
+ .addSink(new ArangoDBSink(sink))
+ .setParallelism(SINK_PARALLELISM)
+ .name(sink)
+ .setParallelism(SINK_PARALLELISM);
+ }
+}
diff --git a/src/main/java/com/zdjizhi/etl/connection/ConnLogService.java b/src/main/java/com/zdjizhi/etl/connection/ConnLogService.java
new file mode 100644
index 0000000..f413cc3
--- /dev/null
+++ b/src/main/java/com/zdjizhi/etl/connection/ConnLogService.java
@@ -0,0 +1,104 @@
+package com.zdjizhi.etl.connection;
+
+import cn.hutool.core.convert.Convert;
+import com.zdjizhi.etl.LogService;
+import com.zdjizhi.etl.dns.SketchTimeMapFunction;
+import com.zdjizhi.utils.kafka.KafkaConsumer;
+import org.apache.flink.api.common.eventtime.WatermarkStrategy;
+import org.apache.flink.streaming.api.datastream.DataStream;
+import org.apache.flink.streaming.api.environment.StreamExecutionEnvironment;
+import org.apache.flink.streaming.api.windowing.assigners.TumblingProcessingTimeWindows;
+import org.apache.flink.streaming.api.windowing.time.Time;
+
+import java.time.Duration;
+import java.util.Map;
+import java.util.Objects;
+
+import static com.zdjizhi.common.FlowWriteConfig.*;
+
+
+public class ConnLogService {
+
+ public static void connLogStream(StreamExecutionEnvironment env) throws Exception{
+ //connection
+ DataStream> connSource = ConnLogService.getLogSource(env, SOURCE_KAFKA_TOPIC_CONNECTION);
+ //sketch
+ DataStream> sketchSource = ConnLogService.getLogSource(env, SOURCE_KAFKA_TOPIC_SKETCH);
+
+ //写入CKsink,批量处理
+ LogService.getLogCKSink(connSource, SINK_CK_TABLE_CONNECTION);
+
+ LogService.getLogCKSink(sketchSource, SINK_CK_TABLE_SKETCH);
+
+ //transform
+ DataStream> connTransformStream = ConnLogService.getConnTransformStream(connSource);
+
+ //写入ck通联relation表
+ LogService.getLogCKSink(connTransformStream, SINK_CK_TABLE_RELATION_CONNECTION);
+
+ DataStream> sketchTransformStream = ConnLogService.getSketchTransformStream(sketchSource);
+
+ //合并通联和通联sketch
+ DataStream> ip2ipGraph = ConnLogService.getConnUnion(connTransformStream, sketchTransformStream);
+
+ //写入arangodb
+ LogService.getLogArangoSink(ip2ipGraph, R_VISIT_IP2IP);
+
+ }
+
+ /**
+ * 通联原始日志数据源消费kafka
+ *
+ * @param source
+ * @return
+ */
+ private static DataStream> getLogSource(StreamExecutionEnvironment env, String source) throws Exception {
+
+ String timeFilter = SOURCE_KAFKA_TOPIC_CONNECTION.equals(source) ? "conn_start_time" : "sketch_start_time";
+
+ DataStream> sourceStream = env.addSource(KafkaConsumer.myDeserializationConsumer(source))
+ .setParallelism(SOURCE_PARALLELISM)
+ .filter(x -> Objects.nonNull(x) && Convert.toLong(x.get(timeFilter)) > 0)
+ .setParallelism(SOURCE_PARALLELISM)
+ .map(SOURCE_KAFKA_TOPIC_CONNECTION.equals(source) ? new ConnTimeMapFunction() : new SketchTimeMapFunction())
+ .setParallelism(SOURCE_PARALLELISM)
+ .name(source)
+ .setParallelism(SOURCE_PARALLELISM);
+ return sourceStream;
+ }
+
+ private static DataStream> getConnTransformStream(DataStream> connSource) throws Exception {
+ DataStream> connTransformStream = connSource
+ .assignTimestampsAndWatermarks(WatermarkStrategy
+ .>forBoundedOutOfOrderness(Duration.ofSeconds(FLINK_WATERMARK_MAX_DELAY_TIME))
+ .withTimestampAssigner((event, timestamp) -> {
+ return Convert.toLong(event.get("conn_start_time")) * 1000;
+ }))
+ .setParallelism(TRANSFORM_PARALLELISM)
+ .keyBy(new IpKeysSelector())
+ .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION)))
+ .process(new ConnProcessFunction())
+ .setParallelism(TRANSFORM_PARALLELISM);
+ return connTransformStream;
+ }
+
+ private static DataStream> getSketchTransformStream(DataStream> sketchSource) throws Exception {
+ DataStream> sketchTransformStream = sketchSource.assignTimestampsAndWatermarks(WatermarkStrategy
+ .>forBoundedOutOfOrderness(Duration.ofSeconds(FLINK_WATERMARK_MAX_DELAY_TIME))
+ .withTimestampAssigner((event, timestamp) -> Convert.toLong(event.get("sketch_start_time")) * 1000))
+ .keyBy(new IpKeysSelector())
+ .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION)))
+ .process(new SketchProcessFunction());
+ return sketchTransformStream;
+ }
+
+ private static DataStream> getConnUnion(DataStream> connTransformStream, DataStream> sketchTransformStream) throws Exception {
+ DataStream> ip2ipGraph = connTransformStream.union(sketchTransformStream)
+ .keyBy(new IpKeysSelector())
+ .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION_GRAPH)))
+ .process(new Ip2IpGraphProcessFunction())
+ .setParallelism(TRANSFORM_PARALLELISM);
+ return ip2ipGraph;
+ }
+
+}
diff --git a/src/main/java/com/zdjizhi/etl/dns/DnsLogService.java b/src/main/java/com/zdjizhi/etl/dns/DnsLogService.java
new file mode 100644
index 0000000..5e39df4
--- /dev/null
+++ b/src/main/java/com/zdjizhi/etl/dns/DnsLogService.java
@@ -0,0 +1,76 @@
+package com.zdjizhi.etl.dns;
+
+import cn.hutool.core.convert.Convert;
+import cn.hutool.core.util.ObjectUtil;
+import com.zdjizhi.enums.DnsType;
+import com.zdjizhi.etl.LogService;
+import com.zdjizhi.utils.kafka.KafkaConsumer;
+import org.apache.flink.api.common.eventtime.WatermarkStrategy;
+import org.apache.flink.streaming.api.datastream.DataStream;
+import org.apache.flink.streaming.api.environment.StreamExecutionEnvironment;
+import org.apache.flink.streaming.api.windowing.assigners.TumblingProcessingTimeWindows;
+import org.apache.flink.streaming.api.windowing.time.Time;
+
+import java.time.Duration;
+import java.util.Map;
+import java.util.Objects;
+
+import static com.zdjizhi.common.FlowWriteConfig.*;
+
+public class DnsLogService {
+
+ public static void dnsLogStream(StreamExecutionEnvironment env) throws Exception{
+
+ DataStream> dnsSource = DnsLogService.getLogSource(env, SOURCE_KAFKA_TOPIC_DNS);
+
+ //dns 原始日志 ck入库
+ LogService.getLogCKSink(dnsSource, SINK_CK_TABLE_DNS);
+
+ DataStream> dnsTransform = DnsLogService.getDnsTransformStream(dnsSource);
+
+ //dns 拆分后relation日志 ck入库
+ LogService.getLogCKSink(dnsTransform, SINK_CK_TABLE_RELATION_DNS);
+
+ //arango 入库,按record_type分组入不同的表
+ DataStream> dnsGraph = dnsTransform.filter(Objects::nonNull)
+ .keyBy(new DnsGraphKeysSelector())
+ .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION_GRAPH)))
+ .process(new DnsGraphProcessFunction())
+ .setParallelism(SINK_PARALLELISM);
+
+ for (DnsType dnsEnum : DnsType.values()) {
+ DataStream> dnsRecordData = dnsGraph.filter(x -> Objects.nonNull(x) && ObjectUtil.equal(dnsEnum.getType(), x.get("record_type")))
+ .setParallelism(SINK_PARALLELISM);
+ LogService.getLogArangoSink(dnsRecordData, dnsEnum.getSink());
+ }
+
+ }
+
+ private static DataStream> getLogSource(StreamExecutionEnvironment env, String source) throws Exception{
+
+ DataStream> dnsSource = env.addSource(KafkaConsumer.myDeserializationConsumer(source))
+ .setParallelism(SOURCE_PARALLELISM)
+ .filter(x -> Objects.nonNull(x) && Convert.toLong(x.get("capture_time")) > 0)
+ .setParallelism(SOURCE_PARALLELISM)
+ .map(new DnsMapFunction())
+ .setParallelism(SOURCE_PARALLELISM)
+ .name(source);
+ return dnsSource;
+ }
+
+ private static DataStream> getDnsTransformStream(DataStream> dnsSource) throws Exception{
+ DataStream> dnsTransform = dnsSource.filter(x -> Objects.nonNull(x.get("response")))
+ .assignTimestampsAndWatermarks(WatermarkStrategy
+ .>forBoundedOutOfOrderness(Duration.ofSeconds(FLINK_WATERMARK_MAX_DELAY_TIME))
+ .withTimestampAssigner((event, timestamp) -> Convert.toLong(event.get("capture_time")) * 1000))
+ .setParallelism(TRANSFORM_PARALLELISM)
+ .flatMap(new DnsSplitFlatMapFunction())
+ .setParallelism(TRANSFORM_PARALLELISM)
+ .keyBy(new DnsGraphKeysSelector())
+ .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION)))
+ .process(new DnsRelationProcessFunction())
+ .setParallelism(TRANSFORM_PARALLELISM);
+ return dnsTransform;
+ }
+
+}
diff --git a/src/main/java/com/zdjizhi/topology/LogFlowWriteTopology.java b/src/main/java/com/zdjizhi/topology/LogFlowWriteTopology.java
index ab577ce..f7b6b70 100644
--- a/src/main/java/com/zdjizhi/topology/LogFlowWriteTopology.java
+++ b/src/main/java/com/zdjizhi/topology/LogFlowWriteTopology.java
@@ -1,30 +1,13 @@
package com.zdjizhi.topology;
-import cn.hutool.core.convert.Convert;
-import cn.hutool.core.util.ObjectUtil;
import cn.hutool.log.Log;
import cn.hutool.log.LogFactory;
-import com.zdjizhi.common.FlowWriteConfig;
-import com.zdjizhi.enums.DnsType;
-import com.zdjizhi.etl.CKBatchWindow;
-import com.zdjizhi.etl.CountTriggerWithTimeout;
-import com.zdjizhi.etl.connection.*;
-import com.zdjizhi.etl.dns.*;
-import com.zdjizhi.utils.arangodb.ArangoDBSink;
-import com.zdjizhi.utils.ck.ClickhouseSink;
-import com.zdjizhi.utils.kafka.KafkaConsumer;
-import org.apache.flink.api.common.eventtime.WatermarkStrategy;
-import org.apache.flink.streaming.api.TimeCharacteristic;
-import org.apache.flink.streaming.api.datastream.DataStream;
+import com.zdjizhi.etl.connection.ConnLogService;
+import com.zdjizhi.etl.dns.DnsLogService;
import org.apache.flink.streaming.api.environment.StreamExecutionEnvironment;
-import org.apache.flink.streaming.api.windowing.assigners.TumblingProcessingTimeWindows;
-import org.apache.flink.streaming.api.windowing.time.Time;
-import java.time.Duration;
-import java.util.Map;
-import java.util.Objects;
-
-import static com.zdjizhi.common.FlowWriteConfig.*;
+import static com.zdjizhi.common.FlowWriteConfig.BUFFER_TIMEOUT;
+import static com.zdjizhi.common.FlowWriteConfig.LOG_TYPE;
public class LogFlowWriteTopology {
private static final Log logger = LogFactory.get();
@@ -32,154 +15,18 @@ public class LogFlowWriteTopology {
public static void main(String[] args) {
try {
final StreamExecutionEnvironment env = StreamExecutionEnvironment.getExecutionEnvironment();
-
//两个输出之间的最大时间 (单位milliseconds)
- env.setBufferTimeout(FlowWriteConfig.BUFFER_TIMEOUT);
-
+ env.setBufferTimeout(BUFFER_TIMEOUT);
//1 connection,2 dns
- if (FlowWriteConfig.LOG_TYPE == 1) {
- //connection
- DataStream> connSource = env.addSource(KafkaConsumer.myDeserializationConsumer(SOURCE_KAFKA_TOPIC_CONNECTION))
- .setParallelism(SOURCE_PARALLELISM)
- .filter(x->Objects.nonNull(x) && Convert.toLong(x.get("conn_start_time"))>0)
- .map(new ConnTimeMapFunction())
- .setParallelism(SOURCE_PARALLELISM)
- .name(SOURCE_KAFKA_TOPIC_CONNECTION);
-
- //sketch
- DataStream> sketchSource = env.addSource(KafkaConsumer.myDeserializationConsumer(SOURCE_KAFKA_TOPIC_SKETCH))
- .filter(x->Objects.nonNull(x) && Convert.toLong(x.get("sketch_start_time"))>0)
- .map(new SketchTimeMapFunction())
- .setParallelism(FlowWriteConfig.SOURCE_PARALLELISM)
- .name(SOURCE_KAFKA_TOPIC_SKETCH);
-
- //写入CKsink,批量处理
- if (SINK_CK_RAW_LOG_INSERT_OPEN == 1) {
- connSource.windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_CK_BATCH_DELAY_TIME)))
- .trigger(new CountTriggerWithTimeout<>(SINK_CK_TABLE_CONNECTION, CK_BATCH, TimeCharacteristic.ProcessingTime))
- .apply(new CKBatchWindow())
- .addSink(new ClickhouseSink(SINK_CK_TABLE_CONNECTION))
- .setParallelism(FlowWriteConfig.SINK_PARALLELISM)
- .name("CKSink");
-
- sketchSource.windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_CK_BATCH_DELAY_TIME)))
- .trigger(new CountTriggerWithTimeout<>(SINK_CK_TABLE_SKETCH, CK_BATCH, TimeCharacteristic.ProcessingTime))
- .apply(new CKBatchWindow())
- .addSink(new ClickhouseSink(SINK_CK_TABLE_SKETCH))
- .setParallelism(FlowWriteConfig.SINK_PARALLELISM)
- .name("CKSink");
-
- }
-
- //transform
- DataStream> connTransformStream = connSource
- .assignTimestampsAndWatermarks(WatermarkStrategy
- .>forBoundedOutOfOrderness(Duration.ofSeconds(FlowWriteConfig.FLINK_WATERMARK_MAX_DELAY_TIME))
- .withTimestampAssigner((event, timestamp) -> {return Convert.toLong(event.get("conn_start_time")) * 1000;}))
- .setParallelism(FlowWriteConfig.TRANSFORM_PARALLELISM)
- .keyBy(new IpKeysSelector())
- .window(TumblingProcessingTimeWindows.of(Time.seconds(FlowWriteConfig.LOG_AGGREGATE_DURATION)))
- .process(new ConnProcessFunction())
- .setParallelism(FlowWriteConfig.TRANSFORM_PARALLELISM)
- .filter(x -> Objects.nonNull(x))
- .setParallelism(FlowWriteConfig.TRANSFORM_PARALLELISM);
-
- connTransformStream.windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_CK_BATCH_DELAY_TIME)))
- .trigger(new CountTriggerWithTimeout<>(SINK_CK_TABLE_RELATION_CONNECTION, CK_BATCH, TimeCharacteristic.ProcessingTime))
- .apply(new CKBatchWindow())
- .addSink(new ClickhouseSink(SINK_CK_TABLE_RELATION_CONNECTION))
- .setParallelism(FlowWriteConfig.SINK_PARALLELISM)
- .name("CKSink");
-
- DataStream> sketchTransformStream = sketchSource.assignTimestampsAndWatermarks(WatermarkStrategy
- .>forBoundedOutOfOrderness(Duration.ofSeconds(FlowWriteConfig.FLINK_WATERMARK_MAX_DELAY_TIME))
- .withTimestampAssigner((event, timestamp) -> Convert.toLong(event.get("sketch_start_time")) * 1000))
- .keyBy(new IpKeysSelector())
- .window(TumblingProcessingTimeWindows.of(Time.seconds(FlowWriteConfig.LOG_AGGREGATE_DURATION)))
- .process(new SketchProcessFunction())
- .filter(Objects::nonNull)
- .setParallelism(FlowWriteConfig.TRANSFORM_PARALLELISM);
-
- //入Arangodb
- DataStream> ip2ipGraph = connTransformStream.union(sketchTransformStream)
- .keyBy(new IpKeysSelector())
- .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION_GRAPH)))
- .process(new Ip2IpGraphProcessFunction())
- .setParallelism(TRANSFORM_PARALLELISM)
- .filter(Objects::nonNull)
- .setParallelism(TRANSFORM_PARALLELISM);
-
- //写入arangodb
- ip2ipGraph.windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_ARANGODB_BATCH_DELAY_TIME)))
- .trigger(new CountTriggerWithTimeout<>(R_VISIT_IP2IP, ARANGODB_BATCH, TimeCharacteristic.ProcessingTime))
- .apply(new ArangodbBatchIPWindow())
- .addSink(new ArangoDBSink(R_VISIT_IP2IP))
- .setParallelism(FlowWriteConfig.SINK_PARALLELISM).name(R_VISIT_IP2IP);
-
- } else if (FlowWriteConfig.LOG_TYPE == 2) {
- DataStream> dnsSource = env.addSource(KafkaConsumer.myDeserializationConsumer(SOURCE_KAFKA_TOPIC_DNS))
- .setParallelism(FlowWriteConfig.SOURCE_PARALLELISM)
- .filter(x->Objects.nonNull(x) && Convert.toLong(x.get("capture_time"))>0)
- .map(new DnsMapFunction())
- .setParallelism(FlowWriteConfig.SOURCE_PARALLELISM)
- .name(FlowWriteConfig.SOURCE_KAFKA_TOPIC_DNS);
-
- //dns 原始日志 ck入库
- if (SINK_CK_RAW_LOG_INSERT_OPEN == 1) {
- dnsSource.windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_CK_BATCH_DELAY_TIME)))
- .trigger(new CountTriggerWithTimeout<>(SINK_CK_TABLE_DNS, CK_BATCH, TimeCharacteristic.ProcessingTime))
- .apply(new CKBatchWindow())
- .addSink(new ClickhouseSink(SINK_CK_TABLE_DNS))
- .setParallelism(FlowWriteConfig.SINK_PARALLELISM)
- .name("CKSink");
- }
-
- DataStream> dnsTransform = dnsSource.filter(x -> Objects.nonNull(x.get("response")))
- .assignTimestampsAndWatermarks(WatermarkStrategy
- .>forBoundedOutOfOrderness(Duration.ofSeconds(FLINK_WATERMARK_MAX_DELAY_TIME))
- .withTimestampAssigner((event, timestamp) -> Convert.toLong(event.get("capture_time")) * 1000))
- .setParallelism(TRANSFORM_PARALLELISM)
- .flatMap(new DnsSplitFlatMapFunction())
- .setParallelism(TRANSFORM_PARALLELISM)
- .keyBy(new DnsGraphKeysSelector())
- .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION)))
- .process(new DnsRelationProcessFunction())
- .setParallelism(TRANSFORM_PARALLELISM)
- .filter(Objects::nonNull)
- .setParallelism(TRANSFORM_PARALLELISM);
-
- //dns 拆分后relation日志 ck入库
- dnsTransform.filter(Objects::nonNull).windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_CK_BATCH_DELAY_TIME)))
- .trigger(new CountTriggerWithTimeout<>(SINK_CK_TABLE_RELATION_DNS, CK_BATCH, TimeCharacteristic.ProcessingTime))
- .apply(new CKBatchWindow())
- .addSink(new ClickhouseSink(SINK_CK_TABLE_RELATION_DNS))
- .setParallelism(SINK_PARALLELISM)
- .name("CKSink");
-
- //arango 入库,按record_type分组入不同的表
- DataStream> dnsGraph = dnsTransform.filter(Objects::nonNull).keyBy(new DnsGraphKeysSelector())
- .window(TumblingProcessingTimeWindows.of(Time.seconds(LOG_AGGREGATE_DURATION_GRAPH)))
- .process(new DnsGraphProcessFunction())
- .setParallelism(SINK_PARALLELISM);
-
- for (DnsType dnsEnum : DnsType.values()) {
- dnsGraph.filter(x -> Objects.nonNull(x) && ObjectUtil.equal(dnsEnum.getType(), x.get("record_type")))
- .setParallelism(SINK_PARALLELISM)
- .windowAll(TumblingProcessingTimeWindows.of(Time.milliseconds(SINK_ARANGODB_BATCH_DELAY_TIME)))
- .trigger(new CountTriggerWithTimeout<>(dnsEnum.getSink(), ARANGODB_BATCH, TimeCharacteristic.ProcessingTime))
- .apply(new ArangodbBatchDnsWindow())
- .addSink(new ArangoDBSink(dnsEnum.getSink()))
- .setParallelism(SINK_PARALLELISM)
- .name("ArangodbSink");
- }
-
+ if (LOG_TYPE == 1) {
+ ConnLogService.connLogStream(env);
+ } else if (LOG_TYPE == 2) {
+ DnsLogService.dnsLogStream(env);
}
-
env.execute(args[0]);
} catch (Exception e) {
logger.error("This Flink task start ERROR! Exception information is : {}", e);
}
-
}
}
diff --git a/src/main/java/com/zdjizhi/utils/ck/CKUtils.java b/src/main/java/com/zdjizhi/utils/ck/CKUtils.java
new file mode 100644
index 0000000..7ff48d6
--- /dev/null
+++ b/src/main/java/com/zdjizhi/utils/ck/CKUtils.java
@@ -0,0 +1,54 @@
+package com.zdjizhi.utils.ck;
+
+import cn.hutool.core.io.IoUtil;
+import cn.hutool.log.Log;
+import cn.hutool.log.LogFactory;
+import ru.yandex.clickhouse.BalancedClickhouseDataSource;
+import ru.yandex.clickhouse.settings.ClickHouseProperties;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.concurrent.TimeUnit;
+
+import static com.zdjizhi.common.FlowWriteConfig.*;
+
+public class CKUtils {
+
+ private static final Log log = LogFactory.get();
+
+ private static Connection connection;
+
+ public static Connection getConnection() {
+
+ try {
+ ClickHouseProperties props = new ClickHouseProperties();
+ props.setDatabase(CK_DATABASE);
+ props.setUser(CK_USERNAME);
+ props.setPassword(CK_PIN);
+ props.setConnectionTimeout(CK_CONNECTION_TIMEOUT);
+ props.setSocketTimeout(CK_SOCKET_TIMEOUT);
+ props.setMaxThreads(50);
+
+ BalancedClickhouseDataSource blDataSource = new BalancedClickhouseDataSource("jdbc:clickhouse://" + CK_HOSTS, props);
+ blDataSource.actualize();
+ blDataSource.scheduleActualization(10, TimeUnit.SECONDS);//开启检测
+
+// HikariConfig conf = new HikariConfig();
+// conf.setDataSource(blDataSource);
+// conf.setMinimumIdle(1);
+// conf.setMaximumPoolSize(20);
+//
+// HikariDataSource hkDs = new HikariDataSource(conf);
+ connection = blDataSource.getConnection();
+ log.debug("get clickhouse connection success");
+ } catch (SQLException e) {
+ log.error("clickhouse connection error ,{}", e);
+ }
+ return connection;
+ }
+
+ public static void close(Connection connection) throws Exception {
+ IoUtil.close(connection);
+ }
+
+}
diff --git a/src/main/java/com/zdjizhi/utils/ck/ClickhouseSink.java b/src/main/java/com/zdjizhi/utils/ck/ClickhouseSink.java
index d58190d..75a3d7d 100644
--- a/src/main/java/com/zdjizhi/utils/ck/ClickhouseSink.java
+++ b/src/main/java/com/zdjizhi/utils/ck/ClickhouseSink.java
@@ -1,26 +1,18 @@
package com.zdjizhi.utils.ck;
-import cn.hutool.core.convert.Convert;
import cn.hutool.core.io.IoUtil;
-import cn.hutool.core.util.StrUtil;
import cn.hutool.log.Log;
import cn.hutool.log.LogFactory;
+import com.zdjizhi.enums.LogMetadata;
+import org.apache.commons.lang3.time.StopWatch;
import org.apache.flink.configuration.Configuration;
import org.apache.flink.streaming.api.functions.sink.RichSinkFunction;
-import ru.yandex.clickhouse.BalancedClickhouseDataSource;
-import ru.yandex.clickhouse.settings.ClickHouseProperties;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
-import java.util.LinkedList;
import java.util.List;
import java.util.Map;
-import java.util.Objects;
-import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;
-
-import static com.zdjizhi.common.FlowWriteConfig.*;
public class ClickhouseSink extends RichSinkFunction>> {
@@ -49,90 +41,49 @@ public class ClickhouseSink extends RichSinkFunction>>
@Override
public void open(Configuration parameters) throws Exception {
- try {
- ClickHouseProperties properties = new ClickHouseProperties();
-
- properties.setDatabase(CK_DATABASE);
- properties.setUser(CK_USERNAME);
- properties.setPassword(CK_PIN);
-// properties.setKeepAliveTimeout(5);
- properties.setConnectionTimeout(CK_CONNECTION_TIMEOUT);
- properties.setSocketTimeout(CK_SOCKET_TIMEOUT);
-
- BalancedClickhouseDataSource dataSource = new BalancedClickhouseDataSource("jdbc:clickhouse://" + CK_HOSTS, properties);
- dataSource.scheduleActualization(10, TimeUnit.SECONDS);//开启检测
- connection = dataSource.getConnection();
- log.debug("get clickhouse connection success");
- } catch (SQLException e) {
- log.error("clickhouse connection error ,{}", e);
- }
-
+ connection = CKUtils.getConnection();
}
@Override
public void close() throws Exception {
IoUtil.close(preparedStatement);
- IoUtil.close(connection);
+ CKUtils.close(connection);
}
public void executeInsert(List> data, String tableName) {
try {
+ StopWatch stopWatch = new StopWatch();
+ stopWatch.start();
+ log.debug("开始写入ck数据 :{}", data.size());
+
+ boolean autoCommit = connection.getAutoCommit();
connection.setAutoCommit(false);
- int count = 0;
- for (Map map : data) {
- List keys = new LinkedList<>(map.keySet());
- preparedStatement = connection.prepareStatement(preparedSql(keys, tableName));
-
- List