vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-01 00:19:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Cleanup schema (NOT NULL is not required - default)

Browse source
This commit is contained in:
Alfredo Cardigliano 2025-05-19 17:56:22 +02:00
parent fc5e6ea36d
commit 821efd53d0
2 changed files with 269 additions and 269 deletions
Download patch file Download diff file Expand all files Collapse all files

274
httpdocs/misc/db_schema_clickhouse_cluster.sql
View file

@ -193,19 +193,19 @@ ALTER TABLE `flows` ON CLUSTER '$CLUSTER' ADD COLUMN IF NOT EXISTS `QOE_SCORE` U
CREATE TABLE IF NOT EXISTS `active_monitoring_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`resolved_ip` String,
`resolved_name` String,
`measurement` String,
`measure_threshold` UInt32 NULL,
`measure_value` REAL NULL,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime NULL,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -224,19 +224,19 @@ DROP TABLE IF EXISTS `engaged_active_monitoring_alerts`;
@
CREATE TABLE `engaged_active_monitoring_alerts` (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`resolved_ip` String,
`resolved_name` String,
`measurement` String,
`measure_threshold` UInt32 NULL,
`measure_value` REAL NULL,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime NULL,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -249,23 +249,23 @@ CREATE TABLE `engaged_active_monitoring_alerts` (
CREATE TABLE IF NOT EXISTS `host_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`ip_version` UInt8 NOT NULL,
`ip` String NOT NULL,
`ip_version` UInt8,
`ip` String,
`vlan_id` UInt16,
`name` String,
`is_attacker` UInt8,
`is_victim` UInt8,
`is_client` UInt8,
`is_server` UInt8,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -295,23 +295,23 @@ DROP TABLE IF EXISTS `engaged_host_alerts`;
CREATE TABLE `engaged_host_alerts` (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`ip_version` UInt8 NOT NULL,
`ip` String NOT NULL,
`ip_version` UInt8,
`ip` String,
`vlan_id` UInt16,
`name` String,
`is_attacker` UInt8,
`is_victim` UInt8,
`is_client` UInt8,
`is_server` UInt8,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -327,20 +327,20 @@ CREATE TABLE `engaged_host_alerts` (
CREATE TABLE IF NOT EXISTS `mac_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`address` String,
`device_type` UInt8 NULL,
`name` String,
`is_attacker` UInt8,
`is_victim` UInt8,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -359,20 +359,20 @@ DROP TABLE IF EXISTS `engaged_mac_alerts`;
@
CREATE TABLE `engaged_mac_alerts` (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`address` String,
`device_type` UInt8 NULL,
`name` String,
`is_attacker` UInt8,
`is_victim` UInt8,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -385,19 +385,19 @@ CREATE TABLE `engaged_mac_alerts` (
CREATE TABLE IF NOT EXISTS `snmp_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`ip` String NOT NULL,
`ip` String,
`port` UInt32,
`name` String,
`port_name` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -418,19 +418,19 @@ DROP TABLE IF EXISTS `engaged_snmp_alerts`;
@
CREATE TABLE `engaged_snmp_alerts` (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`ip` String NOT NULL,
`ip` String,
`port` UInt32,
`name` String,
`port_name` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -443,18 +443,18 @@ CREATE TABLE `engaged_snmp_alerts` (
CREATE TABLE IF NOT EXISTS `network_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`local_network_id` UInt16 NOT NULL,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`local_network_id` UInt16,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`name` String,
`alias` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -473,18 +473,18 @@ DROP TABLE IF EXISTS `engaged_network_alerts`;
@
CREATE TABLE `engaged_network_alerts` (
`rowid` UUID,
`local_network_id` UInt16 NOT NULL,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`local_network_id` UInt16,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`name` String,
`alias` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -497,19 +497,19 @@ CREATE TABLE `engaged_network_alerts` (
CREATE TABLE IF NOT EXISTS `interface_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`ifid` UInt8 NOT NULL,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`ifid` UInt8,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`subtype` String,
`name` String,
`alias` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -528,19 +528,19 @@ DROP TABLE IF EXISTS `engaged_interface_alerts`;
@
CREATE TABLE `engaged_interface_alerts` (
`rowid` UUID,
`ifid` UInt8 NOT NULL,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`ifid` UInt8,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`subtype` String,
`name` String,
`alias` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -553,16 +553,16 @@ CREATE TABLE `engaged_interface_alerts` (
CREATE TABLE IF NOT EXISTS `user_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`user` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -581,16 +581,16 @@ DROP TABLE IF EXISTS `engaged_user_alerts`;
@
CREATE TABLE `engaged_user_alerts` (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`user` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -603,16 +603,16 @@ CREATE TABLE `engaged_user_alerts` (
CREATE TABLE IF NOT EXISTS `system_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`name` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -631,16 +631,16 @@ DROP TABLE IF EXISTS `engaged_system_alerts`;
@
CREATE TABLE `engaged_system_alerts` (
`rowid` UUID,
`alert_id` UInt32 NOT NULL,
`alert_status` UInt8 NOT NULL,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 NULL,
`name` String,
`tstamp` DateTime NOT NULL,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8 NOT NULL,
`score` UInt16 NOT NULL,
`granularity` UInt8 NOT NULL,
`counter` UInt32 NOT NULL,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
@ -724,9 +724,9 @@ ALTER TABLE `hourly_flows` ON CLUSTER '$CLUSTER' ADD COLUMN IF NOT EXISTS `DST2S
/* VS */
CREATE TABLE IF NOT EXISTS `vulnerability_scan_data` ON CLUSTER '$CLUSTER' (
`HOST` String NOT NULL,
`SCAN_TYPE` String NOT NULL,
`LAST_SCAN` DateTime NOT NULL,
`HOST` String,
`SCAN_TYPE` String,
`LAST_SCAN` DateTime,
`JSON_INFO` String,
`VS_RESULT_FILE` String
) ENGINE = ReplicatedMergeTree('/clickhouse/{cluster}/tables/{database}/{table}', '{replica}') PARTITION BY toYYYYMMDD(LAST_SCAN) ORDER BY (LAST_SCAN, HOST, SCAN_TYPE);
@ -735,7 +735,7 @@ CREATE TABLE IF NOT EXISTS `vulnerability_scan_data` ON CLUSTER '$CLUSTER' (
CREATE TABLE IF NOT EXISTS `vulnerability_scan_report` ON CLUSTER '$CLUSTER' (
`REPORT_NAME` String,
`REPORT_DATE` DateTime NOT NULL,
`REPORT_DATE` DateTime,
`REPORT_JSON_INFO` String,
`NUM_SCANNED_HOSTS` UInt32,
`NUM_CVES` UInt32,
@ -748,8 +748,8 @@ CREATE TABLE IF NOT EXISTS `vulnerability_scan_report` ON CLUSTER '$CLUSTER' (
/* MITRE */
CREATE TABLE IF NOT EXISTS `mitre_table_info` ON CLUSTER '$CLUSTER' (
`ALERT_ID` UInt16 NOT NULL,
`ENTITY_ID` UInt16 NOT NULL,
`ALERT_ID` UInt16,
`ENTITY_ID` UInt16,
`TACTIC` UInt16,
`TECHNIQUE` UInt16,
`SUB_TECHNIQUE` UInt16,
@ -762,17 +762,17 @@ CREATE TABLE IF NOT EXISTS `mitre_table_info` ON CLUSTER '$CLUSTER' (
/*
CREATE TABLE IF NOT EXISTS `asset_management` ON CLUSTER '$CLUSTER' (
`type` String NOT NULL,
`key` String NOT NULL,
`type` String,
`key` String,
`ip` String NULL,
`mac` String NOT NULL,
`mac` String,
`vlan` UInt16 NULL,
`network` UInt16 NULL,
`name` String NULL,
`device_type` UInt16 NULL,
`manufacturer` String NULL,
`first_seen` DateTime NOT NULL DEFAULT 0,
`last_seen` DateTime NOT NULL DEFAULT 0,
`first_seen` DateTime DEFAULT 0,
`last_seen` DateTime DEFAULT 0,
`trigger_alert` Boolean NULL,
`device_status` String NULL
) ENGINE = ReplacingMergeTree() PRIMARY KEY (`key`) ORDER BY (`key`);
@ -783,18 +783,18 @@ ALTER TABLE `asset_management` ADD COLUMN IF NOT EXISTS `ifid` UInt8;
/* ASSET */
CREATE TABLE IF NOT EXISTS `assets` (
`type` String NOT NULL,
`key` String NOT NULL,
`ifid` UInt8 NOT NULL,
`type` String,
`key` String,
`ifid` UInt8,
`ip` String NULL,
`mac` String NOT NULL,
`mac` String,
`vlan` UInt16 NULL,
`network` UInt16 NULL,
`name` String NULL,
`device_type` UInt16 NULL,
`manufacturer` String NULL,
`first_seen` DateTime NOT NULL,
`last_seen` DateTime NOT NULL,
`first_seen` DateTime,
`last_seen` DateTime,
`gateway_mac` String NULL,
`json_info` String NULL, -- A json containing all other info
`version` UInt64, -- Used to not have duplicates