vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-05 10:41:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add AS alert entity. Fix AS threshold crossed.

Browse source
This commit is contained in:
Alfredo Cardigliano 2025-08-25 14:45:22 +02:00
parent fa35d9183a
commit ba382f7316
13 changed files with 174 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

61
httpdocs/misc/db_schema_clickhouse_cluster.sql
View file

@ -500,6 +500,56 @@ CREATE TABLE `engaged_network_alerts` (
@
CREATE TABLE IF NOT EXISTS `as_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`asn` UInt32,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 DEFAULT 65535,
`name` String,
`alias` String,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
`user_label_tstamp` DateTime,
`alert_category` UInt8,
`require_attention` Boolean
) ENGINE = ReplicatedMergeTree('/clickhouse/{cluster}/tables/{database}/{table}', '{replica}') PARTITION BY toYYYYMMDD(tstamp) ORDER BY (tstamp);
@
DROP TABLE IF EXISTS `engaged_as_alerts`;
@
CREATE TABLE `engaged_as_alerts` (
`rowid` UUID,
`asn` UInt32,
`alert_id` UInt32,
`alert_status` UInt8,
`interface_id` UInt16 DEFAULT 65535,
`name` String,
`alias` String,
`tstamp` DateTime,
`tstamp_end` DateTime,
`severity` UInt8,
`score` UInt16,
`granularity` UInt8,
`counter` UInt32,
`description` String,
`json` String,
`user_label` String,
`user_label_tstamp` DateTime,
`alert_category` UInt8,
`require_attention` Boolean
) ENGINE = Memory;
@
CREATE TABLE IF NOT EXISTS `interface_alerts` ON CLUSTER '$CLUSTER' (
`rowid` UUID,
`ifid` UInt8,
@ -828,6 +878,15 @@ SELECT * FROM `engaged_network_alerts`
@
DROP VIEW IF EXISTS `as_alerts_view` ON CLUSTER '$CLUSTER';
@
CREATE VIEW IF NOT EXISTS `as_alerts_view` ON CLUSTER '$CLUSTER' AS
SELECT * FROM `as_alerts`
UNION ALL
SELECT * FROM `engaged_as_alerts`
@
DROP VIEW IF EXISTS `interface_alerts_view` ON CLUSTER '$CLUSTER';
@
CREATE VIEW IF NOT EXISTS `interface_alerts_view` ON CLUSTER '$CLUSTER' AS
@ -991,6 +1050,8 @@ UNION ALL
SELECT 7 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `user_alerts`
UNION ALL
SELECT 9 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `system_alerts`
UNION ALL
SELECT 10 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `as_alerts`
;
@