Add rowid based on UUID to clickhouse (#6046)

httpdocs/misc/alert_store_schema_clickhouse.sql

@@ -1,4 +1,5 @@
 CREATE TABLE IF NOT EXISTS `active_monitoring_alerts` (
+`rowid` UUID,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
 `interface_id` UInt16 NULL,
@@ -21,6 +22,7 @@ CREATE TABLE IF NOT EXISTS `active_monitoring_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `flow_alerts` (
+`rowid` UUID,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
 `interface_id` UInt16 NULL,
@@ -65,6 +67,7 @@ CREATE TABLE IF NOT EXISTS `flow_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `host_alerts` (
+`rowid` UUID,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
 `interface_id` UInt16 NULL,
@@ -91,6 +94,7 @@ CREATE TABLE IF NOT EXISTS `host_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `mac_alerts` (
+`rowid` UUID,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
 `interface_id` UInt16 NULL,
@@ -114,6 +118,7 @@ CREATE TABLE IF NOT EXISTS `mac_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `snmp_alerts` (
+`rowid` UUID,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
 `interface_id` UInt16 NULL,
@@ -136,6 +141,7 @@ CREATE TABLE IF NOT EXISTS `snmp_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `network_alerts` (
+`rowid` UUID,
 `local_network_id` UInt16 NOT NULL,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
@@ -157,6 +163,7 @@ CREATE TABLE IF NOT EXISTS `network_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `interface_alerts` (
+`rowid` UUID,
 `ifid` UInt8 NOT NULL,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
@@ -179,6 +186,7 @@ CREATE TABLE IF NOT EXISTS `interface_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `user_alerts` (
+`rowid` UUID,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
 `interface_id` UInt16 NULL,
@@ -198,6 +206,7 @@ CREATE TABLE IF NOT EXISTS `user_alerts` (
 @
 
 CREATE TABLE IF NOT EXISTS `system_alerts` (
+`rowid` UUID,
 `alert_id` UInt32 NOT NULL,
 `alert_status` UInt8 NOT NULL,
 `interface_id` UInt16 NULL,

scripts/lua/modules/alert_store/flow_alert_store.lua

@@ -35,24 +35,28 @@ end
 -- ##############################################
 
 function flow_alert_store:insert(alert)
-   local hex_prefix
-   local insert_stmt
+   local hex_prefix = ""
+   local extra_columns = ""
+   local extra_values = ""
 
    if(ntop.isClickHouseEnabled()) then
-      hex_prefix = ""
+      extra_columns = "rowid, "
+      extra_values = "generateUUIDv4(), "
    else
       hex_prefix = "X"
    end
 
-   insert_stmt = string.format("INSERT INTO %s "..
-      "(alert_id, interface_id, tstamp, tstamp_end, severity, ip_version, cli_ip, srv_ip, cli_port, srv_port, vlan_id, "..
+   local insert_stmt = string.format("INSERT INTO %s "..
+      "(%salert_id, interface_id, tstamp, tstamp_end, severity, ip_version, cli_ip, srv_ip, cli_port, srv_port, vlan_id, "..
       "is_cli_attacker, is_cli_victim, is_srv_attacker, is_srv_victim, proto, l7_proto, l7_master_proto, l7_cat, "..
       "cli_name, srv_name, cli_country, srv_country, cli_blacklisted, srv_blacklisted, "..
       "cli2srv_bytes, srv2cli_bytes, cli2srv_pkts, srv2cli_pkts, first_seen, community_id, score, "..
       "flow_risk_bitmap, alerts_map, json) "..
-      "VALUES (%u, %u, %u, %u, %u, %u, '%s', '%s', %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, '%s', '%s', '%s', "..
+      "VALUES (%s%u, %u, %u, %u, %u, %u, '%s', '%s', %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, '%s', '%s', '%s', "..
       "'%s', %u, %u, %u, %u, %u, %u, %u, '%s', %u, %u, %s'%s', '%s'); ",
-      self._table_name, 
+      self._table_name,
+      extra_columns,
+      extra_values,
       alert.alert_id,
       interface.getId(),
       alert.tstamp,

src/Utils.cpp

@@ -3964,41 +3964,40 @@ void Utils::init_pcap_header(struct pcap_file_header * const h, int linktype, in
 void Utils::listInterfaces(lua_State* vm) {
   ntop_if_t *devpointer, *cur;
 
-  if(Utils::ntop_findalldevs(&devpointer)) {
-    ;
-  } else {
-    for(cur = devpointer; cur; cur = cur->next) {
-      lua_newtable(vm);
+  if(Utils::ntop_findalldevs(&devpointer) != 0)
+    return; /* Error */
+  
+  for(cur = devpointer; cur; cur = cur->next) {
+    lua_newtable(vm);
 
-      if(cur->name) {
-        struct sockaddr_in sin;
-        struct sockaddr_in6 sin6;
-	char buf[64];
+    if(cur->name) {
+      struct sockaddr_in sin;
+      struct sockaddr_in6 sin6;
+      char buf[64];
 
-        sin.sin_family = AF_INET;
-	sin.sin_addr.s_addr = Utils::readIPv4(cur->name);
+      sin.sin_family = AF_INET;
+      sin.sin_addr.s_addr = Utils::readIPv4(cur->name);
 
-        if(sin.sin_addr.s_addr != 0)
-          lua_push_str_table_entry(vm, "ipv4", Utils::intoaV4(ntohl(sin.sin_addr.s_addr), buf, sizeof(buf)));
+      if(sin.sin_addr.s_addr != 0)
+        lua_push_str_table_entry(vm, "ipv4", Utils::intoaV4(ntohl(sin.sin_addr.s_addr), buf, sizeof(buf)));
 
 #ifndef WIN32
-        sin6.sin6_family = AF_INET6;
-        if(Utils::readIPv6(cur->name, &sin6.sin6_addr)) {
-	  struct ndpi_in6_addr* ip6 = (struct ndpi_in6_addr*)&sin6.sin6_addr;
-	  char* ip = Utils::intoaV6(*ip6, 128, buf, sizeof(buf));
+      sin6.sin6_family = AF_INET6;
+      if(Utils::readIPv6(cur->name, &sin6.sin6_addr)) {
+        struct ndpi_in6_addr* ip6 = (struct ndpi_in6_addr*)&sin6.sin6_addr;
+        char* ip = Utils::intoaV6(*ip6, 128, buf, sizeof(buf));
 
-	  lua_push_str_table_entry(vm, "ipv6", ip);
-        }
-#endif
+        lua_push_str_table_entry(vm, "ipv6", ip);
       }
-
-      lua_pushstring(vm, cur->name);
-      lua_insert(vm, -2);
-      lua_settable(vm, -3);
+#endif
     }
 
-    Utils::ntop_freealldevs(devpointer);
+    lua_pushstring(vm, cur->name);
+    lua_insert(vm, -2);
+    lua_settable(vm, -3);
   }
+
+  Utils::ntop_freealldevs(devpointer);
 }
 
 /* ****************************************************** */