summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwangkuan <[email protected]>2024-08-30 17:40:36 +0800
committerwangkuan <[email protected]>2024-08-30 17:40:36 +0800
commit20408bf8e3f93fcb66a3d4f5486492a2cb42eb56 (patch)
tree4163cfe1e6b51f88986feee11938fc5bdd9ecfcc
parent32002317c27a2e1f3b5ea72a6bcbec13d21b29f3 (diff)
cn_event 表新增字段 reset
Diffstat
-rw-r--r--cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_24.08.sql2
-rw-r--r--cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_check_24.08.sql2
-rw-r--r--cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_upgrade_24.08.sql2
3 files changed, 5 insertions, 1 deletions
diff --git a/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_24.08.sql b/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_24.08.sql
index 3d384df..ae5c9aa 100644
--- a/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_24.08.sql
+++ b/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_24.08.sql
@@ -1673,6 +1673,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event_local ON CLUSTER ck_cl
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
+ reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),
@@ -1691,6 +1692,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event ON CLUSTER ck_cluster(
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
+ reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),
diff --git a/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_check_24.08.sql b/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_check_24.08.sql
index 662216a..5ed9e32 100644
--- a/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_check_24.08.sql
+++ b/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_check_24.08.sql
@@ -64,5 +64,5 @@ SELECT key_fields, key_values, event_info, start_time, end_time, match_id, rule_
FROM cyber_narrator_galaxy.match_sequence where start_time >= toUnixTimestamp('2030-01-01 00:00:00') AND start_time <toUnixTimestamp('2030-01-01 00:00:01');
SELECT key_fields, key_values, event_info, start_time, end_time, match_id, rule_id, rule_version, rule_type, is_builtin, event_type, event_name, severity
FROM cyber_narrator_galaxy.match_unordered_sequence where start_time >= toUnixTimestamp('2030-01-01 00:00:00') AND start_time <toUnixTimestamp('2030-01-01 00:00:01');
-SELECT event_id, match_ids, key_fields, key_values, rule_id, rule_version, rule_type, is_builtin, event_type, event_name, start_time, end_time, duration_s, status
+SELECT event_id, match_ids, key_fields, key_values, rule_id, rule_version, rule_type, is_builtin, event_type, event_name, reset,start_time, end_time, duration_s, status
FROM cyber_narrator_galaxy.cn_event where start_time >= toUnixTimestamp('2030-01-01 00:00:00') AND start_time <toUnixTimestamp('2030-01-01 00:00:01'); \ No newline at end of file
diff --git a/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_upgrade_24.08.sql b/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_upgrade_24.08.sql
index 0fa1139..5fea5b0 100644
--- a/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_upgrade_24.08.sql
+++ b/cyber_narrator/upgrade/2024/CN-24.08/clickhouse/cn_clickhouse_ddl_upgrade_24.08.sql
@@ -184,6 +184,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event_local ON CLUSTER ck_cl
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
+ reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),
@@ -202,6 +203,7 @@ CREATE TABLE IF NOT EXISTS cyber_narrator_galaxy.cn_event ON CLUSTER ck_cluster(
is_builtin SimpleAggregateFunction(anyLast, Int8),
event_type SimpleAggregateFunction(anyLast, String),
event_name SimpleAggregateFunction(anyLast, String),
+ reset SimpleAggregateFunction(anyLast, Int64),
start_time SimpleAggregateFunction(min, Int64),
end_time SimpleAggregateFunction(max, Int64),
duration_s SimpleAggregateFunction(max, Int64),
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 17:42:51 +0000