diff --git a/server/querier/db_descriptions/clickhouse/metrics/event/alert_record b/server/querier/db_descriptions/clickhouse/metrics/event/alert_record new file mode 100644 index 00000000000..69680efa552 --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/metrics/event/alert_record @@ -0,0 +1,4 @@ +# Field , DBField , Type , Category , Permission +log_count , , counter , Throughput , 111 +row , , other , Other , 111 +metric_value , metric_value , counter , metrics , 111 diff --git a/server/querier/db_descriptions/clickhouse/metrics/event/alert_record.ch b/server/querier/db_descriptions/clickhouse/metrics/event/alert_record.ch new file mode 100644 index 00000000000..4b19d6cbf17 --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/metrics/event/alert_record.ch @@ -0,0 +1,4 @@ +# Field , DisplayName , Unit , Description +log_count , 日志总量 , 个 , +row , 行数 , 个 , +metric_value , 告警值 , , diff --git a/server/querier/db_descriptions/clickhouse/metrics/event/alert_record.en b/server/querier/db_descriptions/clickhouse/metrics/event/alert_record.en new file mode 100644 index 00000000000..6b7c9ba9096 --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/metrics/event/alert_record.en @@ -0,0 +1,4 @@ +# Field , DisplayName , Unit , Description +log_count , Log Count , , +row , Row Count , , +metric_value , MetricValue , , diff --git a/server/querier/db_descriptions/clickhouse/tag/enum/state.ch b/server/querier/db_descriptions/clickhouse/tag/enum/state.ch new file mode 100644 index 00000000000..6f2e8ee9ff5 --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/tag/enum/state.ch @@ -0,0 +1,3 @@ +# Value , DisplayName , Description +0 , 持续中 , +1 , 已结束 , diff --git a/server/querier/db_descriptions/clickhouse/tag/enum/state.en b/server/querier/db_descriptions/clickhouse/tag/enum/state.en new file mode 100644 index 00000000000..8aa86267e14 --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/tag/enum/state.en @@ -0,0 +1,3 @@ +# Value , DisplayName , Description +0 , Ongoing , +1 , Ended , diff --git a/server/querier/db_descriptions/clickhouse/tag/event/alert_event b/server/querier/db_descriptions/clickhouse/tag/event/alert_event index b279959d3d2..59265fe67c2 100644 --- a/server/querier/db_descriptions/clickhouse/tag/event/alert_event +++ b/server/querier/db_descriptions/clickhouse/tag/event/alert_event @@ -75,3 +75,9 @@ _query_region , _query_region , _query_region trigger_threshold , trigger_threshold , trigger_threshold , string , , Event Info , 111 , 0 , metric_unit , metric_unit , metric_unit , string , , Event Info , 111 , 0 , metric_value_str , metric_value_str , metric_value_str , string , , Event Info , 111 , 0 , +event_id , event_id , event_id , string , , Event Info , 111 , 0 , +start_time , start_time , start_time , int , , Event Info , 111 , 0 , +end_time , end_time , end_time , int , , Event Info , 111 , 0 , +duration , duration , duration , int , , Event Info , 111 , 0 , +state , state , state , int_enum , event_state , Event Info , 111 , 0 , +alert_time , alert_time , alert_time , int , , Event Info , 111 , 0 , diff --git a/server/querier/db_descriptions/clickhouse/tag/event/alert_event.ch b/server/querier/db_descriptions/clickhouse/tag/event/alert_event.ch index dfc79d027d2..48841df4705 100644 --- a/server/querier/db_descriptions/clickhouse/tag/event/alert_event.ch +++ b/server/querier/db_descriptions/clickhouse/tag/event/alert_event.ch @@ -75,3 +75,9 @@ _query_region , 查询区域 , trigger_threshold , 告警阈值 , metric_unit , 告警值单位 , metric_value_str , 告警值 , +event_id , 事件 ID , +start_time , 开始时间 , +end_time , 结束时间 , +duration , 持续时间 , +state , 状态 , +alert_time , 告警时间 , diff --git a/server/querier/db_descriptions/clickhouse/tag/event/alert_event.en b/server/querier/db_descriptions/clickhouse/tag/event/alert_event.en index 312171f51c0..d388560d8c1 100644 --- a/server/querier/db_descriptions/clickhouse/tag/event/alert_event.en +++ b/server/querier/db_descriptions/clickhouse/tag/event/alert_event.en @@ -75,3 +75,9 @@ _query_region , QueryRegion , trigger_threshold , TriggerThreshold , metric_unit , MetricUnit , metric_value_str , MetricValue , +event_id , Event ID , +start_time , Start Time , +end_time , End Time , +duration , Duration , +state , State , +alert_time , Alert Time , diff --git a/server/querier/db_descriptions/clickhouse/tag/event/alert_record b/server/querier/db_descriptions/clickhouse/tag/event/alert_record new file mode 100644 index 00000000000..fb05fd1c15d --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/tag/event/alert_record @@ -0,0 +1,78 @@ +# Name , ClientName , ServerName , Type , EnumFile , Category , Permission , Deprecated +time_str , time_str , time_str , time , , Timestamp , 111 , 0 +_id , _id , _id , id , , Event Info , 111 , 0 +time , time , time , time , , Event Info , 111 , 0 + +region , region_0 , region_1 , resource , , Universal Tag , 110 , 0 , 110 +az , az_0 , az_1 , resource , , Universal Tag , 110 , 0 , 110 +host , host_0 , host_1 , resource , , Universal Tag , 100 , 0 , 110 +chost , chost_0 , chost_1 , resource , , Universal Tag , 111 , 0 , 110 +vpc , vpc_0 , vpc_1 , resource , , Universal Tag , 111 , 0 , 110 +l2_vpc , l2_vpc_0 , l2_vpc_1 , resource , , Universal Tag , 110 , 0 , 110 +subnet , subnet_0 , subnet_1 , resource , , Universal Tag , 111 , 0 , 110 +router , router_0 , router_1 , resource , , Universal Tag , 110 , 0 , 110 +dhcpgw , dhcpgw_0 , dhcpgw_1 , resource , , Universal Tag , 110 , 0 , 110 +lb , lb_0 , lb_1 , resource , , Universal Tag , 110 , 0 , 110 +lb_listener , lb_listener_0 , lb_listener_1 , resource , , Universal Tag , 110 , 0 , 110 +natgw , natgw_0 , natgw_1 , resource , , Universal Tag , 110 , 0 , 110 +redis , redis_0 , redis_1 , resource , , Universal Tag , 110 , 0 , 110 +rds , rds_0 , rds_1 , resource , , Universal Tag , 110 , 0 , 110 +pod_cluster , pod_cluster_0 , pod_cluster_1 , resource , , Universal Tag , 111 , 0 , 110 +pod_ns , pod_ns_0 , pod_ns_1 , resource , , Universal Tag , 111 , 0 , 110 +pod_node , pod_node_0 , pod_node_1 , resource , , Universal Tag , 111 , 0 , 110 +pod_ingress , pod_ingress_0 , pod_ingress_1 , resource , , Universal Tag , 111 , 0 , 110 +pod_service , pod_service_0 , pod_service_1 , resource , , Universal Tag , 111 , 0 , 110 +pod_group_type , pod_group_type_0 , pod_group_type_1 , int , , Universal Tag , 111 , 0 , 110 +pod_group , pod_group_0 , pod_group_1 , resource , , Universal Tag , 111 , 0 , 110 +pod , pod_0 , pod_1 , resource , , Universal Tag , 111 , 0 , 110 +service , service_0 , service_1 , resource , , Universal Tag , 111 , 1 , 110 +auto_instance_type , auto_instance_type_0 , auto_instance_type_1 , int , , Universal Tag , 111 , 0 , 110 +auto_instance , auto_instance_0 , auto_instance_1 , resource , , Universal Tag , 111 , 0 , 110 +auto_service_type , auto_service_type_0 , auto_service_type_1 , int , , Universal Tag , 111 , 0 , 110 +auto_service , auto_service_0 , auto_service_1 , resource , , Universal Tag , 111 , 0 , 110 +gprocess , gprocess_0 , gprocess_1 , resource , , Universal Tag , 111 , 0 , 110 +tap_port_host , tap_port_host , tap_port_host , resource , , Universal Tag , 111 , 1 , 110 +tap_port_chost , tap_port_chost , tap_port_chost , resource , , Universal Tag , 111 , 1 , 110 +tap_port_pod_node , tap_port_pod_node , tap_port_pod_node , resource , , Universal Tag , 111 , 1 , 110 +capture_nic_host , capture_nic_host , capture_nic_host , resource , , Universal Tag , 111 , 0 , 110 +capture_nic_chost , capture_nic_chost , capture_nic_chost , resource , , Universal Tag , 111 , 0 , 110 +capture_nic_pod_node , capture_nic_pod_node , capture_nic_pod_node , resource , , Universal Tag , 111 , 0 , 110 +host_ip , host_ip_0 , host_ip_1 , resource , , Universal Tag , 111 , 0 , 110 +host_hostname , host_hostname_0 , host_hostname_1 , resource , , Universal Tag , 111 , 0 , 110 +chost_ip , chost_ip_0 , chost_ip_1 , resource , , Universal Tag , 111 , 0 , 110 +chost_hostname , chost_hostname_0 , chost_hostname_1 , resource , , Universal Tag , 111 , 0 , 110 +pod_node_ip , pod_node_ip_0 , pod_node_ip_1 , resource , , Universal Tag , 111 , 0 , 110 +pod_node_hostname , pod_node_hostname_0 , pod_node_hostname_1 , resource , , Universal Tag , 111 , 0 , 110 + +ip , ip_0 , ip_1 , ip , , Network Layer , 111 , 0 , 110 +is_internet , is_internet_0 , is_internet_1 , bool , , Network Layer , 111 , 0 , 110 +province , province_0 , province_1 , string , , Network Layer , 111 , 0 , 110 + +tcp_flags_bit , tcp_flags_bit_0 , tcp_flags_bit_1 , bit_enum , tcp_flags_bit , Transport Layer , 111 , 0 , 110 + +l2_end , l2_end_0 , l2_end_1 , bool , , Capture Info , 111 , 0 , 110 +l3_end , l3_end_0 , l3_end_1 , bool , , Capture Info , 111 , 0 , 110 +nat_real_ip , nat_real_ip_0 , nat_real_ip_1 , ip , , Capture Info , 111 , 0 , 110 +nat_real_port , nat_real_port_0 , nat_real_port_1 , int , , Capture Info , 111 , 0 , 110 + +process_id , process_id_0 , process_id_1 , int , , Service Info , 111 , 0 , 110 +process_kname , process_kname_0 , process_kname_1 , string , , Service Info , 111 , 0 , 110 + +k8s.label , k8s.label_0 , k8s.label_1 , map , , Custom Tag , 111 , 0 , 110 +k8s.annotation , k8s.annotation_0 , k8s.annotation_1 , map , , Custom Tag , 111 , 0 , 110 +k8s.env , k8s.env_0 , k8s.env_1 , map , , Custom Tag , 111 , 0 , 110 +cloud.tag , cloud.tag_0 , cloud.tag_1 , map , , Custom Tag , 111 , 0 , 110 +os.app , os.app_0 , os.app_1 , map , , Custom Tag , 111 , 0 , 110 +biz_service.group , biz_service.group_0 , biz_service.group_1 , map_item , , Custom Tag , 111 , 0 , 110 + +user , user , user , resource , , Universal Tag , 111 , 0 , +alert_policy , alert_policy , alert_policy , resource , , Universal Tag , 110 , 0 , +policy_type , policy_type , policy_type , int_enum , policy_app_type , Alarm Info , 111 , 0 , +event_level , event_level , event_level , int_enum , event_level , Alarm Info , 111 , 0 , +target_tags , target_tags , target_tags , string , , Event Info , 111 , 0 , +_target_uid , _target_uid , _target_uid , string , , Event Info , 111 , 0 , 111 +_query_region , _query_region , _query_region , string , , Event Info , 111 , 0 , +trigger_threshold , trigger_threshold , trigger_threshold , string , , Event Info , 111 , 0 , +metric_unit , metric_unit , metric_unit , string , , Event Info , 111 , 0 , +metric_value_str , metric_value_str , metric_value_str , string , , Event Info , 111 , 0 , +event_id , event_id , event_id , string , , Event Info , 111 , 0 , diff --git a/server/querier/db_descriptions/clickhouse/tag/event/alert_record.ch b/server/querier/db_descriptions/clickhouse/tag/event/alert_record.ch new file mode 100644 index 00000000000..0c142b0ea17 --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/tag/event/alert_record.ch @@ -0,0 +1,78 @@ +# Name , DisplayName , Description +time_str , 触发时间 , +_id , UID , +time , 触发时间 , 将 end_time 取整到秒。 + +region , 区域 , +az , 可用区 , +host , 宿主机 , 承载虚拟机的宿主机。 +chost , 云主机 , 包括虚拟机、裸金属服务器。 +vpc , VPC , +l2_vpc , 转发 VPC , MAC 地址所在的 VPC。 +subnet , 子网 , +router , 路由器 , +dhcpgw , DHCP 网关 , +lb , 负载均衡器 , +lb_listener , 负载均衡监听器 , +natgw , NAT 网关 , +redis , Redis , +rds , RDS , +pod_cluster , K8s 容器集群 , +pod_ns , K8s 命名空间 , +pod_node , K8s 容器节点 , +pod_ingress , K8s Ingress , +pod_service , K8s 容器服务 , +pod_group_type , K8s 工作负载类型 , +pod_group , K8s 工作负载 , 例如 Deployment、StatefulSet、Daemonset 等。 +pod , K8s 容器 POD , +service , 服务 , 已废弃,请使用 pod_service +auto_instance_type , 自动实例类型 , `auto_instance`实例对应的类型。 +auto_instance , 自动实例 , IP 对应的实例,实例为IP时,auto_instance_id显示为子网ID。 +auto_service_type , 自动服务类型 , `auto_service`实例对应的类型。 +auto_service , 自动服务 , 在`auto_instance`基础上,将容器服务的 ClusterIP 与工作负载聚合为服务,实例为IP时,auto_service_id显示为子网ID。 +gprocess , 进程 , +tap_port_host , 采集网卡所属宿主机 , 已废弃,请使用 capture_nic_host。 +tap_port_chost , 采集网卡所属云主机 , 已废弃,请使用 capture_nic_chost。 +tap_port_pod_node , 采集网卡所属容器节点 , 已废弃,请使用 capture_nic_pod_node。 +capture_nic_host , 采集网卡所属宿主机 , +capture_nic_chost , 采集网卡所属云主机 , +capture_nic_pod_node , 采集网卡所属容器节点 , +host_ip , 宿主机 , 宿主机的管理 IP。 +host_hostname , 宿主机 , 宿主机的 Hostname。 +chost_ip , 云主机 , 云主机的主 IP。 +chost_hostname , 云主机 , 云主机的 Hostname。 +pod_node_ip , K8s 容器节点 , 容器节点的主 IP。 +pod_node_hostname , K8s 容器节点 , 容器节点的 Hostname。 + +ip , IP 地址 , +is_internet , Internet IP 标志 , IP 地址是否为外部 Internet 地址。 +province , 省份 , Internet IP 地址所属的省份。 + +tcp_flags_bit , TCP 标志位集合 , 当前自然分钟内所有包中 TCP 标志位的集合。 + +l2_end , 二层边界 , 表示是否是在客户端网卡或服务端网卡处采集的流量。 +l3_end , 三层边界 , 表示是否是在客户端或服务端所在二层网络内采集的流量。 +nat_real_ip , NAT IP 地址 , NAT 作用前(后)的真实 IP 地址,该值从 TOA(TCP Option Address)中提取,或者根据云平台中 VIP 与 RIP 的映射信息计算。 +nat_real_port , NAT Port , NAT 作用前的真实端口号,该值从 TOA(TCP Option Address)中提取。 + +process_id , 进程 ID , +process_kname , 系统进程 , + +k8s.label , K8s Label , K8s 自定义 Label。 +k8s.annotation , K8s Annotation , +k8s.env , K8s Env , +cloud.tag , Cloud Tag , +os.app , OS APP , +biz_service.group , 服务组 , + +user , 创建人 , +alert_policy , 告警策略 , +policy_type , 策略类型 , +event_level , 事件等级 , +target_tags , 告警对象 , +_target_uid , , +_query_region , 查询区域 , +trigger_threshold , 告警阈值 , +metric_unit , 告警值单位 , +metric_value_str , 告警值 , +event_id , 事件 ID , diff --git a/server/querier/db_descriptions/clickhouse/tag/event/alert_record.en b/server/querier/db_descriptions/clickhouse/tag/event/alert_record.en new file mode 100644 index 00000000000..2ae3e0dd284 --- /dev/null +++ b/server/querier/db_descriptions/clickhouse/tag/event/alert_record.en @@ -0,0 +1,78 @@ +# Name , DisplayName , Description +time_str , Time , +_id , UID , +time , triggeringTime , Round end_time to seconds. + +region , Region , +az , Availability Zone , +host , VM Hypervisor , Host running virtual machine. +chost , Cloud Host , Including virtual machines, bare metal servers. +vpc , VPC , +l2_vpc , Forwarding VPC , VPC where the MAC address is located. +subnet , Subnet , +router , Router , +dhcpgw , DHCP Gateway , +lb , Load Balancer , +lb_listener , Load Balancer Listener , +natgw , NAT Gateway , +redis , Redis , +rds , RDS , +pod_cluster , K8s Cluster , +pod_ns , K8s Namespace , +pod_node , K8s Node , +pod_ingress , K8s Ingress , +pod_service , K8s Service , +pod_group_type , K8s Workload Type , +pod_group , K8s Workload , Such as Deployment, StatefulSet, Daemonset, etc. +pod , K8s POD , +service , Service , Deprecated,please use pod_service +auto_instance_type , Type - K8s POD First , The type of 'auto_instance'. +auto_instance , Instance - K8s POD First , The instance of IP, when the instance is an IP, auto_instance_id displayed as a subnet ID. +auto_service_type , Type - K8s Service First , The type of 'auto_service'. +auto_service , Instance - K8s Service First , On the basis of 'auto_instance', aggregate K8s service ClusterIP and workload into service, when the instance is an IP, auto_service_id displayed as a subnet ID. +gprocess , Process , +tap_port_host , Tap Port Host , Deprecated,please use capture_nic_host. +tap_port_chost , Tap Port Cloud Host , Deprecated,please use capture_nic_chost. +tap_port_pod_node , Tap Port K8s Node , Deprecated,please use capture_nic_pod_node. +capture_nic_host , Host of Capture NIC , +capture_nic_chost , Cloud Host of Capture NIC , +capture_nic_pod_node , K8s Node of Capture NIC , +host_ip , VM Hypervisor , The management IP address of VM Hypervisor. +host_hostname , VM Hypervisor , The hostname of VM Hypervisor. +chost_ip , Cloud Host , The primary IP address of Cloud Host. +chost_hostname , Cloud Host , The hostname of Cloud Host. +pod_node_ip , K8s Node , The primary IP address of K8s Node. +pod_node_hostname , K8s Node , The hostname of K8s Node. + +ip , IP Address , +is_internet , Internet IP Flag , Whether the IP address is an external Internet address. +province , Province , The province to which the Internet IP address belongs. + +tcp_flags_bit , TCP Flag Set , The set of TCP flags in all packets in the current natural minute. + +l2_end , Boundary of L2 Network , Indicates whether the traffic is collected on the client NIC or the server NIC. +l3_end , Boundary of L3 Network , Indicates whether the traffic is collected in the Layer 2 network where the client or server is located. +nat_real_ip , NAT IP Address , The real IP address before (after) NAT, the value is extracted from TOA (TCP Option Address), or calculated according to the mapping information between VIP and RIP in the cloud platform. +nat_real_port , NAT Port , The real port number before NAT works, the value is extracted from TOA (TCP Option Address). + +process_id , Process ID , +process_kname , System Process , + +k8s.label , K8s Label , +k8s.annotation , K8s Annotation , +k8s.env , K8s Env , +cloud.tag , Cloud Tag , +os.app , OS APP , +biz_service.group , Biz Service Group , + +user , Creator , +alert_policy , AlarmPolicy , +policy_type , PolicyType , +event_level , EventLevel , +target_tags , TargetTags , +_target_uid , , +_query_region , QueryRegion , +trigger_threshold , TriggerThreshold , +metric_unit , MetricUnit , +metric_value_str , MetricValue , +event_id , Event ID , diff --git a/server/querier/engine/clickhouse/clickhouse.go b/server/querier/engine/clickhouse/clickhouse.go index d4c22286bbd..6374db6ccf9 100644 --- a/server/querier/engine/clickhouse/clickhouse.go +++ b/server/querier/engine/clickhouse/clickhouse.go @@ -197,7 +197,7 @@ func (e *CHEngine) ExecuteQuery(args *common.QuerierParams) (*common.Result, map fromMatch := fromRegexp.FindStringSubmatch(sql) if len(fromMatch) > 1 { table := fromMatch[1] - if table != "alert_event" { + if table != chCommon.TABLE_NAME_ALERT_EVENT && table != chCommon.TABLE_NAME_ALERT_RECORD { sql, err = ReplaceCustomBizServiceFilter(sql, e.ORGID) if err != nil { return nil, nil, err diff --git a/server/querier/engine/clickhouse/common/const.go b/server/querier/engine/clickhouse/common/const.go index f937b81805e..955e069205b 100644 --- a/server/querier/engine/clickhouse/common/const.go +++ b/server/querier/engine/clickhouse/common/const.go @@ -37,6 +37,8 @@ const TABLE_NAME_FILE_EVENT = "file_event" const TABLE_NAME_IN_PROCESS = "in_process" const TABLE_NAME_IN_PROCESS_METRICS = "in_process_metrics" const TABLE_NAME_FILE_EVENT_METRICS = "file_event_metrics" +const TABLE_NAME_ALERT_EVENT = "alert_event" +const TABLE_NAME_ALERT_RECORD = "alert_record" const INDEX_TYPE_INCREMETAL_ID = "incremental-id" const FORMAT_HEX = "hex" const TAG_SERVER_CH_PREFIX = "服务端" @@ -63,7 +65,7 @@ var DB_TABLE_MAP = map[string][]string{ DB_NAME_EXT_METRICS: []string{"ext_common"}, DB_NAME_DEEPFLOW_ADMIN: []string{"deepflow_server"}, DB_NAME_DEEPFLOW_TENANT: []string{"deepflow_collector"}, - DB_NAME_EVENT: []string{"event", "file_event", "alert_event", TABLE_NAME_FILE_EVENT_METRICS}, + DB_NAME_EVENT: []string{"event", "file_event", TABLE_NAME_ALERT_EVENT, TABLE_NAME_ALERT_RECORD, TABLE_NAME_FILE_EVENT_METRICS}, DB_NAME_PROFILE: []string{"in_process", TABLE_NAME_IN_PROCESS_METRICS}, DB_NAME_PROMETHEUS: []string{"samples"}, DB_NAME_APPLICATION_LOG: []string{"log"}, diff --git a/server/querier/engine/clickhouse/filter.go b/server/querier/engine/clickhouse/filter.go index c5bb8df9db6..3bad8bbfe72 100644 --- a/server/querier/engine/clickhouse/filter.go +++ b/server/querier/engine/clickhouse/filter.go @@ -809,7 +809,7 @@ func (t *WhereTag) Trans(expr sqlparser.Expr, w *Where, e *CHEngine) (view.Node, } } return &view.Expr{Value: filter}, nil - } else if table == "alert_event" { + } else if table == chCommon.TABLE_NAME_ALERT_EVENT || table == chCommon.TABLE_NAME_ALERT_RECORD { tagName := strings.Trim(t.Tag, "`") tagItem, ok := tag.GetTag(tagName, db, table, "default") if !ok { diff --git a/server/querier/engine/clickhouse/group.go b/server/querier/engine/clickhouse/group.go index 70ebfbc0e9d..df68299b376 100644 --- a/server/querier/engine/clickhouse/group.go +++ b/server/querier/engine/clickhouse/group.go @@ -121,7 +121,7 @@ func GetGroup(name string, e *CHEngine) ([]Statement, error) { } else if tagItem.GroupTranslator != "" { stmts = append(stmts, &GroupTag{Value: tagItem.GroupTranslator, AsTagMap: asTagMap}) } else { - if table == "alert_event" { + if table == chCommon.TABLE_NAME_ALERT_EVENT || table == chCommon.TABLE_NAME_ALERT_RECORD { stmts = append(stmts, &GroupTag{Value: name, AsTagMap: asTagMap}) } else { stmts = GetMultiGroup(stmts, name, asTagMap) diff --git a/server/querier/engine/clickhouse/metrics/metrics.go b/server/querier/engine/clickhouse/metrics/metrics.go index c60f63253a2..cb129cd1be3 100644 --- a/server/querier/engine/clickhouse/metrics/metrics.go +++ b/server/querier/engine/clickhouse/metrics/metrics.go @@ -348,7 +348,7 @@ func GetMetricsByDBTableStatic(db string, table string) map[string]*Metrics { return GetResourceEventMetrics() case "file_event": return GetResourceFileEventMetrics() - case "alert_event": + case ckcommon.TABLE_NAME_ALERT_EVENT, ckcommon.TABLE_NAME_ALERT_RECORD: return GetAlarmEventMetrics() case ckcommon.TABLE_NAME_FILE_EVENT_METRICS: return GetFileEventMetricsMetrics() @@ -665,7 +665,7 @@ func MergeMetrics(db string, table string, loadMetrics map[string]*Metrics) erro case "file_event": metrics = RESOURCE_FILE_EVENT_METRICS replaceMetrics = RESOURCE_FILE_EVENT_METRICS_REPLACE - case "alert_event": + case ckcommon.TABLE_NAME_ALERT_EVENT, ckcommon.TABLE_NAME_ALERT_RECORD: metrics = ALARM_EVENT_METRICS replaceMetrics = ALARM_EVENT_METRICS_REPLACE case ckcommon.TABLE_NAME_FILE_EVENT_METRICS: diff --git a/server/querier/engine/clickhouse/tag.go b/server/querier/engine/clickhouse/tag.go index 0067fcdb447..8e78b5ca9e7 100644 --- a/server/querier/engine/clickhouse/tag.go +++ b/server/querier/engine/clickhouse/tag.go @@ -86,7 +86,7 @@ func GetTagTranslator(name, alias string, e *CHEngine) ([]Statement, string, err labelType := "" nameNoBackQuote := strings.Trim(name, "`") tagItem, ok := tag.GetTag(nameNoBackQuote, db, table, "default") - if table == "alert_event" { + if table == chCommon.TABLE_NAME_ALERT_EVENT || table == chCommon.TABLE_NAME_ALERT_RECORD { if slices.Contains(tag.AUTO_CUSTOM_TAG_NAMES, nameNoBackQuote) { autoTagMap := tagItem.TagTranslatorMap autoTagSlice := []string{} diff --git a/server/querier/engine/clickhouse/tag/description.go b/server/querier/engine/clickhouse/tag/description.go index 88fdb210011..4eafce7f8ad 100644 --- a/server/querier/engine/clickhouse/tag/description.go +++ b/server/querier/engine/clickhouse/tag/description.go @@ -56,7 +56,7 @@ var AUTO_CUSTOM_TAG_MAP = map[string][]string{} var AUTO_CUSTOM_TAG_CHECK_MAP = map[string][]string{} var tagNativeTagDB = []string{ckcommon.DB_NAME_EXT_METRICS, ckcommon.DB_NAME_DEEPFLOW_ADMIN, ckcommon.DB_NAME_DEEPFLOW_TENANT, ckcommon.DB_NAME_PROFILE, ckcommon.DB_NAME_PROMETHEUS} -var noCustomTagTable = []string{"traffic_policy", "l4_packet", "l7_packet", "alert_event"} +var noCustomTagTable = []string{"traffic_policy", "l4_packet", "l7_packet", ckcommon.TABLE_NAME_ALERT_EVENT, ckcommon.TABLE_NAME_ALERT_RECORD} var noCustomTagDB = []string{ckcommon.DB_NAME_DEEPFLOW_ADMIN, ckcommon.DB_NAME_DEEPFLOW_TENANT} var tagTypeToOperators = map[string][]string{ @@ -775,7 +775,7 @@ func GetStaticTagDescriptions(db, table string) (response *common.Result, err er tagName, tagName + "_0", tagName + "_1", tagDisplayName, tagDisplayName, tagDisplayName, "auto_custom_tag", "Custom Tag", []string{}, []bool{true, true, true}, AutoCustomTag.Description, AutoCustomTag.Description, AutoCustomTag.Description, AutoCustomTag.TagFields, false, []string{}, "", }) - } else if table == "alert_event" { + } else if table == ckcommon.TABLE_NAME_ALERT_EVENT || table == ckcommon.TABLE_NAME_ALERT_RECORD { response.Values = append(response.Values, []interface{}{ tagName, tagName + "_0", tagName + "_1", tagDisplayName, tagDisplayName, tagDisplayName, "auto_custom_tag", "Custom Tag", []string{}, []bool{true, true, true}, AutoCustomTag.Description, AutoCustomTag.Description, AutoCustomTag.Description, AutoCustomTag.TagFields, false, []string{"select", "group"}, "", @@ -990,7 +990,7 @@ func GetDynamicTagDescriptions(db, table, rawSql, queryCacheTTL, orgID string, u externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table FROM flow_tag.prometheus_custom_field WHERE field_type='tag' AND (%s) GROUP BY tag_name, table ORDER BY tag_name ASC LIMIT %s", whereSql, limit) } else if table == "" { externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table FROM flow_tag.%s_custom_field WHERE field_type='tag' AND (%s) GROUP BY tag_name, table ORDER BY tag_name ASC LIMIT %s", db, whereSql, limit) - } else if table == "alert_event" { + } else if table == ckcommon.TABLE_NAME_ALERT_EVENT || table == ckcommon.TABLE_NAME_ALERT_RECORD { externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table, field_type FROM flow_tag.%s_custom_field WHERE table='%s' AND field_type in ('tag', 'custom_tag') AND (%s) GROUP BY tag_name, table, field_type ORDER BY tag_name ASC LIMIT %s", db, table, whereSql, limit) } else { externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table FROM flow_tag.%s_custom_field WHERE table='%s' AND field_type='tag' AND (%s) GROUP BY tag_name, table ORDER BY tag_name ASC LIMIT %s", db, table, whereSql, limit) @@ -1000,7 +1000,7 @@ func GetDynamicTagDescriptions(db, table, rawSql, queryCacheTTL, orgID string, u externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table FROM flow_tag.prometheus_custom_field WHERE field_type='tag' GROUP BY tag_name, table ORDER BY tag_name ASC LIMIT %s", limit) } else if table == "" { externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table FROM flow_tag.%s_custom_field WHERE field_type='tag' GROUP BY tag_name, table ORDER BY tag_name ASC LIMIT %s", db, limit) - } else if table == "alert_event" { + } else if table == ckcommon.TABLE_NAME_ALERT_EVENT || table == ckcommon.TABLE_NAME_ALERT_RECORD { externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table, field_type FROM flow_tag.%s_custom_field WHERE table='%s' AND field_type in ('tag', 'custom_tag') GROUP BY tag_name, table, field_type ORDER BY tag_name ASC LIMIT %s", db, table, limit) } else { externalSql = fmt.Sprintf("SELECT field_name AS tag_name, table FROM flow_tag.%s_custom_field WHERE table='%s' AND field_type='tag' GROUP BY tag_name, table ORDER BY tag_name ASC LIMIT %s", db, table, limit) @@ -1023,7 +1023,7 @@ func GetDynamicTagDescriptions(db, table, rawSql, queryCacheTTL, orgID string, u externalTag, externalTag, externalTag, externalTag, externalTag, externalTag, "map_item", "Native Tag", tagTypeToOperators["string"], []bool{true, true, true}, externalTag, externalTag, externalTag, "", false, notSupportOperator, tableName, }) - } else if table == "alert_event" { + } else if table == ckcommon.TABLE_NAME_ALERT_EVENT || table == ckcommon.TABLE_NAME_ALERT_RECORD { externalTag := tagName.(string) var categoryValue string fieldType := _tagName.([]interface{})[2] @@ -1097,7 +1097,7 @@ func GetDynamicMetric(db, table, metric string) (response *common.Result) { }, Values: []interface{}{}, } - if table == "alert_event" { + if table == ckcommon.TABLE_NAME_ALERT_EVENT || table == ckcommon.TABLE_NAME_ALERT_RECORD { return } @@ -1175,7 +1175,7 @@ func GetTagDescriptions(db, table, rawSql, queryCacheTTL, orgID string, useQuery if err != nil { return } - if table == "alert_event" { + if table == ckcommon.TABLE_NAME_ALERT_EVENT || table == ckcommon.TABLE_NAME_ALERT_RECORD { return GetAlertEventTagDescriptions(staticResponse, dynamicResponse) } response.Values = append(response.Values, staticResponse.Values...) @@ -1383,7 +1383,7 @@ func GetTagValues(db, table, sql, queryCacheTTL, orgID, language string, useQuer DB: db, Table: table, TagName: tag, }] if !ok { - if table == "alert_event" { + if table == ckcommon.TABLE_NAME_ALERT_EVENT || table == ckcommon.TABLE_NAME_ALERT_RECORD { return nil, sqlList, nil } else { return nil, sqlList, errors.New(fmt.Sprintf("no tag %s in %s.%s", tag, db, table)) diff --git a/server/querier/engine/clickhouse/tag/tag.go b/server/querier/engine/clickhouse/tag/tag.go index 8b280d2c91c..1dcee4c10c5 100644 --- a/server/querier/engine/clickhouse/tag/tag.go +++ b/server/querier/engine/clickhouse/tag/tag.go @@ -18,6 +18,8 @@ package tag import ( "strings" + + "github.com/deepflowio/deepflow/server/querier/engine/clickhouse/common" ) type Tag struct { @@ -44,7 +46,7 @@ func GetTag(name, db, table, function string) (*Tag, bool) { tag, ok := TagResoureMap[name][function] if db == "flow_tag" { tag, ok = FlowTagResourceMap[name][function] - } else if table == "alert_event" { + } else if table == common.TABLE_NAME_ALERT_EVENT || table == common.TABLE_NAME_ALERT_RECORD { tag, ok = AlarmEventResourceMap[name][function] } // Avoid return nil diff --git a/server/querier/engine/clickhouse/tag/translation.go b/server/querier/engine/clickhouse/tag/translation.go index 198d7aee49d..c3400b2941f 100644 --- a/server/querier/engine/clickhouse/tag/translation.go +++ b/server/querier/engine/clickhouse/tag/translation.go @@ -64,7 +64,7 @@ var INT_ENUM_TAG = []string{ "close_type", "eth_type", "signal_source", "is_ipv4", "l7_ip_protocol", "type", "l7_protocol", "protocol", "response_status", "server_port", "status", "capture_nic_type", "tunnel_tier", "tunnel_type", "instance_type", "nat_source", "role", "event_level", "policy_level", - "policy_app_type", "is_tls", "is_async", "is_reversed", "severity_number", "file_type", + "policy_app_type", "is_tls", "is_async", "is_reversed", "severity_number", "file_type", "state", } var INT_ENUM_PEER_TAG = []string{"tcp_flags_bit", "auto_instance_type", "auto_service_type"} var STRING_ENUM_TAG = []string{"observation_point", "event_type", "profile_language_type"} @@ -2258,6 +2258,17 @@ func GenerateAlarmEventTagResoureMap() map[string]map[string]*Tag { ), } + // enum(state) + tagResourceMap["state"] = map[string]*Tag{ + "enum": NewTag( + "dictGetOrDefault('flow_tag.int_enum_map', '%s', ('%s',toUInt64(state)), state)", + "", + "toUInt64(state) GLOBAL IN (SELECT value FROM flow_tag.int_enum_map WHERE %s %s %s and tag_name='%s')", + "toUInt64(state) GLOBAL IN (SELECT value FROM flow_tag.int_enum_map WHERE %s(%s,%s) and tag_name='%s')", + "state", + ), + } + //enum(policy_type) tagResourceMap["policy_type"] = map[string]*Tag{ "enum": NewTag(