Skip to content

Commit

Permalink
Correct query schema for ELB mview generation (#1196)
Browse files Browse the repository at this point in the history
(cherry picked from commit be978bf)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
  • Loading branch information
github-actions[bot] committed Oct 27, 2023
1 parent 97f46ba commit 70ab6fc
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 39 deletions.
1 change: 0 additions & 1 deletion public/services/requests/sql.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
import { CoreStart } from '../../../../../src/core/public';
import { DirectQueryRequest } from '../../../common/types/explorer';


export class SQLService {
private http;
constructor(http: CoreStart['http']) {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,38 +1,41 @@
CREATE MATERIALIZED VIEW
{table_name}_mview AS
SELECT
type as `aws.elb.elb_type`,
time as `@timestamp`,
elb as `aws.elb.elb_name`,
split_part(client_ip, ':', 1) as `aws.elb.client.ip`,
split_part(client_ip, ':', 2) as `aws.elb.client.port`,
split_part(target_ip, ':', 1) as `aws.elb.target.ip`,
split_part(target_ip, ':', 2) as `aws.elb.target.port`,
request_processing_time as `aws.elb.request_processing_time`,
target_processing_time as `aws.elb.target_processing_time`,
response_processing_time as `aws.elb.response_processing_time`,
elb_status_code as `aws.elb.elb_status_code`,
target_status_code as `aws.elb.target_status_code`,
received_bytes as `aws.elb.received_bytes`,
sent_bytes as `aws.elb.sent_bytes`,
split_part(request, ' ', 1) as `http.request.method`,
split_part(request, ' ', 2) as `url.full`,
split_part(request, ' ', 3) as `url.schema`,
user_agent as `http.user_agent.name`,
ssl_cipher as `aws.elb.ssl_cipher`,
ssl_protocol as `aws.elb.ssl_protocol`,
target_group_arn as `aws.elb.target_group_arn`,
trace_id as `traceId`,
domain_name as `url.domain`,
chosen_cert_arn as `aws.elb.chosen_cert_arn`,
matched_rule_priority as `aws.elb.matched_rule_priority`,
request_creation_time as `aws.elb.request_creation_time`,
actions_executed as `aws.elb.actions_executed`,
redirect_url as `aws.elb.redirect_url`,
lambda_error_reason as `aws.elb.lambda_error_reason`,
target_port_list as `aws.elb.target_port_list`,
target_status_code_list as `aws.elb.target_status_code_list`,
classification as `aws.elb.classification`,
classification_reason as `aws.elb.classification_reason`
FROM
{table_name};
CREATE MATERIALIZED VIEW {table_name}_mview AS
SELECT
type as `aws.elb.elb_type`,
time as `@timestamp`,
elb as `aws.elb.elb_name`,
split_part (client_ip, ':', 1) as `communication.source.ip`,
split_part (client_ip, ':', 2) as `communication.source.port`,
split_part (target_ip, ':', 1) as `communication.destination.ip`,
split_part (target_ip, ':', 2) as `communication.destination.port`,
request_processing_time as `aws.elb.request_processing_time`,
target_processing_time as `aws.elb.target_processing_time`,
response_processing_time as `aws.elb.response_processing_time`,
elb_status_code as `http.response.status_code`,
target_status_code as `aws.elb.target_status_code`,
received_bytes as `aws.elb.received_bytes`,
sent_bytes as `aws.elb.sent_bytes`,
split_part (request, ' ', 1) as `http.request.method`,
split_part (request, ' ', 2) as `url.full`,
parse_url (split_part (request, ' ', 2), 'HOST') as `url.domain`,
parse_url (split_part (request, ' ', 2), 'PATH') as `url.path`,
split_part (request, ' ', 3) as `url.schema`,
request AS `http.request.body.content`,
user_agent as `http.user_agent.original`,
user_agent as `http.user_agent.name`,
ssl_cipher as `aws.elb.ssl_cipher`,
ssl_protocol as `aws.elb.ssl_protocol`,
split_part (target_group_arn, ':', 4) as `cloud.region`,
split_part (target_group_arn, ':', 5) as `cloud.account.id`,
trace_id as `traceId`,
chosen_cert_arn as `aws.elb.chosen_cert_arn`,
matched_rule_priority as `aws.elb.matched_rule_priority`,
request_creation_time as `aws.elb.request_creation_time`,
actions_executed as `aws.elb.actions_executed`,
redirect_url as `aws.elb.redirect_url`,
lambda_error_reason as `aws.elb.lambda_error_reason`,
target_port_list as `aws.elb.target_port_list`,
target_status_code_list as `aws.elb.target_status_code_list`,
classification as `aws.elb.classification`,
classification_reason as `aws.elb.classification_reason`
FROM
{table_name};

0 comments on commit 70ab6fc

Please sign in to comment.