-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: YANGDB <yang.db.dev@gmail.com>
- Loading branch information
Showing
7 changed files
with
93 additions
and
99 deletions.
There are no files selected for viewing
41 changes: 0 additions & 41 deletions
41
integrations/observability/aws_elb/assets/tables/aws_elb_s3_mv_index-1.0.0.sql
This file was deleted.
Oops, something went wrong.
40 changes: 0 additions & 40 deletions
40
integrations/observability/aws_elb/assets/tables/aws_elb_s3_table-1.0.0.sql
This file was deleted.
Oops, something went wrong.
41 changes: 41 additions & 0 deletions
41
integrations/observability/aws_elb/assets/tables/create_mv_elb-1.0.0.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
CREATE MATERIALIZED VIEW {table_name}_mview AS | ||
SELECT | ||
type as `aws.elb.elb_type`, | ||
time as `@timestamp`, | ||
elb as `aws.elb.elb_name`, | ||
split_part (client_ip, ':', 1) as `communication.source.ip`, | ||
split_part (client_ip, ':', 2) as `communication.source.port`, | ||
split_part (target_ip, ':', 1) as `communication.destination.ip`, | ||
split_part (target_ip, ':', 2) as `communication.destination.port`, | ||
request_processing_time as `aws.elb.request_processing_time`, | ||
target_processing_time as `aws.elb.target_processing_time`, | ||
response_processing_time as `aws.elb.response_processing_time`, | ||
elb_status_code as `http.response.status_code`, | ||
target_status_code as `aws.elb.target_status_code`, | ||
received_bytes as `aws.elb.received_bytes`, | ||
sent_bytes as `aws.elb.sent_bytes`, | ||
split_part (request, ' ', 1) as `http.request.method`, | ||
split_part (request, ' ', 2) as `url.full`, | ||
parse_url (split_part (request, ' ', 2), 'HOST') as `url.domain`, | ||
parse_url (split_part (request, ' ', 2), 'PATH') as `url.path`, | ||
split_part (request, ' ', 3) as `url.schema`, | ||
request AS `http.request.body.content`, | ||
user_agent as `http.user_agent.original`, | ||
user_agent as `http.user_agent.name`, | ||
ssl_cipher as `aws.elb.ssl_cipher`, | ||
ssl_protocol as `aws.elb.ssl_protocol`, | ||
split_part (target_group_arn, ':', 4) as `cloud.region`, | ||
split_part (target_group_arn, ':', 5) as `cloud.account.id`, | ||
trace_id as `traceId`, | ||
chosen_cert_arn as `aws.elb.chosen_cert_arn`, | ||
matched_rule_priority as `aws.elb.matched_rule_priority`, | ||
request_creation_time as `aws.elb.request_creation_time`, | ||
actions_executed as `aws.elb.actions_executed`, | ||
redirect_url as `aws.elb.redirect_url`, | ||
lambda_error_reason as `aws.elb.lambda_error_reason`, | ||
target_port_list as `aws.elb.target_port_list`, | ||
target_status_code_list as `aws.elb.target_status_code_list`, | ||
classification as `aws.elb.classification`, | ||
classification_reason as `aws.elb.classification_reason` | ||
FROM | ||
{table_name}; |
36 changes: 36 additions & 0 deletions
36
integrations/observability/aws_elb/assets/tables/create_table_elb-1.0.0.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
CREATE EXTERNAL TABLE IF NOT EXISTS {table_name} ( | ||
type string, | ||
time timestamp, | ||
elb string, | ||
client_ip string, | ||
target_ip string, | ||
request_processing_time double, | ||
target_processing_time double, | ||
response_processing_time double, | ||
elb_status_code int, | ||
target_status_code string, | ||
received_bytes bigint, | ||
sent_bytes bigint, | ||
request string, | ||
user_agent string, | ||
ssl_cipher string, | ||
ssl_protocol string, | ||
target_group_arn string, | ||
trace_id string, | ||
domain_name string, | ||
chosen_cert_arn string, | ||
matched_rule_priority string, | ||
request_creation_time timestamp, | ||
actions_executed string, | ||
redirect_url string, | ||
lambda_error_reason string, | ||
target_port_list string, | ||
target_status_code_list string, | ||
classification string, | ||
classification_reason string | ||
) | ||
USING csv | ||
LOCATION '{s3_bucket_location}' | ||
OPTIONS ( | ||
sep=' ' | ||
); |
1 change: 1 addition & 0 deletions
1
integrations/observability/aws_elb/assets/tables/refresh_mv_elb-1.0.0.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
REFRESH MATERIALIZED VIEW {table_name}_mview; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters