Merge pull request #89 from YANG-DB/nginx-integration-flint-s3

add nginx flint-s3 based integration support
opensearch-project · Oct 31, 2023 · 4691ec8 · 4691ec8
2 parents 63f40aa + d2d6309
commit 4691ec8
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 1 deletion.
diff --git a/integrations/observability/nginx/assets/tables/create_mv_nginx-1.0.0.sql b/integrations/observability/nginx/assets/tables/create_mv_nginx-1.0.0.sql
@@ -0,0 +1,10 @@
+CREATE MATERIALIZED VIEW {table_name}_mview AS
+SELECT
+    to_timestamp(trim(BOTH '[]' FROM concat(time_local_1, ' ', time_local_2)), 'dd/MMM/yyyy:HH:mm:ss Z') AS `@timestamp`,
+    split_part (request, ' ', 1) as `http.request.method`,
+    split_part (request, ' ', 2) as `http.url`,
+    split_part (request, ' ', 3) as `http.flavor`,
+    status AS `http.response.status_code`,
+    body_bytes_sent AS `http.response.bytes`,
+    'nginx.access' AS `event.domain`
+FROM {table_name}
diff --git a/integrations/observability/nginx/assets/tables/create_table_ngine-1.0.0.sql b/integrations/observability/nginx/assets/tables/create_table_ngine-1.0.0.sql
@@ -0,0 +1,18 @@
+CREATE EXTERNAL TABLE {table_name} (
+  remote_addr STRING,
+  empty_col STRING,
+  remote_user STRING,
+  time_local_1 STRING,
+  time_local_2 STRING,
+  request STRING,
+  status INT,
+  body_bytes_sent INT,
+  http_referer STRING,
+  http_user_agent STRING,
+  gzip_ratio STRING
+) USING csv
+LOCATION '{s3_bucket_location}'
+OPTIONS (
+  sep=' ',
+  nullValue='-'
+)
diff --git a/integrations/observability/nginx/assets/tables/refresh_mv_nginx-1.0.0.sql b/integrations/observability/nginx/assets/tables/refresh_mv_nginx-1.0.0.sql
@@ -0,0 +1 @@
+REFRESH MATERIALIZED VIEW {table_name}_mview;
diff --git a/integrations/observability/nginx/nginx-1.0.0.json b/integrations/observability/nginx/nginx-1.0.0.json
@@ -6,7 +6,7 @@
   "license": "Apache-2.0",
   "type-alias": "logs-nginx",
   "type": "logs",
-  "labels": ["log", "http", "communication"],
+  "labels": ["log", "http", "communication","Flint S3"],
   "author": "OpenSearch",
   "sourceUrl": "https://github.com/opensearch-project/opensearch-catalog/integrations/observability/nginx/info",
   "statics": {
@@ -36,6 +36,23 @@
     }
   ],
   "assets": {
+    "tables": [
+      {
+        "name": "create_table_nginx",
+        "version": "1.0.0",
+        "language": "sql"
+      },
+      {
+        "name": "create_mv_nginx",
+        "version": "1.0.0",
+        "language": "sql"
+      },
+      {
+        "name": "refresh_mv_nginx",
+        "version": "1.0.0",
+        "language": "sql"
+      }
+    ],
     "savedObjects": {
       "name": "nginx",
       "version": "1.0.0"