netsampler-goflow2/compose/kcg/clickhouse/create.sh

#!/bin/bash
set -e

clickhouse client -n <<-EOSQL

    CREATE DATABASE IF NOT EXISTS dictionaries;

    CREATE DICTIONARY IF NOT EXISTS dictionaries.protocols (
        proto UInt8,
        name String,
        description String
    )
    PRIMARY KEY proto
    LAYOUT(FLAT())
    SOURCE (FILE(path '/var/lib/clickhouse/user_files/protocols.csv' format 'CSVWithNames'))
    LIFETIME(3600);

    CREATE TABLE IF NOT EXISTS flows
    (
        time_received_ns UInt64,
        time_flow_start_ns UInt64,

        sequence_num UInt32,
        sampling_rate UInt64,
        sampler_address FixedString(16),

        src_addr FixedString(16),
        dst_addr FixedString(16),

        src_as UInt32,
        dst_as UInt32,

        etype UInt32,
        proto UInt32,

        src_port UInt32,
        dst_port UInt32,

        bytes UInt64,
        packets UInt64
    ) ENGINE = Kafka()
    SETTINGS
        kafka_broker_list = 'kafka:9092',
        kafka_topic_list = 'flows',
        kafka_group_name = 'clickhouse',
        kafka_format = 'Protobuf',
        kafka_schema = 'flow.proto:FlowMessage';

    CREATE TABLE IF NOT EXISTS flows_raw
    (
        date Date,
        time_inserted_ns DateTime64(9),
        time_received_ns DateTime64(9),
        time_flow_start_ns DateTime64(9),

        sequence_num UInt32,
        sampling_rate UInt64,
        sampler_address FixedString(16),

        src_addr FixedString(16),
        dst_addr FixedString(16),

        src_as UInt32,
        dst_as UInt32,

        etype UInt32,
        proto UInt32,

        src_port UInt32,
        dst_port UInt32,

        bytes UInt64,
        packets UInt64
    ) ENGINE = MergeTree()
    PARTITION BY date
    ORDER BY time_received_ns;

    CREATE MATERIALIZED VIEW IF NOT EXISTS flows_raw_view TO flows_raw
    AS SELECT
        toDate(time_received_ns) AS date,
        now() AS time_inserted_ns,
        toDateTime64(time_received_ns/1000000000, 9) AS time_received_ns,
        toDateTime64(time_flow_start_ns/1000000000, 9) AS time_flow_start_ns,
        sequence_num,
        sampling_rate,
        sampler_address,

        src_addr,
        dst_addr,

        src_as,
        dst_as,

        etype,
        proto,

        src_port,
        dst_port,

        bytes,
        packets
       FROM flows;

    CREATE TABLE IF NOT EXISTS flows_5m
    (
        date Date,
        timeslot DateTime,

        src_as UInt32,
        dst_as UInt32,

        etypeMap Nested (
            etype UInt32,
            bytes UInt64,
            packets UInt64,
            count UInt64
        ),

        bytes UInt64,
        packets UInt64,
        count UInt64
    ) ENGINE = SummingMergeTree()
    PARTITION BY date
    ORDER BY (date, timeslot, src_as, dst_as, \`etypeMap.etype\`);

    CREATE MATERIALIZED VIEW IF NOT EXISTS flows_5m_view TO flows_5m
    AS
        SELECT
            date,
            toStartOfFiveMinute(time_received_ns) AS timeslot,
            src_as,
            dst_as,

            [etype] AS \`etypeMap.etype\`,
            [bytes] AS \`etypeMap.bytes\`,
            [packets] AS \`etypeMap.packets\`,
            [count] AS \`etypeMap.count\`,

            sum(bytes) AS bytes,
            sum(packets) AS packets,
            count() AS count

        FROM flows_raw
        GROUP BY date, timeslot, src_as, dst_as, \`etypeMap.etype\`;

EOSQL
init 2021-05-22 16:12:26 -07:00			`#!/bin/bash`
			`set -e`

			`clickhouse client -n <<-EOSQL`

Fixing clickhouse startup after restart 2021-08-02 15:33:41 +03:00			`CREATE DATABASE IF NOT EXISTS dictionaries;`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00
Fixing clickhouse startup after restart 2021-08-02 15:33:41 +03:00			`CREATE DICTIONARY IF NOT EXISTS dictionaries.protocols (`
init 2021-05-22 16:12:26 -07:00			`proto UInt8,`
			`name String,`
			`description String`
			`)`
			`PRIMARY KEY proto`
			`LAYOUT(FLAT())`
			`SOURCE (FILE(path '/var/lib/clickhouse/user_files/protocols.csv' format 'CSVWithNames'))`
			`LIFETIME(3600);`

			`CREATE TABLE IF NOT EXISTS flows`
			`(`
refactor: v2 (#150) 2023-08-09 19:47:20 -07:00			`time_received_ns UInt64,`
			`time_flow_start_ns UInt64,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`sequence_num UInt32,`
			`sampling_rate UInt64,`
			`sampler_address FixedString(16),`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_addr FixedString(16),`
			`dst_addr FixedString(16),`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_as UInt32,`
			`dst_as UInt32,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`etype UInt32,`
			`proto UInt32,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_port UInt32,`
			`dst_port UInt32,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`bytes UInt64,`
			`packets UInt64`
init 2021-05-22 16:12:26 -07:00			`) ENGINE = Kafka()`
			`SETTINGS`
			`kafka_broker_list = 'kafka:9092',`
			`kafka_topic_list = 'flows',`
			`kafka_group_name = 'clickhouse',`
			`kafka_format = 'Protobuf',`
Compose: updating ClickHouse and Grafana versions (#126) * Fix bug with ClickHouse SQL configuration loading protobuf * Add official ClickHouse datasource to Grafana 2022-10-08 08:26:03 -07:00			`kafka_schema = 'flow.proto:FlowMessage';`
init 2021-05-22 16:12:26 -07:00
			`CREATE TABLE IF NOT EXISTS flows_raw`
			`(`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`date Date,`
refactor: v2 (#150) 2023-08-09 19:47:20 -07:00			`time_inserted_ns DateTime64(9),`
			`time_received_ns DateTime64(9),`
			`time_flow_start_ns DateTime64(9),`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`sequence_num UInt32,`
			`sampling_rate UInt64,`
			`sampler_address FixedString(16),`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_addr FixedString(16),`
			`dst_addr FixedString(16),`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_as UInt32,`
			`dst_as UInt32,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`etype UInt32,`
			`proto UInt32,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_port UInt32,`
			`dst_port UInt32,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`bytes UInt64,`
			`packets UInt64`
init 2021-05-22 16:12:26 -07:00			`) ENGINE = MergeTree()`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`PARTITION BY date`
refactor: v2 (#150) 2023-08-09 19:47:20 -07:00			`ORDER BY time_received_ns;`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`CREATE MATERIALIZED VIEW IF NOT EXISTS flows_raw_view TO flows_raw`
init 2021-05-22 16:12:26 -07:00			`AS SELECT`
refactor: v2 (#150) 2023-08-09 19:47:20 -07:00			`toDate(time_received_ns) AS date,`
			`now() AS time_inserted_ns,`
			`toDateTime64(time_received_ns/1000000000, 9) AS time_received_ns,`
			`toDateTime64(time_flow_start_ns/1000000000, 9) AS time_flow_start_ns,`
			`sequence_num,`
			`sampling_rate,`
			`sampler_address,`

			`src_addr,`
			`dst_addr,`

			`src_as,`
			`dst_as,`

			`etype,`
			`proto,`

			`src_port,`
			`dst_port,`

			`bytes,`
			`packets`
init 2021-05-22 16:12:26 -07:00			`FROM flows;`

			`CREATE TABLE IF NOT EXISTS flows_5m`
			`(`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`date Date,`
			`timeslot DateTime,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_as UInt32,`
			`dst_as UInt32,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`etypeMap Nested (`
			`etype UInt32,`
			`bytes UInt64,`
			`packets UInt64,`
			`count UInt64`
init 2021-05-22 16:12:26 -07:00			`),`

compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`bytes UInt64,`
			`packets UInt64,`
			`count UInt64`
init 2021-05-22 16:12:26 -07:00			`) ENGINE = SummingMergeTree()`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`PARTITION BY date`
			ORDER BY (date, timeslot, src_as, dst_as, \`etypeMap.etype\`);
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`CREATE MATERIALIZED VIEW IF NOT EXISTS flows_5m_view TO flows_5m`
init 2021-05-22 16:12:26 -07:00			`AS`
			`SELECT`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`date,`
refactor: v2 (#150) 2023-08-09 19:47:20 -07:00			`toStartOfFiveMinute(time_received_ns) AS timeslot,`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`src_as,`
			`dst_as,`
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			[etype] AS \`etypeMap.etype\`,
			[bytes] AS \`etypeMap.bytes\`,
			[packets] AS \`etypeMap.packets\`,
			[count] AS \`etypeMap.count\`,
init 2021-05-22 16:12:26 -07:00
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			`sum(bytes) AS bytes,`
			`sum(packets) AS packets,`
			`count() AS count`
init 2021-05-22 16:12:26 -07:00
			`FROM flows_raw`
compose: update Clickhouse schema to match casing of proto (#133) This commit resolves an issue with the mapping between the ClickHouse schema and the flow.proto schema. In 3326554, the casing of the proto fields was updated, but the ClickHouse column names were not also updated, resulting in the ClickHouse Kafka engine only being able to successfully deserialize fields that without an underscore. Also updates the provisioned dashboards. Versions of the tools are also updated. Co-authored-by: lspgn <lspgn@users.noreply.github.com> 2023-03-06 23:39:33 -05:00			GROUP BY date, timeslot, src_as, dst_as, \`etypeMap.etype\`;

Fixing clickhouse startup after restart 2021-08-02 15:33:41 +03:00			`EOSQL`