Skip to content

Commit

Permalink
Add require_attention to all alert families on SQLite. Cleanup SQLite…
Browse files Browse the repository at this point in the history 
… schema
  • Loading branch information
@cardigliano
cardigliano committed Nov 11, 2024
1 parent 2da5925 commit 6f9d069
Show file tree
Hide file tree
Showing 4 changed files with 126 additions and 103 deletions.
195 changes: 108 additions & 87 deletions httpdocs/misc/alert_store_schema.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,14 @@ CREATE TABLE IF NOT EXISTS `active_monitoring_alerts` (
`description` TEXT NULL,
`json` TEXT NULL,
`user_label` TEXT NULL, -- A label that can be set by the user
`user_label_tstamp` DATETIME NULL DEFAULT 0 -- Timestamp of the last user_label change
`user_label_tstamp` DATETIME NULL DEFAULT 0, -- Timestamp of the last user_label change
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `active_monitoring_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `active_monitoring_alerts` ADD `require_attention` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `am_alerts_i_id` ON `active_monitoring_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `am_alerts_i_alert_status` ON `active_monitoring_alerts`(alert_status);
CREATE INDEX IF NOT EXISTS `am_alerts_i_severity` ON `active_monitoring_alerts`(severity);
Expand Down Expand Up @@ -75,7 +80,34 @@ CREATE TABLE IF NOT EXISTS `flow_alerts` (
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `flow_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `output_snmp` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `input_snmp` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `probe_ip` TEXT NULL;
@
ALTER TABLE `flow_alerts` ADD `cli_location` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `srv_location` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `info` TEXT NULL;
@
ALTER TABLE `flow_alerts` ADD `cli_host_pool_id` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `srv_host_pool_id` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `cli_network` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `srv_network` INTEGER NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `flow_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `flow_alerts_i_id` ON `flow_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `flow_alerts_i_alert_status` ON `flow_alerts`(alert_status);
CREATE INDEX IF NOT EXISTS `flow_alerts_i_severity` ON `flow_alerts`(severity);
Expand Down Expand Up @@ -119,7 +151,20 @@ CREATE TABLE IF NOT EXISTS `host_alerts` (
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `host_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `host_pool_id` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `network` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `country` TEXT NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `host_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `host_alerts_i_id` ON `host_alerts`(`alert_id`);
CREATE INDEX IF NOT EXISTS `host_alerts_i_alert_status` ON `host_alerts`(`alert_status`);
CREATE INDEX IF NOT EXISTS `host_alerts_i_severity` ON `host_alerts`(`severity`);
Expand Down Expand Up @@ -155,9 +200,17 @@ CREATE TABLE IF NOT EXISTS `mac_alerts` (
`description` TEXT NULL,
`json` TEXT NULL,
`user_label` TEXT NULL,
`user_label_tstamp` DATETIME NULL DEFAULT 0
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `mac_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `mac_alerts` ADD `alert_category` INTEGER NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `mac_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `mac_alerts_i_id` ON `mac_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `mac_alerts_i_alert_status` ON `mac_alerts`(alert_status);
CREATE INDEX IF NOT EXISTS `mac_alerts_i_severity` ON `mac_alerts`(severity);
Expand Down Expand Up @@ -189,9 +242,17 @@ CREATE TABLE IF NOT EXISTS `snmp_alerts` (
`description` TEXT NULL,
`json` TEXT NULL,
`user_label` TEXT NULL,
`user_label_tstamp` DATETIME NULL DEFAULT 0
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `snmp_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `snmp_alerts` ADD `alert_category` INTEGER NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `snmp_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `snmp_alerts_i_id` ON `snmp_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `snmp_alerts_i_alert_status` ON `snmp_alerts`(alert_status);
CREATE INDEX IF NOT EXISTS `snmp_alerts_i_severity` ON `snmp_alerts`(severity);
Expand Down Expand Up @@ -220,9 +281,17 @@ CREATE TABLE IF NOT EXISTS `network_alerts` (
`description` TEXT NULL,
`json` TEXT NULL,
`user_label` TEXT NULL,
`user_label_tstamp` DATETIME NULL DEFAULT 0
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `network_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `network_alerts` ADD `alert_category` INTEGER NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `network_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `network_alerts_i_id` ON `network_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `network_alerts_i_severity` ON `network_alerts`(severity);
CREATE INDEX IF NOT EXISTS `network_alerts_i_tstamp` ON `network_alerts`(tstamp);
Expand Down Expand Up @@ -251,9 +320,17 @@ CREATE TABLE IF NOT EXISTS `interface_alerts` (
`description` TEXT NULL,
`json` TEXT NULL,
`user_label` TEXT NULL,
`user_label_tstamp` DATETIME NULL DEFAULT 0
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `interface_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `interface_alerts` ADD `alert_category` INTEGER NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `interface_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `interface_alerts_i_id` ON `interface_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `interface_alerts_i_severity` ON `interface_alerts`(severity);
CREATE INDEX IF NOT EXISTS `interface_alerts_i_tstamp` ON `interface_alerts`(tstamp);
Expand All @@ -279,9 +356,17 @@ CREATE TABLE IF NOT EXISTS `user_alerts` (
`description` TEXT NULL,
`json` TEXT NULL,
`user_label` TEXT NULL,
`user_label_tstamp` DATETIME NULL DEFAULT 0
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

@
ALTER TABLE `user_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `user_alerts` ADD `alert_category` INTEGER NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `user_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `user_alerts_i_id` ON `user_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `user_alerts_i_severity` ON `user_alerts`(severity);
CREATE INDEX IF NOT EXISTS `user_alerts_i_tstamp` ON `user_alerts`(tstamp);
Expand All @@ -307,85 +392,21 @@ CREATE TABLE IF NOT EXISTS `system_alerts` (
`description` TEXT NULL,
`json` TEXT NULL,
`user_label` TEXT NULL,
`user_label_tstamp` DATETIME NULL DEFAULT 0
`user_label_tstamp` DATETIME NULL DEFAULT 0,
`require_attention` INTEGER NULL DEFAULT 0
);

CREATE INDEX IF NOT EXISTS `system_alerts_i_id` ON `system_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `system_alerts_i_severity` ON `system_alerts`(severity);
CREATE INDEX IF NOT EXISTS `system_alerts_i_tstamp` ON `system_alerts`(tstamp);
CREATE INDEX IF NOT EXISTS `system_alerts_i_alert_status` ON `system_alerts`(alert_status);

/* NOTE: add new ALTER TABLE statements before any pre existing ALTER TABLE statement,
* this because SQLite does not support IF NOT EXISTS on ALTER TABLE, thus they will fail
* on the second execution, preventing any subsequent statement to be executed. */

@

ALTER TABLE `flow_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `active_monitoring_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `mac_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `snmp_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `network_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `interface_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `user_alerts` ADD `alert_category` INTEGER NULL;
ALTER TABLE `system_alerts` ADD `require_attention` INTEGER NULL;
@
ALTER TABLE `system_alerts` ADD `alert_category` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `output_snmp` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `input_snmp` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `probe_ip` TEXT NULL;
@
ALTER TABLE `flow_alerts` ADD `cli_location` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `srv_location` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `info` TEXT NULL;
@
ALTER TABLE `flow_alerts` ADD `cli_host_pool_id` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `srv_host_pool_id` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `cli_network` INTEGER NULL;
@
ALTER TABLE `flow_alerts` ADD `srv_network` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `host_pool_id` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `network` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `country` TEXT NULL;
@
-- New field not present in the original table added for compatibility reasons but not used by SQLite
-- IMPORTANT: leave them at the end and remove in future versions and update SQLiteAlertStore::openStore()
ALTER TABLE `flow_alerts` ADD `interface_id` INTEGER NULL;
@
ALTER TABLE `host_alerts` ADD `interface_id` INTEGER NULL;
@
ALTER TABLE `mac_alerts` ADD `interface_id` INTEGER NULL;
@
ALTER TABLE `snmp_alerts` ADD `interface_id` INTEGER NULL;
@
ALTER TABLE `network_alerts` ADD `interface_id` INTEGER NULL;
@
ALTER TABLE `interface_alerts` ADD `interface_id` INTEGER NULL;
@
ALTER TABLE `user_alerts` ADD `interface_id` INTEGER NULL;
@
-- Added for compatibility reasons but not used by SQLite
ALTER TABLE `system_alerts` ADD `interface_id` INTEGER NULL;
@
CREATE INDEX IF NOT EXISTS `system_alerts_i_id` ON `system_alerts`(alert_id);
CREATE INDEX IF NOT EXISTS `system_alerts_i_severity` ON `system_alerts`(severity);
CREATE INDEX IF NOT EXISTS `system_alerts_i_tstamp` ON `system_alerts`(tstamp);
CREATE INDEX IF NOT EXISTS `system_alerts_i_alert_status` ON `system_alerts`(alert_status);

@

Expand Down
18 changes: 9 additions & 9 deletions httpdocs/misc/alert_view_store_schema.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,22 +4,22 @@
-- -----------------------------------------------------
DROP VIEW IF EXISTS `all_alerts`;
CREATE VIEW IF NOT EXISTS `all_alerts` AS
SELECT 8 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `active_monitoring_alerts`
SELECT 8 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `active_monitoring_alerts`
UNION ALL
SELECT 4 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `flow_alerts`
SELECT 4 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `flow_alerts`
UNION ALL
SELECT 1 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `host_alerts`
SELECT 1 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `host_alerts`
UNION ALL
SELECT 5 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `mac_alerts`
SELECT 5 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `mac_alerts`
UNION ALL
SELECT 3 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `snmp_alerts`
SELECT 3 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `snmp_alerts`
UNION ALL
SELECT 2 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `network_alerts`
SELECT 2 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `network_alerts`
UNION ALL
SELECT 0 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `interface_alerts`
SELECT 0 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `interface_alerts`
UNION ALL
SELECT 7 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `user_alerts`
SELECT 7 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `user_alerts`
UNION ALL
SELECT 9 entity_id, interface_id, alert_id, alert_status, tstamp, tstamp_end, severity, score FROM `system_alerts`
SELECT 9 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score FROM `system_alerts`
;

14 changes: 7 additions & 7 deletions httpdocs/misc/db_schema_clickhouse.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -517,23 +517,23 @@ ALTER TABLE `system_alerts` ADD COLUMN IF NOT EXISTS alert_category UInt8;
DROP VIEW IF EXISTS `all_alerts_view`;
@
CREATE VIEW IF NOT EXISTS `all_alerts_view` AS
SELECT 8 entity_id, interface_id, alert_id, alert_status, true AS require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `active_monitoring_alerts`
SELECT 8 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `active_monitoring_alerts`
UNION ALL
SELECT 4 entity_id, INTERFACE_ID AS interface_id, STATUS AS alert_id, ALERT_STATUS AS alert_status, REQUIRE_ATTENTION AS require_attention, FIRST_SEEN AS tstamp, LAST_SEEN AS tstamp_end, SEVERITY AS severity, SCORE AS score, ALERT_CATEGORY AS alert_category FROM `flows` WHERE (STATUS != 0 AND IS_ALERT_DELETED != 1)
UNION ALL
SELECT 1 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `host_alerts`
UNION ALL
SELECT 5 entity_id, interface_id, alert_id, alert_status, true AS require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `mac_alerts`
SELECT 5 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `mac_alerts`
UNION ALL
SELECT 3 entity_id, interface_id, alert_id, alert_status, true AS require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `snmp_alerts`
SELECT 3 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `snmp_alerts`
UNION ALL
SELECT 2 entity_id, interface_id, alert_id, alert_status, true AS require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `network_alerts`
SELECT 2 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `network_alerts`
UNION ALL
SELECT 0 entity_id, interface_id, alert_id, alert_status, true AS require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `interface_alerts`
SELECT 0 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `interface_alerts`
UNION ALL
SELECT 7 entity_id, interface_id, alert_id, alert_status, true AS require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `user_alerts`
SELECT 7 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `user_alerts`
UNION ALL
SELECT 9 entity_id, interface_id, alert_id, alert_status, true AS require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `system_alerts`
SELECT 9 entity_id, interface_id, alert_id, alert_status, require_attention, tstamp, tstamp_end, severity, score, alert_category FROM `system_alerts`
;

@
Expand Down
2 changes: 2 additions & 0 deletions scripts/lua/modules/alerts_api.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -362,6 +362,7 @@ function alerts_api.trigger(entity_info, type_info, when, cur_alerts)

triggered.ifid = ifid
triggered.action = "engage"
triggered.require_attention = true

-- Emit the notification only if the notification hasn't already been emitted.
-- This is to avoid alert storms when ntopng is restarted. Indeeed,
Expand Down Expand Up @@ -450,6 +451,7 @@ function alerts_api.release(entity_info, type_info, when, cur_alerts)

released.ifid = ifid
released.action = "release"
triggered.require_attention = true

addAlertPoolAndNetworkInfo(entity_info, released)

Expand Down

0 comments on commit 6f9d069

Please sign in to comment.