Doris审计插件的安装

恩慈2年前技术文章1160

插件下载地址:https://doris.apache.org/download

1.安装Doris审计插件

(1)解压 Audit Loader 插件

步骤1. 复制插件文件

cp  /opt/dtstack/Doris/extensions/audit_loader/auditloader.zip

/opt/dtstack/Doris/fe/plugins/

 

步骤2. 进入目录并解压插件包

cd /opt/dtstack/Doris/fe/plugins/

unzip auditloader.zip

 

(2)修改配置

vi plugin.conf

 

配置说明

frontend_host_portFE 节点 IP 地址和 HTTP 端口,格式为 <fe_ip>:<fe_http_port>。 默认值为 127.0.0.1:8030

database:审计日志库名。

audit_log_table:审计日志表名。

slow_log_table:慢查询日志表名。

enable_slow_log:是否开启慢查询日志导入功能。默认值为 false

user:集群用户名。该用户必须具有对应表的 INSERT 权限。

password:集群用户密码。

image.png 

 

(3)重新打包 Audit Loader 插件

zip -r -q -m auditloader.zip auditloader.jar plugin.properties plugin.conf

(4)创建库表

若需开启慢查询日志导入功能,还需要额外创建慢表 doris_slow_log_tbl__,其表结构与 doris_audit_log_tbl__ 一致。其中 dynamic_partition 属性根据自己的需要,选择审计日志保留的天数。

create database doris_audit_db__;

 

create table doris_audit_db__.doris_audit_log_tbl__

(

    query_id varchar(48) comment "Unique query id",

    `time` datetime not null comment "Query start time",

    client_ip varchar(32) comment "Client IP",

    user varchar(64) comment "User name",

    db varchar(96) comment "Database of this query",

    state varchar(8) comment "Query result state. EOF, ERR, OK",

    error_code int comment "Error code of failing query.",

    error_message string comment "Error message of failing query.",

    query_time bigint comment "Query execution time in millisecond",

    scan_bytes bigint comment "Total scan bytes of this query",

    scan_rows bigint comment "Total scan rows of this query",

    return_rows bigint comment "Returned rows of this query",

    stmt_id int comment "An incremental id of statement",

    is_query tinyint comment "Is this statemt a query. 1 or 0",

    frontend_ip varchar(32) comment "Frontend ip of executing this statement",

    cpu_time_ms bigint comment "Total scan cpu time in millisecond of this query",

    sql_hash varchar(48) comment "Hash value for this query",

    sql_digest varchar(48) comment "Sql digest for this query",

    peak_memory_bytes bigint comment "Peak memory bytes used on all backends of this query",

    stmt string comment "The original statement, trimed if longer than 2G"

) engine=OLAP

duplicate key(query_id, `time`, client_ip)

partition by range(`time`) ()

distributed by hash(query_id) buckets 1

properties(

    "dynamic_partition.time_unit" = "DAY",

    "dynamic_partition.start" = "-30",

    "dynamic_partition.end" = "3",

    "dynamic_partition.prefix" = "p",

    "dynamic_partition.buckets" = "1",

    "dynamic_partition.enable" = "true",

    "replication_num" = "3"

);

 

create table doris_audit_db__.doris_slow_log_tbl__

(

    query_id varchar(48) comment "Unique query id",

    `time` datetime not null comment "Query start time",

    client_ip varchar(32) comment "Client IP",

    user varchar(64) comment "User name",

    db varchar(96) comment "Database of this query",

    state varchar(8) comment "Query result state. EOF, ERR, OK",

    error_code int comment "Error code of failing query.",

    error_message string comment "Error message of failing query.",

    query_time bigint comment "Query execution time in millisecond",

    scan_bytes bigint comment "Total scan bytes of this query",

    scan_rows bigint comment "Total scan rows of this query",

    return_rows bigint comment "Returned rows of this query",

    stmt_id int comment "An incremental id of statement",

    is_query tinyint comment "Is this statemt a query. 1 or 0",

    frontend_ip varchar(32) comment "Frontend ip of executing this statement",

    cpu_time_ms bigint comment "Total scan cpu time in millisecond of this query",

    sql_hash varchar(48) comment "Hash value for this query",

    sql_digest varchar(48) comment "Sql digest for this query",

    peak_memory_bytes bigint comment "Peak memory bytes used on all backends of this query",

    stmt string comment "The original statement, trimed if longer than 2G "

) engine=OLAP

duplicate key(query_id, `time`, client_ip)

partition by range(`time`) ()

distributed by hash(query_id) buckets 1

properties(

    "dynamic_partition.time_unit" = "DAY",

    "dynamic_partition.start" = "-30",

    "dynamic_partition.end" = "3",

    "dynamic_partition.prefix" = "p",

    "dynamic_partition.buckets" = "1",

    "dynamic_partition.enable" = "true",

    "replication_num" = "3"

);

(5)部署

步骤1. 拷贝auditloader.zip

将重新打包的zip拷贝到所有 FE /opt/dtstack/Doris/fe/plugins/目录

 

步骤2. 连接FE

mysql -uroot -P9030 -h127.0.0.1

 

步骤3. 执行安装命令

INSTALL PLUGIN FROM /opt/dtstack/Doris/fe/plugins/auditloader.zip


相关文章

Linux系统调优参数应用实践

Linux系统调优参数应用实践

1 基于内存方面的性能参数调优1.1 cache与buffer解读1.1.1 cache出现的原因与功能计算机硬件中CPU、内存、磁盘是最主要的三大部分,其中,CPU发展到今天,执行速度最快,而内存相...

开源大数据集群部署(十一)Ranger 集成Hadoop集群

开源大数据集群部署(十一)Ranger 集成Hadoop集群

1、节点选择部署在两个namenode节点cd /opt/bigdatatar -xzvf ranger-2.3.0-hdfs-plugin.tar.gz -C /opt/cd /opt/ranger...

Ansible部署和使用(sshpass)

Ansible部署和使用(sshpass)

简介Ansible默认通过 SSH 协议管理机器。安装Ansible之后,不需要启动或运行一个后台进程,或是添加一个数据库。只要在一台电脑(可以是一台笔记本)上安装好,就可以通过这台电脑管理一组远程的...

Go 链表的实现

Go 链表的实现

链表是一种物理存储单元上非连续、非顺序的存储结构,数据元素的逻辑顺序是通过链表中的指针链接次序实现的。链表由一系列结点(链表中每一个元素称为结点)组成,结点可以在运行时动态生成。每个结点包括两个部分:...

基于Gitlab和Kubernetes的CI/CD

基于Gitlab和Kubernetes的CI/CD

此套CI/CD流程仅依赖gitlab。runner等组件安装在kubernetes集群中,尽量减少其他依赖,便于维护。依赖介绍gitlab runnergitlab runner用来运行我们的作业并将...

CDH实操--CDH集成Trino(三)

CDH实操--CDH集成Trino(三)

1、将parcel包放到对应下载目录将parcel包放到/var/www/html/trino目录下修改httpd配置文件新增parcel文件类型然后通过命令启动httpd服务:systemctl s...

发表评论    

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。