{ "cells": [ { "cell_type": "markdown", "id": "10fed33d-be68-4c1b-a045-30f853f1e6a5", "metadata": {}, "source": [ "# Query Audit Log via Jupyter and Trino\n", "\n", "Also see: \n", "- https://grafana.com/grafana/dashboards/22292-vast-audit-dashboard/" ] }, { "cell_type": "code", "execution_count": 1, "id": "d3c30da6-abce-4090-80e7-452dbb55529e", "metadata": {}, "outputs": [], "source": [ "import urllib3\n", "\n", "urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)" ] }, { "cell_type": "code", "execution_count": 2, "id": "c8c3b38b-d3d6-4ac6-a99c-31bb43285f24", "metadata": {}, "outputs": [], "source": [ "%load_ext sql" ] }, { "cell_type": "code", "execution_count": 3, "id": "4f29846f-d23d-429a-bab2-5ba51d58593b", "metadata": {}, "outputs": [ { "data": { "text/html": [ "Connecting to 'trino://admin@10.143.11.241:8443/vast'" ], "text/plain": [ "Connecting to 'trino://admin@10.143.11.241:8443/vast'" ] }, "metadata": {}, "output_type": "display_data" } ], "source": [ "%sql trino://admin@${DOCKER_HOST_OR_IP}:8443/vast --connection_arguments '{\"http_scheme\":\"https\", \"verify\": false}'" ] }, { "cell_type": "code", "execution_count": 4, "id": "8f63070f-016d-41b7-af8b-43cc3eb3507b", "metadata": {}, "outputs": [ { "data": { "text/html": [ "Running query in 'trino://admin@10.143.11.241:8443/vast'" ], "text/plain": [ "Running query in 'trino://admin@10.143.11.241:8443/vast'" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": [ "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
cluster_namecnode_nametimeclient_ipcluster_viptenantprotocolrpc_typeview_pathlogin_nameuidsids3_access_keysstatusnfs3_required_permissionsnfs3_granted_permissionsnfs_link_namenfs_link_pathrename_pathrename_namenfs_rpc_sub_typesnfs_symlinknfs4_required_accessnfs4_granted_accessnfs4_ftypes3_used_access_keys3_request_idconnection_types3_bucket_names3_multipart_upload_ids3_version_ids3_version_phandles3_source_objectsmb_ads_namesmb_create_actionsmb_create_optionsmb_create_dispositionsmb_delete_on_closesmb_info_typesmb_info_classsmb_rename_structnum_opsnum_bytestime_str
selab-var-204cnode-3-142024-12-09 16:46:00.743450172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405380490835875HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1112502024-12-09T16:46:00.743Z
selab-var-204cnode-3-142024-12-09 16:46:00.742352172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405380490835873HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1109572024-12-09T16:46:00.742Z
selab-var-204cnode-3-142024-12-09 16:46:00.739602172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405380490835871HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1125622024-12-09T16:46:00.739Z
selab-var-204cnode-3-142024-12-09 16:46:00.738498172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405380490835869HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1128612024-12-09T16:46:00.738Z
selab-var-204cnode-3-142024-12-09 16:46:00.738013172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405586649568943HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1104052024-12-09T16:46:00.738Z
selab-var-204cnode-3-142024-12-09 16:46:00.737418172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405861528663718HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1492162024-12-09T16:46:00.737Z
selab-var-204cnode-3-142024-12-09 16:46:00.737001172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405243051779696HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1492162024-12-09T16:46:00.737Z
selab-var-204cnode-3-142024-12-09 16:46:00.736670172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405243051779698HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1492162024-12-09T16:46:00.736Z
selab-var-204cnode-3-142024-12-09 16:46:00.736654172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405174332226281HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1492162024-12-09T16:46:00.736Z
selab-var-204cnode-3-142024-12-09 16:46:00.736553172.200.12.241172.200.204.2defaultS3GET_OBJECT/csnow-bucketchris.snow@selab.vastdata.com5102None['Y5101AQQTB1PUAEKQXN5', '', '', '']SuccessNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneNoneY5101AQQTB1PUAEKQXN5405724088776494HTTPcsnow-bucketNone-1NoneNoneNoneNoneNoneNoneNoneNoneNoneNone1492162024-12-09T16:46:00.736Z
\n", "Truncated to displaylimit of 10." ], "text/plain": [ "+---------------+------------+----------------------------+----------------+---------------+---------+----------+------------+---------------+-------------------------------+------+------+--------------------------------------+---------+---------------------------+--------------------------+---------------+---------------+-------------+-------------+-------------------+-------------+----------------------+---------------------+------------+----------------------+-----------------+-----------------+----------------+------------------------+---------------+--------------------+------------------+--------------+-------------------+-------------------+------------------------+---------------------+---------------+----------------+-------------------+---------+-----------+--------------------------+\n", "| cluster_name | cnode_name | time | client_ip | cluster_vip | tenant | protocol | rpc_type | view_path | login_name | uid | sid | s3_access_keys | status | nfs3_required_permissions | nfs3_granted_permissions | nfs_link_name | nfs_link_path | rename_path | rename_name | nfs_rpc_sub_types | nfs_symlink | nfs4_required_access | nfs4_granted_access | nfs4_ftype | s3_used_access_key | s3_request_id | connection_type | s3_bucket_name | s3_multipart_upload_id | s3_version_id | s3_version_phandle | s3_source_object | smb_ads_name | smb_create_action | smb_create_option | smb_create_disposition | smb_delete_on_close | smb_info_type | smb_info_class | smb_rename_struct | num_ops | num_bytes | time_str |\n", "+---------------+------------+----------------------------+----------------+---------------+---------+----------+------------+---------------+-------------------------------+------+------+--------------------------------------+---------+---------------------------+--------------------------+---------------+---------------+-------------+-------------+-------------------+-------------+----------------------+---------------------+------------+----------------------+-----------------+-----------------+----------------+------------------------+---------------+--------------------+------------------+--------------+-------------------+-------------------+------------------------+---------------------+---------------+----------------+-------------------+---------+-----------+--------------------------+\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.743450 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405380490835875 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 11250 | 2024-12-09T16:46:00.743Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.742352 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405380490835873 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 10957 | 2024-12-09T16:46:00.742Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.739602 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405380490835871 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 12562 | 2024-12-09T16:46:00.739Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.738498 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405380490835869 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 12861 | 2024-12-09T16:46:00.738Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.738013 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405586649568943 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 10405 | 2024-12-09T16:46:00.738Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.737418 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405861528663718 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 49216 | 2024-12-09T16:46:00.737Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.737001 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405243051779696 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 49216 | 2024-12-09T16:46:00.737Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.736670 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405243051779698 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 49216 | 2024-12-09T16:46:00.736Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.736654 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405174332226281 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 49216 | 2024-12-09T16:46:00.736Z |\n", "| selab-var-204 | cnode-3-14 | 2024-12-09 16:46:00.736553 | 172.200.12.241 | 172.200.204.2 | default | S3 | GET_OBJECT | /csnow-bucket | chris.snow@selab.vastdata.com | 5102 | None | ['Y5101AQQTB1PUAEKQXN5', '', '', ''] | Success | None | None | None | None | None | None | None | None | None | None | None | Y5101AQQTB1PUAEKQXN5 | 405724088776494 | HTTP | csnow-bucket | None | -1 | None | None | None | None | None | None | None | None | None | None | 1 | 49216 | 2024-12-09T16:46:00.736Z |\n", "+---------------+------------+----------------------------+----------------+---------------+---------+----------+------------+---------------+-------------------------------+------+------+--------------------------------------+---------+---------------------------+--------------------------+---------------+---------------+-------------+-------------+-------------------+-------------+----------------------+---------------------+------------+----------------------+-----------------+-----------------+----------------+------------------------+---------------+--------------------+------------------+--------------+-------------------+-------------------+------------------------+---------------------+---------------+----------------+-------------------+---------+-----------+--------------------------+\n", "Truncated to displaylimit of 10." ] }, "execution_count": 4, "metadata": {}, "output_type": "execute_result" } ], "source": [ "%%sql\n", "\n", "SELECT\n", " cluster_name,\n", " cnode_name,\n", " time,\n", " client_ip,\n", " cluster_vip,\n", " tenant,\n", " protocol,\n", " rpc_type,\n", " --path, -- this field causes a jupyter error\n", " view_path,\n", " --name, -- this field causes a jupyter error\n", " login_name,\n", " uid,\n", " sid,\n", " s3_access_keys,\n", " status,\n", " nfs3_required_permissions,\n", " nfs3_granted_permissions,\n", " nfs_link_name,\n", " nfs_link_path,\n", " rename_path,\n", " rename_name,\n", " nfs_rpc_sub_types,\n", " nfs_symlink,\n", " nfs4_required_access,\n", " nfs4_granted_access,\n", " nfs4_ftype,\n", " s3_used_access_key,\n", " s3_request_id,\n", " connection_type,\n", " s3_bucket_name,\n", " s3_multipart_upload_id,\n", " s3_version_id,\n", " s3_version_phandle,\n", " s3_source_object,\n", " smb_ads_name,\n", " smb_create_action,\n", " smb_create_option,\n", " smb_create_disposition,\n", " smb_delete_on_close,\n", " smb_info_type,\n", " smb_info_class,\n", " smb_rename_struct,\n", " num_ops,\n", " num_bytes,\n", " time_str\n", "FROM \n", " \"vast-audit-log-bucket|vast_audit_log_schema\".vast_audit_log_table\n", "WHERE\n", " view_path like '/csnow%' \n", " and protocol <> 'NDB'\n", "ORDER BY\n", " time DESC\n", "LIMIT 10" ] }, { "cell_type": "markdown", "id": "de764274-9832-4cf4-8545-fab94bfec718", "metadata": {}, "source": [ "## Using a Dataframe\n", "\n", "Sometime we just need a pandas dataframe" ] }, { "cell_type": "code", "execution_count": 5, "id": "a3269097-49cf-4e59-b11c-facd9e3d5795", "metadata": {}, "outputs": [ { "data": { "text/html": [ "Running query in 'trino://admin@10.143.11.241:8443/vast'" ], "text/plain": [ "Running query in 'trino://admin@10.143.11.241:8443/vast'" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
cluster_namecnode_nametimeclient_ipcluster_viptenantprotocolrpc_typepathview_path...smb_create_actionsmb_create_optionsmb_create_dispositionsmb_delete_on_closesmb_info_typesmb_info_classsmb_rename_structnum_opsnum_bytestime_str
0selab-var-204cnode-3-142024-12-09 10:36:21.180570172.200.12.241172.200.204.2defaultS3PUT_OBJECT(path: '/csnow-bucket/iceberg/twitter_data-24c.../csnow-bucket...NoneNoneNoneNoneNoneNoneNone102024-12-09T10:36:21.180Z
1selab-var-204cnode-3-142024-12-09 10:36:21.235536172.200.12.241172.200.204.2defaultS3GET_OBJECT(path: '/csnow-bucket/iceberg/twitter_data-24c.../csnow-bucket...NoneNoneNoneNoneNoneNoneNone141252024-12-09T10:36:21.235Z
2selab-var-204cnode-3-142024-12-09 10:36:21.328924172.200.12.241172.200.204.2defaultS3PUT_OBJECT(path: '/csnow-bucket/iceberg/twitter_data-24c.../csnow-bucket...NoneNoneNoneNoneNoneNoneNone102024-12-09T10:36:21.328Z
3selab-var-204cnode-3-142024-12-09 10:36:21.975770172.200.12.241172.200.204.2defaultS3GET_OBJECT(path: '/csnow-bucket/iceberg/twitter_data-24c.../csnow-bucket...NoneNoneNoneNoneNoneNoneNone120442024-12-09T10:36:21.975Z
4selab-var-204cnode-3-142024-12-09 10:36:23.221401172.200.12.241172.200.204.2defaultS3GET_OBJECT(path: '/csnow-bucket/iceberg/twitter_data-24c.../csnow-bucket...NoneNoneNoneNoneNoneNoneNone120442024-12-09T10:36:23.221Z
..................................................................
95selab-var-204cnode-3-142024-12-09 11:28:17.698808172.200.12.241172.200.204.2defaultNDBQUERY_DATA(path: '/vast-big-catalog-bucket/vast_big_cata.../vast-big-catalog-bucket...NoneNoneNoneNoneNoneNoneNone102024-12-09T11:28:17.698Z
96selab-var-204cnode-3-142024-12-09 11:28:17.722494172.200.12.241172.200.204.2defaultNDBQUERY_DATA(path: '/vast-big-catalog-bucket/vast_big_cata.../vast-big-catalog-bucket...NoneNoneNoneNoneNoneNoneNone102024-12-09T11:28:17.722Z
97selab-var-204cnode-3-142024-12-09 11:28:17.740095172.200.12.241172.200.204.2defaultNDBQUERY_DATA(path: '/vast-big-catalog-bucket/vast_big_cata.../vast-big-catalog-bucket...NoneNoneNoneNoneNoneNoneNone102024-12-09T11:28:17.740Z
98selab-var-204cnode-3-142024-12-09 11:28:17.789647172.200.12.241172.200.204.2defaultNDBQUERY_DATA(path: '/vast-big-catalog-bucket/vast_big_cata.../vast-big-catalog-bucket...NoneNoneNoneNoneNoneNoneNone102024-12-09T11:28:17.789Z
99selab-var-204cnode-3-142024-12-09 11:28:17.828693172.200.12.241172.200.204.2defaultNDBQUERY_DATA(path: '/vast-big-catalog-bucket/vast_big_cata.../vast-big-catalog-bucket...NoneNoneNoneNoneNoneNoneNone102024-12-09T11:28:17.828Z
\n", "

100 rows × 46 columns

\n", "
" ], "text/plain": [ " cluster_name cnode_name time client_ip \\\n", "0 selab-var-204 cnode-3-14 2024-12-09 10:36:21.180570 172.200.12.241 \n", "1 selab-var-204 cnode-3-14 2024-12-09 10:36:21.235536 172.200.12.241 \n", "2 selab-var-204 cnode-3-14 2024-12-09 10:36:21.328924 172.200.12.241 \n", "3 selab-var-204 cnode-3-14 2024-12-09 10:36:21.975770 172.200.12.241 \n", "4 selab-var-204 cnode-3-14 2024-12-09 10:36:23.221401 172.200.12.241 \n", ".. ... ... ... ... \n", "95 selab-var-204 cnode-3-14 2024-12-09 11:28:17.698808 172.200.12.241 \n", "96 selab-var-204 cnode-3-14 2024-12-09 11:28:17.722494 172.200.12.241 \n", "97 selab-var-204 cnode-3-14 2024-12-09 11:28:17.740095 172.200.12.241 \n", "98 selab-var-204 cnode-3-14 2024-12-09 11:28:17.789647 172.200.12.241 \n", "99 selab-var-204 cnode-3-14 2024-12-09 11:28:17.828693 172.200.12.241 \n", "\n", " cluster_vip tenant protocol rpc_type \\\n", "0 172.200.204.2 default S3 PUT_OBJECT \n", "1 172.200.204.2 default S3 GET_OBJECT \n", "2 172.200.204.2 default S3 PUT_OBJECT \n", "3 172.200.204.2 default S3 GET_OBJECT \n", "4 172.200.204.2 default S3 GET_OBJECT \n", ".. ... ... ... ... \n", "95 172.200.204.2 default NDB QUERY_DATA \n", "96 172.200.204.2 default NDB QUERY_DATA \n", "97 172.200.204.2 default NDB QUERY_DATA \n", "98 172.200.204.2 default NDB QUERY_DATA \n", "99 172.200.204.2 default NDB QUERY_DATA \n", "\n", " path \\\n", "0 (path: '/csnow-bucket/iceberg/twitter_data-24c... \n", "1 (path: '/csnow-bucket/iceberg/twitter_data-24c... \n", "2 (path: '/csnow-bucket/iceberg/twitter_data-24c... \n", "3 (path: '/csnow-bucket/iceberg/twitter_data-24c... \n", "4 (path: '/csnow-bucket/iceberg/twitter_data-24c... \n", ".. ... \n", "95 (path: '/vast-big-catalog-bucket/vast_big_cata... \n", "96 (path: '/vast-big-catalog-bucket/vast_big_cata... \n", "97 (path: '/vast-big-catalog-bucket/vast_big_cata... \n", "98 (path: '/vast-big-catalog-bucket/vast_big_cata... \n", "99 (path: '/vast-big-catalog-bucket/vast_big_cata... \n", "\n", " view_path ... smb_create_action smb_create_option \\\n", "0 /csnow-bucket ... None None \n", "1 /csnow-bucket ... None None \n", "2 /csnow-bucket ... None None \n", "3 /csnow-bucket ... None None \n", "4 /csnow-bucket ... None None \n", ".. ... ... ... ... \n", "95 /vast-big-catalog-bucket ... None None \n", "96 /vast-big-catalog-bucket ... None None \n", "97 /vast-big-catalog-bucket ... None None \n", "98 /vast-big-catalog-bucket ... None None \n", "99 /vast-big-catalog-bucket ... None None \n", "\n", " smb_create_disposition smb_delete_on_close smb_info_type smb_info_class \\\n", "0 None None None None \n", "1 None None None None \n", "2 None None None None \n", "3 None None None None \n", "4 None None None None \n", ".. ... ... ... ... \n", "95 None None None None \n", "96 None None None None \n", "97 None None None None \n", "98 None None None None \n", "99 None None None None \n", "\n", " smb_rename_struct num_ops num_bytes time_str \n", "0 None 1 0 2024-12-09T10:36:21.180Z \n", "1 None 1 4125 2024-12-09T10:36:21.235Z \n", "2 None 1 0 2024-12-09T10:36:21.328Z \n", "3 None 1 2044 2024-12-09T10:36:21.975Z \n", "4 None 1 2044 2024-12-09T10:36:23.221Z \n", ".. ... ... ... ... \n", "95 None 1 0 2024-12-09T11:28:17.698Z \n", "96 None 1 0 2024-12-09T11:28:17.722Z \n", "97 None 1 0 2024-12-09T11:28:17.740Z \n", "98 None 1 0 2024-12-09T11:28:17.789Z \n", "99 None 1 0 2024-12-09T11:28:17.828Z \n", "\n", "[100 rows x 46 columns]" ] }, "execution_count": 5, "metadata": {}, "output_type": "execute_result" } ], "source": [ "%config SqlMagic.autopandas = True\n", "df = %sql SELECT * FROM \"vast-audit-log-bucket|vast_audit_log_schema\".vast_audit_log_table LIMIT 100\n", "df" ] }, { "cell_type": "code", "execution_count": null, "id": "81863300-3b7b-46e2-b0af-892ddb410df2", "metadata": {}, "outputs": [], "source": [] } ], "metadata": { "kernelspec": { "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" }, "language_info": { "codemirror_mode": { "name": "ipython", "version": 3 }, "file_extension": ".py", "mimetype": "text/x-python", "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.11.10" } }, "nbformat": 4, "nbformat_minor": 5 }