Skip to content

Commit

Permalink
Update dashboards
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrewkroh
andrewkroh committed Jul 30, 2020
1 parent a08f376 commit ba6346c
Show file tree
Hide file tree
Showing 23 changed files with 384 additions and 116 deletions.
Binary file modified packages/suricata/img/filebeat-suricata-alerts.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/suricata/img/filebeat-suricata-events.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
51 changes: 36 additions & 15 deletions packages/suricata/kibana/dashboard/05268ee0-86d1-11e8-b59d-21efb914e65c-ecs.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,24 @@
"i": "1",
"w": 23,
"x": 0,
"y": 0
"y": 4
},
"panelIndex": "1",
"panelRefName": "panel_0",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
"gridData": {
"h": 22,
"h": 26,
"i": "2",
"w": 25,
"x": 23,
"y": 0
},
"panelIndex": "2",
"panelRefName": "panel_1",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -52,11 +52,11 @@
"i": "3",
"w": 48,
"x": 0,
"y": 37
"y": 41
},
"panelIndex": "3",
"panelRefName": "panel_2",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {
Expand All @@ -71,11 +71,11 @@
"i": "4",
"w": 23,
"x": 0,
"y": 22
"y": 26
},
"panelIndex": "4",
"panelRefName": "panel_3",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {
Expand All @@ -90,11 +90,11 @@
"i": "5",
"w": 25,
"x": 23,
"y": 22
"y": 26
},
"panelIndex": "5",
"panelRefName": "panel_4",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -103,11 +103,11 @@
"i": "7",
"w": 12,
"x": 11,
"y": 10
"y": 14
},
"panelIndex": "7",
"panelRefName": "panel_5",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -116,21 +116,37 @@
"i": "8",
"w": 11,
"x": 0,
"y": 10
"y": 14
},
"panelIndex": "8",
"panelRefName": "panel_6",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
"gridData": {
"h": 4,
"i": "e86b7f30-96da-4f52-9ff0-cefcaadcc914",
"w": 23,
"x": 0,
"y": 0
},
"panelIndex": "e86b7f30-96da-4f52-9ff0-cefcaadcc914",
"panelRefName": "panel_7",
"version": "7.9.0-SNAPSHOT"
}
],
"timeRestore": false,
"title": "[Logs Suricata] Alert Overview ECS",
"title": "[Logs Suricata] Alert Overview",
"version": 1
},
"id": "05268ee0-86d1-11e8-b59d-21efb914e65c-ecs",
"migrationVersion": {
"dashboard": "7.3.0"
},
"namespaces": [
"default"
],
"references": [
{
"id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs",
Expand Down Expand Up @@ -166,6 +182,11 @@
"id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs",
"name": "panel_6",
"type": "visualization"
},
{
"id": "908e8c90-d296-11ea-90e3-8767fe7ccf14",
"name": "panel_7",
"type": "visualization"
}
],
"type": "dashboard"
Expand Down
79 changes: 60 additions & 19 deletions packages/suricata/kibana/dashboard/78289c40-86da-11e8-b59d-21efb914e65c-ecs.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,11 +26,11 @@
"i": "1",
"w": 48,
"x": 0,
"y": 0
"y": 4
},
"panelIndex": "1",
"panelRefName": "panel_0",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -39,11 +39,11 @@
"i": "2",
"w": 9,
"x": 0,
"y": 20
"y": 24
},
"panelIndex": "2",
"panelRefName": "panel_1",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -52,11 +52,11 @@
"i": "3",
"w": 11,
"x": 19,
"y": 20
"y": 24
},
"panelIndex": "3",
"panelRefName": "panel_2",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -65,11 +65,11 @@
"i": "4",
"w": 48,
"x": 0,
"y": 10
"y": 14
},
"panelIndex": "4",
"panelRefName": "panel_3",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -78,11 +78,11 @@
"i": "5",
"w": 48,
"x": 0,
"y": 34
"y": 38
},
"panelIndex": "5",
"panelRefName": "panel_4",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -91,11 +91,11 @@
"i": "6",
"w": 9,
"x": 30,
"y": 20
"y": 24
},
"panelIndex": "6",
"panelRefName": "panel_5",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -104,11 +104,11 @@
"i": "7",
"w": 9,
"x": 39,
"y": 20
"y": 24
},
"panelIndex": "7",
"panelRefName": "panel_6",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -117,11 +117,11 @@
"i": "8",
"w": 10,
"x": 9,
"y": 20
"y": 24
},
"panelIndex": "8",
"panelRefName": "panel_7",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
Expand All @@ -130,21 +130,52 @@
"i": "9",
"w": 48,
"x": 0,
"y": 53
"y": 57
},
"panelIndex": "9",
"panelRefName": "panel_8",
"version": "7.3.0"
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {
"title": ""
},
"gridData": {
"h": 4,
"i": "78f64fb8-a6ed-4960-a73b-a8c42c40f799",
"w": 24,
"x": 0,
"y": 0
},
"panelIndex": "78f64fb8-a6ed-4960-a73b-a8c42c40f799",
"panelRefName": "panel_9",
"version": "7.9.0-SNAPSHOT"
},
{
"embeddableConfig": {},
"gridData": {
"h": 4,
"i": "63e14057-b48b-48fe-b3e2-84f7690d60e8",
"w": 24,
"x": 24,
"y": 0
},
"panelIndex": "63e14057-b48b-48fe-b3e2-84f7690d60e8",
"panelRefName": "panel_10",
"version": "7.9.0-SNAPSHOT"
}
],
"timeRestore": false,
"title": "[Logs Suricata] Events Overview ECS",
"title": "[Logs Suricata] Events Overview",
"version": 1
},
"id": "78289c40-86da-11e8-b59d-21efb914e65c-ecs",
"migrationVersion": {
"dashboard": "7.3.0"
},
"namespaces": [
"default"
],
"references": [
{
"id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs",
Expand Down Expand Up @@ -190,6 +221,16 @@
"id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs",
"name": "panel_8",
"type": "search"
},
{
"id": "908e8c90-d296-11ea-90e3-8767fe7ccf14",
"name": "panel_9",
"type": "visualization"
},
{
"id": "169c0600-d297-11ea-90e3-8767fe7ccf14",
"name": "panel_10",
"type": "visualization"
}
],
"type": "dashboard"
Expand Down
23 changes: 10 additions & 13 deletions packages/suricata/kibana/search/13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
"attributes": {
"columns": [
"host.name",
"suricata.eve.event_type",
"suricata.eve.flow_id",
"network.transport",
"source.ip",
Expand All @@ -25,21 +24,16 @@
"alias": null,
"disabled": false,
"indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index",
"key": "suricata.eve.event_type",
"negate": true,
"key": "event.kind",
"negate": false,
"params": {
"query": "stats",
"type": "phrase"
"query": "event"
},
"type": "phrase",
"value": "stats"
"type": "phrase"
},
"query": {
"match": {
"suricata.eve.event_type": {
"query": "stats",
"type": "phrase"
}
"match_phrase": {
"event.kind": "event"
}
}
},
Expand Down Expand Up @@ -78,13 +72,16 @@
"desc"
]
],
"title": "Events [Logs Suricata] ECS",
"title": "Events [Logs Suricata]",
"version": 1
},
"id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs",
"migrationVersion": {
"search": "7.4.0"
},
"namespaces": [
"default"
],
"references": [
{
"id": "logs-*",
Expand Down
Loading

0 comments on commit ba6346c

Please sign in to comment.