tum
/
soc


			
				
					
						
						
							1234567
							{"type":"index-pattern","id":"wazuh-alerts-fortigate-pattern","attributes":{"title":"wazuh-alerts-*","timeFieldName":"@timestamp"}}
{"type":"visualization","id":"fortigate-sim-events-over-time","attributes":{"title":"FortiGate Sim Events Over Time","visState":"{\"title\":\"FortiGate Sim Events Over Time\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"legendPosition\":\"right\",\"scale\":\"linear\",\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"drop_partials\":false,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"data.devname\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}","uiStateJSON":"{}","description":"Count of FortiGate simulation alerts over time split by device","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"decoder.name:fortigate-firewall-v5\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}},"references":[{"name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern","id":"wazuh-alerts-fortigate-pattern"}]}
{"type":"visualization","id":"fortigate-sim-top-models","attributes":{"title":"FortiGate Sim Top Devices","visState":"{\"title\":\"FortiGate Sim Top Devices\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"data.devname\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}","uiStateJSON":"{}","description":"Distribution of simulated FortiGate logs by device","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"decoder.name:fortigate-firewall-v5\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}},"references":[{"name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern","id":"wazuh-alerts-fortigate-pattern"}]}
{"type":"visualization","id":"fortigate-sim-top-event-types","attributes":{"title":"FortiGate Sim Top Event Types","visState":"{\"title\":\"FortiGate Sim Top Event Types\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"data.logid\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}","uiStateJSON":"{}","description":"Top simulated FortiGate event types","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"decoder.name:fortigate-firewall-v5\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}},"references":[{"name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern","id":"wazuh-alerts-fortigate-pattern"}]}
{"type":"visualization","id":"fortigate-sim-severity","attributes":{"title":"FortiGate Sim Severity Distribution","visState":"{\"title\":\"FortiGate Sim Severity Distribution\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"rule.level\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}","uiStateJSON":"{}","description":"Severity levels for FortiGate simulation alerts","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"decoder.name:fortigate-firewall-v5\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}},"references":[{"name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern","id":"wazuh-alerts-fortigate-pattern"}]}
{"type":"dashboard","id":"fortigate-sim-overview","attributes":{"title":"SOC FortiGate Simulation Overview","hits":0,"description":"Dashboard for simulated FortiGate logs sent by SOC test scripts","panelsJSON":"[{\"type\":\"visualization\",\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":15,\"i\":\"1\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_1\"},{\"type\":\"visualization\",\"panelIndex\":\"2\",\"gridData\":{\"x\":0,\"y\":15,\"w\":16,\"h\":15,\"i\":\"2\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_2\"},{\"type\":\"visualization\",\"panelIndex\":\"3\",\"gridData\":{\"x\":16,\"y\":15,\"w\":16,\"h\":15,\"i\":\"3\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_3\"},{\"type\":\"visualization\",\"panelIndex\":\"4\",\"gridData\":{\"x\":32,\"y\":15,\"w\":16,\"h\":15,\"i\":\"4\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_4\"}]","optionsJSON":"{\"useMargins\":true,\"hidePanelTitles\":false}","version":1,"timeRestore":false,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"}},"references":[{"name":"panel_1","type":"visualization","id":"fortigate-sim-events-over-time"},{"name":"panel_2","type":"visualization","id":"fortigate-sim-top-models"},{"name":"panel_3","type":"visualization","id":"fortigate-sim-top-event-types"},{"name":"panel_4","type":"visualization","id":"fortigate-sim-severity"}]}