Начало Каталог Помощ
Вход
tum
/
soc
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Ревизии 34 Версии 0 Уики

Няма описание

Клон: main
Клонове Маркери
soc
/
scripts
/
events
/
wazuh-propos...

wazuh-proposal-required-dashboard.ndjson 5.5KB
Постоянна връзка История Директен файл

123456 
  1. {"type": "visualization", "id": "proposal-required-events-over-time", "attributes": {"title": "Proposal Required Logs - Events Over Time", "visState": "{\"title\":\"Proposal Required Logs - Events Over Time\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"legendPosition\":\"right\",\"scale\":\"linear\",\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"drop_partials\":false,\"extended_bounds\":{}}}]}", "uiStateJSON": "{}", "description": "Events generated by proposal-required simulation script", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\": {\"language\": \"kuery\", \"query\": \"rule.groups: soc_prod*\"}, \"filter\": [], \"indexRefName\": \"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}}, "references": [{"name": "kibanaSavedObjectMeta.searchSourceJSON.index", "type": "index-pattern", "id": "wazuh-alerts-*"}]}
    2. 

  2. {"type": "visualization", "id": "proposal-required-top-rules", "attributes": {"title": "Proposal Required Logs - Top Rules", "visState": "{\"title\":\"Proposal Required Logs - Top Rules\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"rule.description\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", "uiStateJSON": "{}", "description": "Most frequent matched rules for proposal-required logs", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\": {\"language\": \"kuery\", \"query\": \"rule.groups: soc_prod*\"}, \"filter\": [], \"indexRefName\": \"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}}, "references": [{"name": "kibanaSavedObjectMeta.searchSourceJSON.index", "type": "index-pattern", "id": "wazuh-alerts-*"}]}
    3. 

  3. {"type": "visualization", "id": "proposal-required-severity", "attributes": {"title": "Proposal Required Logs - Severity", "visState": "{\"title\":\"Proposal Required Logs - Severity\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"rule.level\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", "uiStateJSON": "{}", "description": "Rule severity distribution", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\": {\"language\": \"kuery\", \"query\": \"rule.groups: soc_prod*\"}, \"filter\": [], \"indexRefName\": \"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}}, "references": [{"name": "kibanaSavedObjectMeta.searchSourceJSON.index", "type": "index-pattern", "id": "wazuh-alerts-*"}]}
    4. 

  4. {"type": "visualization", "id": "proposal-required-top-decoders", "attributes": {"title": "Proposal Required Logs - Top Decoders", "visState": "{\"title\":\"Proposal Required Logs - Top Decoders\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"decoder.name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", "uiStateJSON": "{}", "description": "Decoder distribution for proposal-required logs", "version": 1, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\": {\"language\": \"kuery\", \"query\": \"rule.groups: soc_prod*\"}, \"filter\": [], \"indexRefName\": \"kibanaSavedObjectMeta.searchSourceJSON.index\"}"}}, "references": [{"name": "kibanaSavedObjectMeta.searchSourceJSON.index", "type": "index-pattern", "id": "wazuh-alerts-*"}]}
    5. 

  5. {"type": "dashboard", "id": "proposal-required-overview", "attributes": {"title": "SOC Proposal Required Logs Overview", "hits": 0, "description": "Dashboard for scripts/send-wazuh-proposal-required-events.sh", "panelsJSON": "[{\"type\":\"visualization\",\"panelIndex\":\"1\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":15,\"i\":\"1\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_1\"},{\"type\":\"visualization\",\"panelIndex\":\"2\",\"gridData\":{\"x\":0,\"y\":15,\"w\":24,\"h\":15,\"i\":\"2\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_2\"},{\"type\":\"visualization\",\"panelIndex\":\"3\",\"gridData\":{\"x\":24,\"y\":15,\"w\":12,\"h\":15,\"i\":\"3\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_3\"},{\"type\":\"visualization\",\"panelIndex\":\"4\",\"gridData\":{\"x\":36,\"y\":15,\"w\":12,\"h\":15,\"i\":\"4\"},\"version\":\"7.10.0\",\"panelRefName\":\"panel_4\"}]", "optionsJSON": "{\"useMargins\":true,\"hidePanelTitles\":false}", "version": 1, "timeRestore": false, "kibanaSavedObjectMeta": {"searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"}}, "references": [{"name": "panel_1", "type": "visualization", "id": "proposal-required-events-over-time"}, {"name": "panel_2", "type": "visualization", "id": "proposal-required-top-rules"}, {"name": "panel_3", "type": "visualization", "id": "proposal-required-severity"}, {"name": "panel_4", "type": "visualization", "id": "proposal-required-top-decoders"}]}
    6. 

  6.