From 53e8e8f300bd0e58b548f23b2ffaf007dee9b588 Mon Sep 17 00:00:00 2001 From: opc40772 <30729683+opc40772@users.noreply.github.com> Date: Sat, 14 Apr 2018 20:51:08 -0400 Subject: [PATCH] Add files via upload --- .../PFsense Graylog-1523752504984.json | 1264 +++++++++++++++++ 1 file changed, 1264 insertions(+) create mode 100644 pfsense_grafana_dashboard/PFsense Graylog-1523752504984.json diff --git a/pfsense_grafana_dashboard/PFsense Graylog-1523752504984.json b/pfsense_grafana_dashboard/PFsense Graylog-1523752504984.json new file mode 100644 index 0000000..4f4e57a --- /dev/null +++ b/pfsense_grafana_dashboard/PFsense Graylog-1523752504984.json @@ -0,0 +1,1264 @@ +{ + "__inputs": [ + { + "name": "DS_PFSENSE_GRAYLOG", + "label": "Pfsense Graylog", + "description": "", + "type": "datasource", + "pluginId": "elasticsearch", + "pluginName": "Elasticsearch" + } + ], + "__requires": [ + { + "type": "datasource", + "id": "elasticsearch", + "name": "Elasticsearch", + "version": "5.0.0" + }, + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "5.0.3" + }, + { + "type": "panel", + "id": "grafana-piechart-panel", + "name": "Pie Chart", + "version": "1.2.0" + }, + { + "type": "panel", + "id": "grafana-worldmap-panel", + "name": "Worldmap Panel", + "version": "0.0.21" + }, + { + "type": "panel", + "id": "graph", + "name": "Graph", + "version": "5.0.0" + }, + { + "type": "panel", + "id": "savantly-heatmap-panel", + "name": "Heatmap", + "version": "0.2.0" + }, + { + "type": "panel", + "id": "singlestat", + "name": "Singlestat", + "version": "5.0.0" + }, + { + "type": "panel", + "id": "table", + "name": "Table", + "version": "5.0.0" + }, + { + "type": "panel", + "id": "text", + "name": "Text", + "version": "5.0.0" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "id": null, + "iteration": 1523752476189, + "links": [ + { + "asDropdown": true, + "icon": "external link", + "tags": [ + "Elasticsearch" + ], + "title": "Graylog Dashboards", + "type": "dashboards" + } + ], + "panels": [ + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "${DS_PFSENSE_GRAYLOG}", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 13, + "x": 0, + "y": 0 + }, + "id": 18, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "bucketAggs": [ + { + "field": "real_timestamp", + "id": "2", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "target": "", + "timeField": "real_timestamp" + } + ], + "thresholds": "", + "title": "Total Firewall Events", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "total" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "${DS_PFSENSE_GRAYLOG}", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 4, + "w": 7, + "x": 13, + "y": 0 + }, + "id": 8, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "Top ip Block", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "src_ip", + "targets": [ + { + "bucketAggs": [ + { + "fake": true, + "field": "src_ip", + "id": "3", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_count", + "size": "10" + }, + "type": "terms" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "target": "", + "timeField": "real_timestamp" + } + ], + "thresholds": "", + "title": "Top ip Block by $iface", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "avg" + }, + { + "content": "![https://www.sysadminsdecuba.com](https://www.sysadminsdecuba.com/wp-content/uploads/2017/10/cropped-placeholder-medium.png)\n# PFsense Dashboard Logs Analisys .\nDocumentation in [sysadminsdecuba](https://www.sysadminsdecuba.com)\n\nDesing by: Omar Padrón Capote\n\nemail: omar@mpcfg.co.cu", + "gridPos": { + "h": 13, + "w": 4, + "x": 20, + "y": 0 + }, + "id": 16, + "links": [], + "mode": "markdown", + "title": "Credits", + "type": "text" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "fill": 1, + "gridPos": { + "h": 10, + "w": 13, + "x": 0, + "y": 3 + }, + "id": 4, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "hideEmpty": false, + "hideZero": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "bucketAggs": [ + { + "field": "timestamp_graf", + "id": "2", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "timeField": "real_timestamp" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Events by $iface", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": "Cantidad", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "none", + "label": "", + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": {}, + "cacheTimeout": null, + "combine": { + "label": "Others", + "threshold": "" + }, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "fontSize": "80%", + "format": "none", + "gridPos": { + "h": 9, + "w": 7, + "x": 13, + "y": 4 + }, + "id": 2, + "interval": null, + "legend": { + "percentage": true, + "show": true, + "values": true + }, + "legendType": "Right side", + "links": [], + "maxDataPoints": 3, + "nullPointMode": "connected", + "pieType": "pie", + "strokeWidth": "1", + "targets": [ + { + "bucketAggs": [ + { + "fake": true, + "field": "iface", + "id": "3", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_count", + "size": "0" + }, + "type": "terms" + }, + { + "field": "timestamp_graf", + "id": "2", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "timeField": "real_timestamp" + } + ], + "title": "Block by interface $iface", + "type": "grafana-piechart-panel", + "valueName": "total" + }, + { + "circleMaxSize": "30", + "circleMinSize": 2, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "${DS_PFSENSE_GRAYLOG}", + "decimals": 0, + "esGeoPoint": "src_location", + "esLocationName": "src_ip", + "esMetric": "Count", + "gridPos": { + "h": 10, + "w": 13, + "x": 0, + "y": 13 + }, + "height": "", + "hideEmpty": false, + "hideZero": false, + "id": 1, + "initialZoom": "1", + "links": [], + "locationData": "geohash", + "mapCenter": "(0°, 0°)", + "mapCenterLatitude": 0, + "mapCenterLongitude": 0, + "maxDataPoints": 1, + "showLegend": true, + "stickyLabels": false, + "targets": [ + { + "alias": "", + "bucketAggs": [ + { + "fake": true, + "field": "src_ip", + "id": "3", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_count", + "size": "0" + }, + "type": "terms" + }, + { + "field": "src_location", + "id": "2", + "settings": { + "precision": 7 + }, + "type": "geohash_grid" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "timeField": "real_timestamp" + } + ], + "thresholds": "0,10", + "title": "GeoIP Block source ip location by $iface", + "type": "grafana-worldmap-panel", + "unitPlural": "", + "unitSingle": "", + "valueName": "total" + }, + { + "aliasColors": {}, + "cacheTimeout": null, + "combine": { + "label": "Others", + "threshold": 0 + }, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "fontSize": "80%", + "format": "none", + "gridPos": { + "h": 10, + "w": 11, + "x": 13, + "y": 13 + }, + "id": 5, + "interval": null, + "legend": { + "show": true, + "values": true + }, + "legendType": "Right side", + "links": [], + "maxDataPoints": 3, + "nullPointMode": "connected", + "pieType": "pie", + "strokeWidth": 1, + "targets": [ + { + "bucketAggs": [ + { + "fake": true, + "field": "proto", + "id": "3", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_term", + "size": "0" + }, + "type": "terms" + }, + { + "field": "timestamp_graf", + "id": "2", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "timeField": "real_timestamp" + } + ], + "title": "Protocols by interface $iface", + "type": "grafana-piechart-panel", + "valueName": "total" + }, + { + "aliasColors": {}, + "bars": true, + "dashLength": 10, + "dashes": false, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "fill": 1, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 23 + }, + "id": 12, + "legend": { + "alignAsTable": true, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "total": true, + "values": true + }, + "lines": false, + "linewidth": 10, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "", + "bucketAggs": [ + { + "fake": true, + "field": "src_ip_country_code", + "id": "5", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_count", + "size": "10" + }, + "type": "terms" + }, + { + "fake": true, + "field": "timestamp_graf", + "id": "4", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "timeField": "real_timestamp" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Países by $iface", + "tooltip": { + "shared": false, + "sort": 2, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "series", + "name": "@timestamp", + "show": true, + "values": [ + "total" + ] + }, + "yaxes": [ + { + "format": "none", + "label": "Cantidad de Accesos", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "none", + "label": "Paises", + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": {}, + "bars": true, + "dashLength": 10, + "dashes": false, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "fill": 1, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 23 + }, + "id": 3, + "legend": { + "alignAsTable": true, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "total": true, + "values": true + }, + "lines": false, + "linewidth": 10, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "City: {{term src_ip_city_name}}", + "bucketAggs": [ + { + "fake": true, + "field": "src_ip_city_name", + "id": "5", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_count", + "size": "10" + }, + "type": "terms" + }, + { + "fake": true, + "field": "timestamp_graf", + "id": "4", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "timeField": "real_timestamp" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Cities by iface:$iface", + "tooltip": { + "shared": false, + "sort": 2, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "series", + "name": "@timestamp", + "show": false, + "values": [ + "total" + ] + }, + "yaxes": [ + { + "format": "none", + "label": "Cantidad de Accesos", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "none", + "label": "Paises", + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "chartId": "chart_11", + "colors": [ + "rgba(50, 172, 45, 1)", + "rgba(241, 255, 0, 1)", + "rgba(245, 54, 54, 1)" + ], + "datasource": "${DS_PFSENSE_GRAYLOG}", + "format": "none", + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 32 + }, + "id": 11, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": true + }, + "links": [], + "mappingType": 1, + "maxDataPoints": 100, + "nullPointMode": "connected", + "seriesOverrides": [], + "targets": [ + { + "bucketAggs": [ + { + "fake": true, + "field": "PortServiceName", + "id": "3", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_count", + "size": "20" + }, + "type": "terms" + }, + { + "field": "timestamp_graf", + "id": "2", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "target": "", + "timeField": "real_timestamp" + } + ], + "thresholds": "0,10", + "title": "Destination Port by iface:$iface", + "treeMap": { + "aggregationFunction": "sum", + "colorByFunction": "max", + "debug": false, + "depth": 0, + "enableGrouping": true, + "enableTimeBlocks": false, + "groups": [ + { + "key": "server", + "value": "/^.*./g" + } + ], + "ids": [ + "alias" + ], + "mode": "squarify", + "nodeSizeProperty": "value", + "showLegend": true, + "sizeByFunction": "total" + }, + "type": "savantly-heatmap-panel", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ] + }, + { + "aliasColors": {}, + "cacheTimeout": null, + "combine": { + "label": "Others", + "threshold": 0 + }, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "fontSize": "80%", + "format": "none", + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 32 + }, + "id": 9, + "interval": null, + "legend": { + "show": true, + "values": true + }, + "legendType": "Right side", + "links": [], + "maxDataPoints": 3, + "nullPointMode": "connected", + "pieType": "donut", + "strokeWidth": 1, + "targets": [ + { + "alias": "Port: {{PortServiceName}}", + "bucketAggs": [ + { + "fake": true, + "field": "PortServiceName", + "id": "3", + "settings": { + "min_doc_count": 1, + "order": "desc", + "orderBy": "_count", + "size": "10" + }, + "type": "terms" + }, + { + "field": "timestamp_graf", + "id": "2", + "settings": { + "interval": "auto", + "min_doc_count": 0, + "trimEdges": 0 + }, + "type": "date_histogram" + } + ], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "type": "count" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "target": "", + "timeField": "real_timestamp" + } + ], + "title": "Top 10 port Destination Block by $iface", + "type": "grafana-piechart-panel", + "valueName": "total" + }, + { + "columns": [ + { + "text": "real_timestamp", + "value": "real_timestamp" + }, + { + "text": "src_ip", + "value": "src_ip" + }, + { + "text": "src_port_name", + "value": "src_port_name" + }, + { + "text": "dest_ip", + "value": "dest_ip" + }, + { + "text": "PortServiceName", + "value": "PortServiceName" + }, + { + "text": "proto", + "value": "proto" + }, + { + "text": "action", + "value": "action" + } + ], + "datasource": "${DS_PFSENSE_GRAYLOG}", + "filterNull": false, + "fontSize": "90%", + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 41 + }, + "id": 14, + "links": [], + "pageSize": 10, + "scroll": true, + "showHeader": true, + "sort": { + "col": 0, + "desc": true + }, + "styles": [ + { + "dateFormat": "DD/MM/YY h:mm:ss a", + "pattern": "real_timestamp", + "type": "date" + }, + { + "alias": "Destination Port", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "PortServiceName", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "Source Port Name", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "src_port_name", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "Protocol", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "proto", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "decimals": 2, + "pattern": "/.*/", + "thresholds": [], + "type": "number", + "unit": "short" + } + ], + "targets": [ + { + "bucketAggs": [], + "dsType": "elasticsearch", + "metrics": [ + { + "field": "select field", + "id": "1", + "meta": {}, + "settings": { + "size": 1000000 + }, + "type": "raw_document" + } + ], + "query": "iface:$iface AND src_ip:$src_ip", + "refId": "A", + "timeField": "real_timestamp" + } + ], + "title": "Real time logs by iface:$iface", + "transform": "json", + "type": "table" + } + ], + "schemaVersion": 16, + "style": "dark", + "tags": [ + "Elasticsearch", + "Firewall", + "Log Analyzer", + "PFsense" + ], + "templating": { + "list": [ + { + "allValue": "*", + "current": {}, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "hide": 0, + "includeAll": true, + "label": "Interface", + "multi": true, + "name": "iface", + "options": [], + "query": "{\"find\": \"terms\", \"field\":\"iface\",\"size\": \"1000000\" }", + "refresh": 1, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": "*", + "current": {}, + "datasource": "${DS_PFSENSE_GRAYLOG}", + "hide": 0, + "includeAll": true, + "label": "Source IP", + "multi": true, + "name": "src_ip", + "options": [], + "query": "{\"find\": \"terms\", \"field\":\"src_ip\",\"query\":\"iface iface:$iface AND NOT src_ip:200.55.146.65\",\"size\": \"1000000\" }", + "refresh": 1, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "browser", + "title": "PFsense Graylog", + "uid": "000000030", + "version": 45 +} \ No newline at end of file