bmaeuser/pfsense-analytics
1
0
Fork 0
mirror of https://github.com/lephisto/pfsense-analytics.git synced 2025-12-06 04:19:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
063fa65a844a4441a8d436094690ac120fce5bd0
pfsense-analytics/Docker/grafana/provisioning/dashboards/firewall.json
MatthewJSalerno c3d4f73505 Restructured entire repo 
Moved volume mounted files to their own directory
Split docker envs into their own files
2019-11-22 22:04:41 -05:00

1374 lines
32 KiB
JSON
Raw Blame History

{
"__inputs": [
{
"name": "DS_PFS_GRAYLOG",
"label": "PFS Graylog",
"description": "",
"type": "datasource",
"pluginId": "elasticsearch",
"pluginName": "Elasticsearch"
}
],
"__requires": [
{
"type": "datasource",
"id": "elasticsearch",
"name": "Elasticsearch",
"version": "1.0.0"
},
{
"type": "grafana",
"id": "grafana",
"name": "Grafana",
"version": "6.4.3"
},
{
"type": "panel",
"id": "grafana-piechart-panel",
"name": "Pie Chart",
"version": "1.3.9"
},
{
"type": "panel",
"id": "grafana-worldmap-panel",
"name": "Worldmap Panel",
"version": "0.2.1"
},
{
"type": "panel",
"id": "graph",
"name": "Graph",
"version": ""
},
{
"type": "panel",
"id": "savantly-heatmap-panel",
"name": "Heatmap",
"version": "0.2.0"
},
{
"type": "panel",
"id": "singlestat",
"name": "Singlestat",
"version": ""
},
{
"type": "panel",
"id": "table",
"name": "Table",
"version": ""
}
],
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": "-- Grafana --",
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"gnetId": 5420,
"graphTooltip": 0,
"id": null,
"iteration": 1573150312463,
"links": [],
"panels": [
{
"circleMaxSize": "20",
"circleMinSize": 2,
"colors": [
"#FADE2A",
"rgba(237, 129, 40, 0.89)",
"#F2495C"
],
"datasource": "pfsensefw",
"decimals": 0,
"esGeoPoint": "src_location",
"esLocationName": "src_ip",
"esMetric": "Count",
"gridPos": {
"h": 12,
"w": 16,
"x": 0,
"y": 0
},
"height": "",
"hideEmpty": false,
"hideZero": false,
"id": 1,
"initialZoom": "2",
"links": [],
"locationData": "geohash",
"mapCenter": "Europe",
"mapCenterLatitude": 46,
"mapCenterLongitude": 14,
"maxDataPoints": 1,
"mouseWheelZoom": true,
"options": {},
"showLegend": true,
"stickyLabels": true,
"tableQueryOptions": {
"geohashField": "geohash",
"latitudeField": "latitude",
"longitudeField": "longitude",
"metricField": "metric",
"queryType": "geohash"
},
"targets": [
{
"alias": "",
"bucketAggs": [
{
"fake": true,
"field": "src_ip",
"id": "3",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "0"
},
"type": "terms"
},
{
"field": "src_location",
"id": "2",
"settings": {
"precision": 7
},
"type": "geohash_grid"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND src_ip:$src_ip",
"refId": "A",
"timeField": "utc_timestamp"
}
],
"thresholds": "2,5",
"title": "GeoIP Block source ip location by $iface",
"type": "grafana-worldmap-panel",
"unitPlural": "",
"unitSingle": "",
"valueName": "total"
},
{
"cacheTimeout": null,
"columns": [],
"datasource": "pfsensefw",
"fontSize": "100%",
"gridPos": {
"h": 12,
"w": 8,
"x": 16,
"y": 0
},
"id": 8,
"links": [],
"options": {},
"pageSize": null,
"showHeader": true,
"sort": {
"col": null,
"desc": false
},
"styles": [
{
"alias": "Time",
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"pattern": "Time",
"type": "date"
},
{
"alias": "",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"decimals": 2,
"pattern": "/.*/",
"thresholds": [],
"type": "number",
"unit": "short"
}
],
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "src_ip",
"id": "7",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "10"
},
"type": "terms"
},
{
"fake": true,
"field": "src_ip_city_name",
"id": "8",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "10"
},
"type": "terms"
},
{
"fake": true,
"field": "src_ip_country_code",
"id": "6",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "10"
},
"type": "terms"
}
],
"dsType": "elasticsearch",
"hide": false,
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND src_ip:$src_ip",
"refId": "A",
"target": "",
"timeField": "timestamp"
}
],
"title": "Top ip Block by $iface",
"transform": "table",
"type": "table"
},
{
"columns": [
{
"text": "src_ip",
"value": "src_ip"
},
{
"text": "dest_ip",
"value": "dest_ip"
},
{
"text": "PortServiceName",
"value": "PortServiceName"
},
{
"text": "proto",
"value": "proto"
},
{
"text": "action",
"value": "action"
},
{
"text": "iface",
"value": "iface"
},
{
"text": "dest_port",
"value": "dest_port"
},
{
"text": "direction",
"value": "direction"
},
{
"text": "src_ip_whoisresult",
"value": "src_ip_whoisresult"
},
{
"text": "timestamp",
"value": "timestamp"
}
],
"datasource": "pfsensefw",
"filterNull": false,
"fontSize": "90%",
"gridPos": {
"h": 8,
"w": 24,
"x": 0,
"y": 12
},
"id": 14,
"links": [],
"options": {},
"pageSize": 100,
"scroll": true,
"showHeader": true,
"sort": {
"col": null,
"desc": false
},
"styles": [
{
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"pattern": "timestamp",
"type": "date"
},
{
"alias": "dest_port Servicename",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 2,
"pattern": "PortServiceName",
"thresholds": [],
"type": "string",
"unit": "short"
},
{
"alias": "Source Port Name",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 2,
"pattern": "src_port_name",
"thresholds": [],
"type": "string",
"unit": "short"
},
{
"alias": "Protocol",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 2,
"pattern": "proto",
"thresholds": [],
"type": "string",
"unit": "short"
},
{
"alias": "",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 0,
"mappingType": 1,
"pattern": "dest_port",
"thresholds": [],
"type": "number",
"unit": "none"
},
{
"alias": "",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 2,
"mappingType": 1,
"pattern": "",
"thresholds": [],
"type": "number",
"unit": "short"
},
{
"alias": "",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"decimals": 2,
"pattern": "src_ip_whoisresult",
"preserveFormat": false,
"sanitize": false,
"thresholds": [],
"type": "string",
"unit": "none"
}
],
"targets": [
{
"bucketAggs": [],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"meta": {},
"settings": {
"size": 10000
},
"type": "raw_document"
}
],
"query": "iface:$iface AND dest_port:$dport action:$action",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "Real time logs by iface:$iface ",
"transform": "json",
"type": "table"
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": true,
"colors": [
"#299c46",
"rgba(237, 129, 40, 0.89)",
"#d44a3a"
],
"datasource": "pfsensefw",
"format": "none",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 4,
"w": 6,
"x": 0,
"y": 20
},
"id": 18,
"interval": null,
"links": [],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"options": {},
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": false,
"lineColor": "rgb(31, 120, 193)",
"show": false
},
"tableColumn": "",
"targets": [
{
"bucketAggs": [
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip",
"refId": "A",
"target": "",
"timeField": "timestamp"
}
],
"thresholds": "",
"title": "Total Firewall Events",
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "total"
},
{
"aliasColors": {},
"breakPoint": "50%",
"cacheTimeout": null,
"combine": {
"label": "Others",
"threshold": ""
},
"datasource": "pfsensefw",
"fontSize": "80%",
"format": "none",
"gridPos": {
"h": 4,
"w": 6,
"x": 6,
"y": 20
},
"id": 2,
"interval": null,
"legend": {
"percentage": true,
"show": true,
"values": true
},
"legendType": "Right side",
"links": [],
"maxDataPoints": 3,
"nullPointMode": "connected",
"options": {},
"pieType": "pie",
"strokeWidth": "1",
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "iface",
"id": "3",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "0"
},
"type": "terms"
},
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "Match by interface $iface",
"type": "grafana-piechart-panel",
"valueName": "total"
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "pfsensefw",
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 20
},
"id": 4,
"legend": {
"alignAsTable": false,
"avg": false,
"current": false,
"hideEmpty": false,
"hideZero": false,
"max": false,
"min": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
"links": [],
"nullPointMode": "connected",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"bucketAggs": [
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip",
"refId": "A",
"timeField": "timestamp"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Events by $iface",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "none",
"label": "Count",
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "none",
"label": "",
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"aliasColors": {},
"bars": true,
"dashLength": 10,
"dashes": false,
"datasource": "pfsensefw",
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 6,
"w": 12,
"x": 0,
"y": 24
},
"id": 12,
"legend": {
"alignAsTable": true,
"avg": false,
"current": false,
"max": false,
"min": false,
"rightSide": true,
"show": true,
"total": true,
"values": true
},
"lines": false,
"linewidth": 10,
"links": [],
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"alias": "",
"bucketAggs": [
{
"fake": true,
"field": "src_ip_country_code",
"id": "5",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "10"
},
"type": "terms"
},
{
"fake": true,
"field": "timestamp",
"id": "4",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip -src_ip:62.155.248.*",
"refId": "A",
"timeField": "timestamp"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Rules triggered on $iface by Country",
"tooltip": {
"shared": false,
"sort": 2,
"value_type": "cumulative"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "series",
"name": "@timestamp",
"show": true,
"values": [
"total"
]
},
"yaxes": [
{
"format": "none",
"label": "Triggers",
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "none",
"label": "",
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"aliasColors": {},
"breakPoint": "50%",
"cacheTimeout": null,
"combine": {
"label": "Others",
"threshold": 0
},
"datasource": "pfsensefw",
"fontSize": "80%",
"format": "none",
"gridPos": {
"h": 10,
"w": 12,
"x": 12,
"y": 28
},
"id": 5,
"interval": null,
"legend": {
"show": true,
"values": true
},
"legendType": "Right side",
"links": [],
"maxDataPoints": 3,
"nullPointMode": "connected",
"options": {},
"pieType": "pie",
"strokeWidth": 1,
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "proto",
"id": "3",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_term",
"size": "0"
},
"type": "terms"
},
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "Protocols by interface $iface",
"type": "grafana-piechart-panel",
"valueName": "total"
},
{
"chartId": "chart_11",
"colors": [
"rgba(50, 172, 45, 1)",
"rgba(241, 255, 0, 1)",
"rgba(245, 54, 54, 1)"
],
"datasource": "pfsensefw",
"format": "none",
"gridPos": {
"h": 9,
"w": 12,
"x": 0,
"y": 30
},
"id": 11,
"legend": {
"avg": false,
"current": false,
"max": false,
"min": false,
"show": true,
"total": true
},
"links": [],
"mappingType": 1,
"maxDataPoints": 100,
"nullPointMode": "connected",
"options": {},
"seriesOverrides": [],
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "PortServiceName",
"id": "3",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "20"
},
"type": "terms"
},
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip",
"refId": "A",
"target": "",
"timeField": "timestamp"
}
],
"thresholds": "0,10",
"title": "Destination Port by iface:$iface",
"treeMap": {
"aggregationFunction": "sum",
"colorByFunction": "max",
"debug": false,
"depth": 0,
"enableGrouping": true,
"enableTimeBlocks": false,
"groups": [
{
"key": "server",
"value": "/^.*./g"
}
],
"ids": [
"alias"
],
"mode": "squarify",
"nodeSizeProperty": "value",
"showLegend": true,
"sizeByFunction": "total"
},
"type": "savantly-heatmap-panel",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
]
},
{
"aliasColors": {},
"bars": true,
"dashLength": 10,
"dashes": false,
"datasource": "pfsensefw",
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 9,
"w": 12,
"x": 12,
"y": 38
},
"id": 3,
"legend": {
"alignAsTable": true,
"avg": false,
"current": false,
"max": false,
"min": false,
"rightSide": true,
"show": true,
"total": true,
"values": true
},
"lines": false,
"linewidth": 10,
"links": [],
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 5,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"alias": "City: {{term src_ip_city_name}}",
"bucketAggs": [
{
"fake": true,
"field": "src_ip_city_name",
"id": "5",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "10"
},
"type": "terms"
},
{
"fake": true,
"field": "timestamp",
"id": "4",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip",
"refId": "A",
"timeField": "timestamp"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Rules triggered on $iface by City",
"tooltip": {
"shared": false,
"sort": 2,
"value_type": "cumulative"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "series",
"name": "@timestamp",
"show": false,
"values": [
"total"
]
},
"yaxes": [
{
"format": "none",
"label": "Cantidad de Accesos",
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "none",
"label": "Paises",
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"aliasColors": {},
"breakPoint": "50%",
"cacheTimeout": null,
"combine": {
"label": "Others",
"threshold": 0
},
"datasource": "pfsensefw",
"fontSize": "80%",
"format": "none",
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 39
},
"id": 9,
"interval": null,
"legend": {
"show": true,
"values": true
},
"legendType": "Right side",
"links": [],
"maxDataPoints": 3,
"nullPointMode": "connected",
"options": {},
"pieType": "donut",
"strokeWidth": 1,
"targets": [
{
"alias": "Port: {{PortServiceName}}",
"bucketAggs": [
{
"fake": true,
"field": "PortServiceName",
"id": "3",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "10"
},
"type": "terms"
},
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"dsType": "elasticsearch",
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "iface:$iface AND dest_port:$dport AND src_ip:$src_ip",
"refId": "A",
"target": "",
"timeField": "timestamp"
}
],
"title": "Top 10 port Destination Block by $iface",
"type": "grafana-piechart-panel",
"valueName": "total"
}
],
"refresh": "1m",
"schemaVersion": 20,
"style": "dark",
"tags": [
"Elasticsearch",
"Firewall",
"Log Analyzer",
"PFsense"
],
"templating": {
"list": [
{
"allValue": null,
"current": {},
"datasource": "pfsensefw",
"definition": "",
"hide": 0,
"includeAll": true,
"label": "Interface",
"multi": true,
"name": "iface",
"options": [],
"query": "{\"find\": \"terms\", \"field\":\"iface\",\"size\": \"1000000\" }",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
},
{
"allValue": "*",
"current": {},
"datasource": "pfsensefw",
"definition": "{\"find\": \"terms\", \"field\":\"src_ip\",\"query\":\"iface iface:$iface\",\"size\": \"1000000\" }",
"hide": 0,
"includeAll": true,
"label": "Source IP",
"multi": true,
"name": "src_ip",
"options": [],
"query": "{\"find\": \"terms\", \"field\":\"src_ip\",\"query\":\"iface iface:$iface\",\"size\": \"1000000\" }",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
},
{
"allValue": "*",
"current": {},
"datasource": "pfsensefw",
"definition": "{\"find\": \"terms\", \"field\":\"dest_port\",\"query\":\"iface iface:$iface\",\"size\": \"1000000\" }",
"hide": 0,
"includeAll": true,
"label": null,
"multi": true,
"name": "dport",
"options": [],
"query": "{\"find\": \"terms\", \"field\":\"dest_port\",\"query\":\"iface iface:$iface\",\"size\": \"1000000\" }",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 3,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
},
{
"datasource": "PFS Graylog",
"filters": [
{
"condition": "AND",
"key": "direction",
"operator": "=",
"value": "in"
},
{
"key": "action",
"operator": "=",
"value": "block"
}
],
"hide": 0,
"label": "",
"name": "Filters",
"skipUrlSync": false,
"type": "adhoc"
}
]
},
"time": {
"from": "now-1h",
"to": "now"
},
"timepicker": {
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
]
},
"timezone": "browser",
"title": "Firewall Logs",
"uid": "000000030",
"version": 86
}
Reference in New Issue View Git Blame Copy Permalink