From 00dec46c6e0465a9bd80f235a6e794fd6ba77022 Mon Sep 17 00:00:00 2001 From: lgromero Date: Wed, 30 Jul 2025 13:16:53 +0200 Subject: [PATCH] refs #2550 adds ogboot ogcore ogdhcp and ogrepo logs table from grafana --- .../resources/dashboards/ogboot-logs.json | 555 +++++++++++++++++ .../resources/dashboards/ogcore-logs.json | 411 +++++++++++++ .../resources/dashboards/ogdhcp-logs.json | 562 +++++++++++++++++ .../resources/dashboards/ogrepo-logs.json | 575 ++++++++++++++++++ 4 files changed, 2103 insertions(+) create mode 100644 etc/grafana/resources/dashboards/ogboot-logs.json create mode 100644 etc/grafana/resources/dashboards/ogcore-logs.json create mode 100644 etc/grafana/resources/dashboards/ogdhcp-logs.json create mode 100644 etc/grafana/resources/dashboards/ogrepo-logs.json diff --git a/etc/grafana/resources/dashboards/ogboot-logs.json b/etc/grafana/resources/dashboards/ogboot-logs.json new file mode 100644 index 0000000..950ecdf --- /dev/null +++ b/etc/grafana/resources/dashboards/ogboot-logs.json @@ -0,0 +1,555 @@ +{ + "__inputs": [ + { + "name": "DS_OPENSEARCH", + "label": "OpenSearch", + "description": "", + "type": "datasource", + "pluginId": "grafana-opensearch-datasource", + "pluginName": "OpenSearch" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "11.6.3" + }, + { + "type": "datasource", + "id": "grafana-opensearch-datasource", + "name": "OpenSearch", + "version": "2.27.0" + }, + { + "type": "panel", + "id": "table", + "name": "Table", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "panels": [ + { + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "agent.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 121 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.message" + }, + "properties": [ + { + "id": "custom.width", + "value": 1250 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "@timestamp" + }, + "properties": [ + { + "id": "custom.width", + "value": 193 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message" + }, + "properties": [ + { + "id": "custom.width", + "value": 496 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.os.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 42 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_json" + }, + "properties": [ + { + "id": "custom.width", + "value": 359 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 203 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.hostname" + }, + "properties": [ + { + "id": "custom.width", + "value": 159 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.ip" + }, + "properties": [ + { + "id": "custom.width", + "value": 177 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.mac" + }, + "properties": [ + { + "id": "custom.width", + "value": 369 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.job_id" + }, + "properties": [ + { + "id": "custom.width", + "value": 240 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.secret" + }, + "properties": [ + { + "id": "custom.width", + "value": 217 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "description" + }, + "properties": [ + { + "id": "custom.width", + "value": 1131 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "parsed_message.request_uri" + }, + "properties": [ + { + "id": "custom.width", + "value": 577 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "method" + }, + "properties": [ + { + "id": "custom.width", + "value": 120 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "parsed_message.operation" + }, + "properties": [ + { + "id": "custom.width", + "value": 227 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "http_code" + }, + "properties": [ + { + "id": "custom.width", + "value": 132 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 93 + } + ] + } + ] + }, + "gridPos": { + "h": 19, + "w": 21, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "@timestamp" + } + ] + }, + "pluginVersion": "11.6.3", + "targets": [ + { + "alias": "", + "bucketAggs": [ + { + "field": "@timestamp", + "id": "2", + "settings": { + "interval": "auto" + }, + "type": "date_histogram" + } + ], + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "format": "table", + "luceneQueryType": "Logs", + "metrics": [ + { + "id": "1", + "type": "logs" + } + ], + "query": "syslog.identifier: \"ogboot\" AND severity \"INFO\" ", + "queryType": "lucene", + "refId": "A", + "timeField": "@timestamp" + } + ], + "title": "Panel Title", + "transformations": [ + { + "id": "organize", + "options": { + "excludeByName": { + "_id": true, + "_index": true, + "_source": true, + "_type": true, + "agent.ephemeral_id": true, + "agent.hostname": true, + "agent.id": true, + "agent.name": true, + "agent.type": true, + "agent.version": true, + "data_decoded.agent_version": true, + "data_decoded.cfg": true, + "data_decoded.exe": true, + "data_decoded.ida": true, + "data_decoded.idc": true, + "data_decoded.ido": true, + "data_decoded.iph": true, + "data_decoded.job_id": true, + "data_decoded.nfl": true, + "data_decoded.npc": true, + "data_decoded.progress": true, + "data_decoded.secret": true, + "data_decoded.timestamp": true, + "data_decoded.tpc": true, + "data_json": true, + "debug": true, + "ecs.version": true, + "event.created": true, + "event.kind": true, + "host.architecture": true, + "host.containerized": true, + "host.hostname": true, + "host.id": true, + "host.name": true, + "host.os.codename": true, + "host.os.family": true, + "host.os.kernel": true, + "host.os.name": true, + "host.os.platform": true, + "host.os.type": true, + "host.os.version": true, + "input.type": true, + "journald.custom.runtime_scope": true, + "journald.custom.selinux_context": true, + "journald.custom.syslog_timestamp": true, + "journald.gid": true, + "journald.host.boot_id": true, + "journald.pid": true, + "journald.process.capabilites": true, + "journald.process.command_line": true, + "journald.process.executable": true, + "journald.process.name": true, + "journald.uid": true, + "log.file.path": true, + "log.offset": true, + "log.syslog.facility.name": true, + "log.syslog.priority": true, + "message": true, + "message_decoded.function": true, + "message_decoded.message": false, + "message_decoded.threadName": true, + "message_decoded.timestamp": true, + "message_raw": true, + "parsed_message.component": true, + "parsed_message.desc": true, + "parsed_message.http_code": true, + "parsed_message.method": true, + "parsed_message.params.filePath": true, + "parsed_message.params.templateCount": true, + "parsed_message.params.templateDir": true, + "parsed_message.params.templateName": true, + "parsed_message.route": true, + "parsed_message.route_parameters._controller": true, + "parsed_message.route_parameters._route": true, + "parsed_message.route_parameters.templateName": true, + "process.args": true, + "process.args_count": true, + "process.command_line": true, + "process.pid": true, + "processed_message": true, + "request_uri": true, + "route": true, + "route_parameters": true, + "syslog.facility": true, + "syslog.identifier": true, + "syslog.pid": true, + "syslog.priority": true, + "systemd.cgroup": true, + "systemd.invocation_id": true, + "systemd.slice": true, + "systemd.transport": true, + "systemd.unit": true, + "user.group.id": true, + "user.id": true + }, + "includeByName": {}, + "indexByName": { + "@timestamp": 0, + "_id": 2, + "_index": 3, + "_source": 4, + "_type": 5, + "agent.ephemeral_id": 6, + "agent.hostname": 7, + "agent.id": 8, + "agent.name": 9, + "agent.type": 10, + "agent.version": 11, + "debug": 17, + "description": 56, + "ecs.version": 12, + "event.created": 19, + "event.kind": 20, + "host.hostname": 13, + "host.id": 14, + "host.name": 15, + "http_code": 18, + "journald.custom.runtime_scope": 21, + "journald.custom.selinux_context": 22, + "journald.custom.syslog_timestamp": 23, + "journald.gid": 24, + "journald.host.boot_id": 25, + "journald.pid": 26, + "journald.process.capabilites": 27, + "journald.process.command_line": 28, + "journald.process.executable": 29, + "journald.process.name": 30, + "journald.uid": 31, + "log.syslog.facility.name": 32, + "log.syslog.priority": 33, + "message": 16, + "parsed_message.component": 34, + "parsed_message.desc": 35, + "parsed_message.http_code": 36, + "parsed_message.operation": 37, + "parsed_message.params.templateCount": 38, + "parsed_message.params.templateDir": 39, + "parsed_message.params.templateName": 40, + "parsed_message.severity": 1, + "process.args": 41, + "process.args_count": 42, + "process.command_line": 43, + "process.pid": 44, + "processed_message": 45, + "syslog.facility": 46, + "syslog.identifier": 47, + "syslog.pid": 48, + "syslog.priority": 49, + "systemd.cgroup": 50, + "systemd.invocation_id": 51, + "systemd.slice": 52, + "systemd.transport": 53, + "systemd.unit": 54, + "user.group.id": 55, + "user.id": 57 + }, + "renameByName": { + "@timestamp": "Fecha", + "agent.type": "", + "description": "Description", + "http_code": "HTTP Code", + "message_decoded.message": "", + "parsed_message.operation": "Operation", + "parsed_message.severity": "Log level" + } + } + } + ], + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 41, + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-5m", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "ogboot-logs", + "uid": "ogboot-logs", + "version": 7, + "weekStart": "" +} \ No newline at end of file diff --git a/etc/grafana/resources/dashboards/ogcore-logs.json b/etc/grafana/resources/dashboards/ogcore-logs.json new file mode 100644 index 0000000..40315d0 --- /dev/null +++ b/etc/grafana/resources/dashboards/ogcore-logs.json @@ -0,0 +1,411 @@ +{ + "__inputs": [ + { + "name": "DS_OPENSEARCH", + "label": "OpenSearch", + "description": "", + "type": "datasource", + "pluginId": "grafana-opensearch-datasource", + "pluginName": "OpenSearch" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "11.6.3" + }, + { + "type": "datasource", + "id": "grafana-opensearch-datasource", + "name": "OpenSearch", + "version": "2.27.0" + }, + { + "type": "panel", + "id": "table", + "name": "Table", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "panels": [ + { + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "agent.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 121 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.message" + }, + "properties": [ + { + "id": "custom.width", + "value": 1250 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "@timestamp" + }, + "properties": [ + { + "id": "custom.width", + "value": 193 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message" + }, + "properties": [ + { + "id": "custom.width", + "value": 1725 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.os.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 42 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_json" + }, + "properties": [ + { + "id": "custom.width", + "value": 359 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 203 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.hostname" + }, + "properties": [ + { + "id": "custom.width", + "value": 159 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.ip" + }, + "properties": [ + { + "id": "custom.width", + "value": 177 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.mac" + }, + "properties": [ + { + "id": "custom.width", + "value": 369 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.job_id" + }, + "properties": [ + { + "id": "custom.width", + "value": 240 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.secret" + }, + "properties": [ + { + "id": "custom.width", + "value": 217 + } + ] + } + ] + }, + "gridPos": { + "h": 22, + "w": 22, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [] + }, + "pluginVersion": "11.6.3", + "targets": [ + { + "alias": "", + "bucketAggs": [ + { + "field": "@timestamp", + "id": "2", + "settings": { + "interval": "auto" + }, + "type": "date_histogram" + } + ], + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "format": "table", + "luceneQueryType": "Logs", + "metrics": [ + { + "id": "1", + "type": "logs" + } + ], + "query": "syslog.identifier: \"ogcore\"", + "queryType": "lucene", + "refId": "A", + "timeField": "@timestamp" + } + ], + "title": "Panel Title", + "transformations": [ + { + "id": "organize", + "options": { + "excludeByName": { + "_id": true, + "_index": true, + "_source": true, + "_type": true, + "agent.ephemeral_id": true, + "agent.hostname": true, + "agent.id": true, + "agent.name": true, + "agent.type": true, + "agent.version": true, + "data_decoded.agent_version": true, + "data_decoded.cfg": true, + "data_decoded.exe": true, + "data_decoded.ida": true, + "data_decoded.idc": true, + "data_decoded.ido": true, + "data_decoded.iph": true, + "data_decoded.job_id": true, + "data_decoded.nfl": true, + "data_decoded.npc": true, + "data_decoded.progress": true, + "data_decoded.secret": true, + "data_decoded.timestamp": true, + "data_decoded.tpc": true, + "data_json": true, + "ecs.version": true, + "host.architecture": true, + "host.containerized": true, + "host.hostname": true, + "host.id": true, + "host.ip": true, + "host.mac": true, + "host.name": true, + "host.os.codename": true, + "host.os.family": true, + "host.os.kernel": true, + "host.os.name": true, + "host.os.platform": true, + "host.os.type": true, + "host.os.version": true, + "input.type": true, + "log.file.path": true, + "log.offset": true, + "message": true, + "message_decoded.function": true, + "message_decoded.in_oglive": true, + "message_decoded.message": false, + "message_decoded.threadName": true, + "message_decoded.timestamp": true, + "message_raw": true + }, + "includeByName": {}, + "indexByName": { + "@timestamp": 0, + "_id": 1, + "_index": 2, + "_source": 3, + "_type": 4, + "agent.ephemeral_id": 5, + "agent.hostname": 6, + "agent.id": 7, + "agent.name": 8, + "agent.type": 9, + "agent.version": 10, + "data_decoded.iph": 11, + "data_decoded.timestamp": 13, + "data_json": 35, + "ecs.version": 14, + "host.architecture": 15, + "host.containerized": 16, + "host.hostname": 17, + "host.id": 19, + "host.ip": 18, + "host.mac": 20, + "host.name": 21, + "host.os.codename": 22, + "host.os.family": 23, + "host.os.kernel": 24, + "host.os.name": 25, + "host.os.platform": 26, + "host.os.type": 27, + "host.os.version": 28, + "input.type": 29, + "log.file.path": 30, + "log.offset": 31, + "message": 38, + "message_decoded.function": 32, + "message_decoded.message": 33, + "message_decoded.severity": 12, + "message_decoded.threadName": 34, + "message_decoded.timestamp": 36, + "message_raw": 37 + }, + "renameByName": { + "@timestamp": "fecha", + "agent.type": "", + "message_decoded.message": "message", + "message_decoded.severity": "log level" + } + } + } + ], + "type": "table" + } + ], + "schemaVersion": 41, + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "2025-07-30T10:27:32.439Z", + "to": "2025-07-30T10:37:32.439Z" + }, + "timepicker": {}, + "timezone": "browser", + "title": "ogcore-logs", + "uid": "ogcore-logs", + "version": 3, + "weekStart": "" +} \ No newline at end of file diff --git a/etc/grafana/resources/dashboards/ogdhcp-logs.json b/etc/grafana/resources/dashboards/ogdhcp-logs.json new file mode 100644 index 0000000..a9a8ea6 --- /dev/null +++ b/etc/grafana/resources/dashboards/ogdhcp-logs.json @@ -0,0 +1,562 @@ +{ + "__inputs": [ + { + "name": "DS_OPENSEARCH", + "label": "OpenSearch", + "description": "", + "type": "datasource", + "pluginId": "grafana-opensearch-datasource", + "pluginName": "OpenSearch" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "11.6.3" + }, + { + "type": "datasource", + "id": "grafana-opensearch-datasource", + "name": "OpenSearch", + "version": "2.27.0" + }, + { + "type": "panel", + "id": "table", + "name": "Table", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "panels": [ + { + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "agent.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 121 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.message" + }, + "properties": [ + { + "id": "custom.width", + "value": 1250 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "@timestamp" + }, + "properties": [ + { + "id": "custom.width", + "value": 193 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message" + }, + "properties": [ + { + "id": "custom.width", + "value": 496 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.os.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 42 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_json" + }, + "properties": [ + { + "id": "custom.width", + "value": 359 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 203 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.hostname" + }, + "properties": [ + { + "id": "custom.width", + "value": 159 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.ip" + }, + "properties": [ + { + "id": "custom.width", + "value": 177 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.mac" + }, + "properties": [ + { + "id": "custom.width", + "value": 369 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.job_id" + }, + "properties": [ + { + "id": "custom.width", + "value": 240 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.secret" + }, + "properties": [ + { + "id": "custom.width", + "value": 217 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "description" + }, + "properties": [ + { + "id": "custom.width", + "value": 1131 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "parsed_message.request_uri" + }, + "properties": [ + { + "id": "custom.width", + "value": 577 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "method" + }, + "properties": [ + { + "id": "custom.width", + "value": 120 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "parsed_message.operation" + }, + "properties": [ + { + "id": "custom.width", + "value": 227 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "http_code" + }, + "properties": [ + { + "id": "custom.width", + "value": 132 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 93 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "log level" + }, + "properties": [ + { + "id": "custom.width", + "value": 107 + } + ] + } + ] + }, + "gridPos": { + "h": 19, + "w": 21, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [] + }, + "pluginVersion": "11.6.3", + "targets": [ + { + "alias": "", + "bucketAggs": [ + { + "field": "@timestamp", + "id": "2", + "settings": { + "interval": "auto" + }, + "type": "date_histogram" + } + ], + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "format": "table", + "luceneQueryType": "Logs", + "metrics": [ + { + "id": "1", + "type": "logs" + } + ], + "query": "syslog.identifier: \"ogdhcp\" AND severity \"INFO\" ", + "queryType": "lucene", + "refId": "A", + "timeField": "@timestamp" + } + ], + "title": "Panel Title", + "transformations": [ + { + "id": "organize", + "options": { + "excludeByName": { + "_id": true, + "_index": true, + "_source": true, + "_type": true, + "agent.ephemeral_id": true, + "agent.hostname": true, + "agent.id": true, + "agent.name": true, + "agent.type": true, + "agent.version": true, + "data_decoded.agent_version": true, + "data_decoded.cfg": true, + "data_decoded.exe": true, + "data_decoded.ida": true, + "data_decoded.idc": true, + "data_decoded.ido": true, + "data_decoded.iph": true, + "data_decoded.job_id": true, + "data_decoded.nfl": true, + "data_decoded.npc": true, + "data_decoded.progress": true, + "data_decoded.secret": true, + "data_decoded.timestamp": true, + "data_decoded.tpc": true, + "data_json": true, + "debug": true, + "ecs.version": true, + "event.created": true, + "event.kind": true, + "host.architecture": true, + "host.containerized": true, + "host.hostname": true, + "host.id": true, + "host.name": true, + "host.os.codename": true, + "host.os.family": true, + "host.os.kernel": true, + "host.os.name": true, + "host.os.platform": true, + "host.os.type": true, + "host.os.version": true, + "input.type": true, + "journald.custom.runtime_scope": true, + "journald.custom.selinux_context": true, + "journald.custom.syslog_timestamp": true, + "journald.gid": true, + "journald.host.boot_id": true, + "journald.pid": true, + "journald.process.capabilites": true, + "journald.process.command_line": true, + "journald.process.executable": true, + "journald.process.name": true, + "journald.uid": true, + "log.file.path": true, + "log.offset": true, + "log.syslog.facility.name": true, + "log.syslog.priority": true, + "message": true, + "message_decoded.function": true, + "message_decoded.message": false, + "message_decoded.threadName": true, + "message_decoded.timestamp": true, + "message_raw": true, + "parsed_message.component": true, + "parsed_message.desc": true, + "parsed_message.http_code": true, + "parsed_message.method": true, + "parsed_message.params": true, + "parsed_message.params.filePath": true, + "parsed_message.params.subnets_count": true, + "parsed_message.params.templateCount": true, + "parsed_message.params.templateDir": true, + "parsed_message.params.templateName": true, + "parsed_message.route": true, + "parsed_message.route_parameters._controller": true, + "parsed_message.route_parameters._route": true, + "parsed_message.route_parameters.templateName": true, + "process.args": true, + "process.args_count": true, + "process.command_line": true, + "process.pid": true, + "processed_message": true, + "request_uri": true, + "route": true, + "route_parameters": true, + "syslog.facility": true, + "syslog.identifier": true, + "syslog.pid": true, + "syslog.priority": true, + "systemd.cgroup": true, + "systemd.invocation_id": true, + "systemd.slice": true, + "systemd.transport": true, + "systemd.unit": true, + "user.group.id": true, + "user.id": true + }, + "includeByName": {}, + "indexByName": { + "@timestamp": 0, + "_id": 2, + "_index": 3, + "_source": 4, + "_type": 5, + "agent.ephemeral_id": 6, + "agent.hostname": 7, + "agent.id": 8, + "agent.name": 9, + "agent.type": 10, + "agent.version": 11, + "debug": 17, + "description": 56, + "ecs.version": 12, + "event.created": 19, + "event.kind": 20, + "host.hostname": 13, + "host.id": 14, + "host.name": 15, + "http_code": 18, + "journald.custom.runtime_scope": 21, + "journald.custom.selinux_context": 22, + "journald.custom.syslog_timestamp": 23, + "journald.gid": 24, + "journald.host.boot_id": 25, + "journald.pid": 26, + "journald.process.capabilites": 27, + "journald.process.command_line": 28, + "journald.process.executable": 29, + "journald.process.name": 30, + "journald.uid": 31, + "log.syslog.facility.name": 32, + "log.syslog.priority": 33, + "message": 16, + "parsed_message.component": 34, + "parsed_message.desc": 35, + "parsed_message.http_code": 36, + "parsed_message.operation": 37, + "parsed_message.params.templateCount": 38, + "parsed_message.params.templateDir": 39, + "parsed_message.params.templateName": 40, + "parsed_message.severity": 1, + "process.args": 41, + "process.args_count": 42, + "process.command_line": 43, + "process.pid": 44, + "processed_message": 45, + "syslog.facility": 46, + "syslog.identifier": 47, + "syslog.pid": 48, + "syslog.priority": 49, + "systemd.cgroup": 50, + "systemd.invocation_id": 51, + "systemd.slice": 52, + "systemd.transport": 53, + "systemd.unit": 54, + "user.group.id": 55, + "user.id": 57 + }, + "renameByName": { + "@timestamp": "fecha", + "agent.type": "", + "message_decoded.message": "", + "parsed_message.operation": "operation", + "parsed_message.severity": "log level" + } + } + } + ], + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 41, + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-5m", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "ogdhcp-logs", + "uid": "ogdhcp-logs", + "version": 3, + "weekStart": "" +} \ No newline at end of file diff --git a/etc/grafana/resources/dashboards/ogrepo-logs.json b/etc/grafana/resources/dashboards/ogrepo-logs.json new file mode 100644 index 0000000..8aed40f --- /dev/null +++ b/etc/grafana/resources/dashboards/ogrepo-logs.json @@ -0,0 +1,575 @@ +{ + "__inputs": [ + { + "name": "DS_OPENSEARCH", + "label": "OpenSearch", + "description": "", + "type": "datasource", + "pluginId": "grafana-opensearch-datasource", + "pluginName": "OpenSearch" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "11.6.3" + }, + { + "type": "datasource", + "id": "grafana-opensearch-datasource", + "name": "OpenSearch", + "version": "2.27.0" + }, + { + "type": "panel", + "id": "table", + "name": "Table", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "panels": [ + { + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "agent.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 121 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.message" + }, + "properties": [ + { + "id": "custom.width", + "value": 1250 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "@timestamp" + }, + "properties": [ + { + "id": "custom.width", + "value": 193 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message" + }, + "properties": [ + { + "id": "custom.width", + "value": 496 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.os.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 42 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_json" + }, + "properties": [ + { + "id": "custom.width", + "value": 359 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 203 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.hostname" + }, + "properties": [ + { + "id": "custom.width", + "value": 159 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.ip" + }, + "properties": [ + { + "id": "custom.width", + "value": 177 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.mac" + }, + "properties": [ + { + "id": "custom.width", + "value": 369 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.job_id" + }, + "properties": [ + { + "id": "custom.width", + "value": 240 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.secret" + }, + "properties": [ + { + "id": "custom.width", + "value": 217 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "description" + }, + "properties": [ + { + "id": "custom.width", + "value": 1131 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "parsed_message.request_uri" + }, + "properties": [ + { + "id": "custom.width", + "value": 577 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "method" + }, + "properties": [ + { + "id": "custom.width", + "value": 120 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "parsed_message.operation" + }, + "properties": [ + { + "id": "custom.width", + "value": 227 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "http_code" + }, + "properties": [ + { + "id": "custom.width", + "value": 132 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 93 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "log level" + }, + "properties": [ + { + "id": "custom.width", + "value": 107 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "operation" + }, + "properties": [ + { + "id": "custom.width", + "value": 338 + } + ] + } + ] + }, + "gridPos": { + "h": 19, + "w": 21, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [] + }, + "pluginVersion": "11.6.3", + "targets": [ + { + "alias": "", + "bucketAggs": [ + { + "field": "@timestamp", + "id": "2", + "settings": { + "interval": "auto" + }, + "type": "date_histogram" + } + ], + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "format": "table", + "luceneQueryType": "Logs", + "metrics": [ + { + "id": "1", + "type": "logs" + } + ], + "query": "syslog.identifier: \"ogrepo-api\"", + "queryType": "lucene", + "refId": "A", + "timeField": "@timestamp" + } + ], + "title": "Panel Title", + "transformations": [ + { + "id": "organize", + "options": { + "excludeByName": { + "_id": true, + "_index": true, + "_source": true, + "_type": true, + "agent.ephemeral_id": true, + "agent.hostname": true, + "agent.id": true, + "agent.name": true, + "agent.type": true, + "agent.version": true, + "data_decoded.agent_version": true, + "data_decoded.cfg": true, + "data_decoded.exe": true, + "data_decoded.ida": true, + "data_decoded.idc": true, + "data_decoded.ido": true, + "data_decoded.iph": true, + "data_decoded.job_id": true, + "data_decoded.nfl": true, + "data_decoded.npc": true, + "data_decoded.progress": true, + "data_decoded.secret": true, + "data_decoded.timestamp": true, + "data_decoded.tpc": true, + "data_json": true, + "debug": true, + "debug_message": true, + "ecs.version": true, + "event.created": true, + "event.kind": true, + "host.architecture": true, + "host.containerized": true, + "host.hostname": true, + "host.id": true, + "host.name": true, + "host.os.codename": true, + "host.os.family": true, + "host.os.kernel": true, + "host.os.name": true, + "host.os.platform": true, + "host.os.type": true, + "host.os.version": true, + "input.type": true, + "journald.code.file": true, + "journald.code.func": true, + "journald.code.line": true, + "journald.custom.runtime_scope": true, + "journald.custom.selinux_context": true, + "journald.custom.syslog_timestamp": true, + "journald.gid": true, + "journald.host.boot_id": true, + "journald.pid": true, + "journald.process.capabilites": true, + "journald.process.command_line": true, + "journald.process.executable": true, + "journald.process.name": true, + "journald.uid": true, + "log.file.path": true, + "log.offset": true, + "log.syslog.facility.name": true, + "log.syslog.priority": true, + "message": true, + "message_decoded.function": true, + "message_decoded.message": false, + "message_decoded.threadName": true, + "message_decoded.timestamp": true, + "message_raw": true, + "parsed_json.component": true, + "parsed_message.component": true, + "parsed_message.desc": true, + "parsed_message.http_code": true, + "parsed_message.method": true, + "parsed_message.params": true, + "parsed_message.params.filePath": true, + "parsed_message.params.subnets_count": true, + "parsed_message.params.templateCount": true, + "parsed_message.params.templateDir": true, + "parsed_message.params.templateName": true, + "parsed_message.route": true, + "parsed_message.route_parameters._controller": true, + "parsed_message.route_parameters._route": true, + "parsed_message.route_parameters.templateName": true, + "process.args": true, + "process.args_count": true, + "process.command_line": true, + "process.pid": true, + "processed_message": true, + "request_uri": true, + "route": true, + "route_parameters": true, + "syslog.facility": true, + "syslog.identifier": true, + "syslog.pid": true, + "syslog.priority": true, + "systemd.cgroup": true, + "systemd.invocation_id": true, + "systemd.slice": true, + "systemd.transport": true, + "systemd.unit": true, + "user.group.id": true, + "user.id": true + }, + "includeByName": {}, + "indexByName": { + "@timestamp": 0, + "_id": 1, + "_index": 2, + "_source": 4, + "_type": 5, + "agent.ephemeral_id": 6, + "agent.hostname": 7, + "agent.id": 8, + "agent.name": 9, + "agent.type": 10, + "agent.version": 11, + "debug_message": 42, + "ecs.version": 12, + "event.created": 16, + "event.kind": 17, + "host.hostname": 13, + "host.id": 14, + "host.name": 15, + "journald.code.file": 43, + "journald.code.func": 44, + "journald.code.line": 45, + "journald.custom.runtime_scope": 18, + "journald.custom.selinux_context": 19, + "journald.gid": 20, + "journald.host.boot_id": 21, + "journald.pid": 22, + "journald.process.capabilites": 23, + "journald.process.command_line": 24, + "journald.process.executable": 25, + "journald.process.name": 26, + "journald.uid": 27, + "log.syslog.priority": 28, + "parsed_json.component": 47, + "parsed_json.desc": 49, + "parsed_json.http_code": 46, + "parsed_json.operation": 48, + "parsed_json.severity": 3, + "process.args": 29, + "process.args_count": 30, + "process.command_line": 31, + "process.pid": 32, + "syslog.identifier": 33, + "syslog.priority": 34, + "systemd.cgroup": 35, + "systemd.invocation_id": 36, + "systemd.slice": 37, + "systemd.transport": 38, + "systemd.unit": 39, + "user.group.id": 40, + "user.id": 41 + }, + "renameByName": { + "@timestamp": "fecha", + "agent.type": "", + "message_decoded.message": "", + "parsed_json.desc": "description", + "parsed_json.http_code": "http_code", + "parsed_json.operation": "operation", + "parsed_json.severity": "log level", + "parsed_message.operation": "operation", + "parsed_message.severity": "log level" + } + } + } + ], + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 41, + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-30m", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "ogrepo-logs", + "uid": "ogrepo-logs", + "version": 2, + "weekStart": "" +} \ No newline at end of file