From 407fb71e08a1ab7eff0a85fe29cb80bca465407d Mon Sep 17 00:00:00 2001 From: lgromero Date: Tue, 29 Jul 2025 13:47:37 +0200 Subject: [PATCH] refs #2543 adds new filebeat logs and modifies grafana configuration to allow embbed links and public dashboards --- etc/grafana/grafana.ini | 8 + .../dashboards/filebeat-clients.json | 448 ++++++++++++++++++ 2 files changed, 456 insertions(+) create mode 100644 etc/grafana/resources/dashboards/filebeat-clients.json diff --git a/etc/grafana/grafana.ini b/etc/grafana/grafana.ini index 7f5c8a8..be27fc6 100644 --- a/etc/grafana/grafana.ini +++ b/etc/grafana/grafana.ini @@ -15,6 +15,14 @@ path = /var/lib/grafana/grafana.db [auth] disable_login_form = false +[auth.anonymous] +enabled = true + +[public_dashboards] +enabled = true + +[security] +allow_embedding = true #################################### SMTP / Emailing ########################## [smtp] enabled = true diff --git a/etc/grafana/resources/dashboards/filebeat-clients.json b/etc/grafana/resources/dashboards/filebeat-clients.json new file mode 100644 index 0000000..5edf988 --- /dev/null +++ b/etc/grafana/resources/dashboards/filebeat-clients.json @@ -0,0 +1,448 @@ +{ + "__inputs": [ + { + "name": "DS_OPENSEARCH", + "label": "OpenSearch", + "description": "", + "type": "datasource", + "pluginId": "grafana-opensearch-datasource", + "pluginName": "OpenSearch" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "11.6.3" + }, + { + "type": "datasource", + "id": "grafana-opensearch-datasource", + "name": "OpenSearch", + "version": "2.27.0" + }, + { + "type": "panel", + "id": "table", + "name": "Table", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "panels": [ + { + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "agent.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 121 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.message" + }, + "properties": [ + { + "id": "custom.width", + "value": 1250 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "@timestamp" + }, + "properties": [ + { + "id": "custom.width", + "value": 193 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message" + }, + "properties": [ + { + "id": "custom.width", + "value": 496 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.os.type" + }, + "properties": [ + { + "id": "custom.width", + "value": 42 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_json" + }, + "properties": [ + { + "id": "custom.width", + "value": 359 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "message_decoded.severity" + }, + "properties": [ + { + "id": "custom.width", + "value": 203 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.hostname" + }, + "properties": [ + { + "id": "custom.width", + "value": 159 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.ip" + }, + "properties": [ + { + "id": "custom.width", + "value": 177 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "host.mac" + }, + "properties": [ + { + "id": "custom.width", + "value": 369 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.job_id" + }, + "properties": [ + { + "id": "custom.width", + "value": 240 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "data_decoded.secret" + }, + "properties": [ + { + "id": "custom.width", + "value": 217 + } + ] + } + ] + }, + "gridPos": { + "h": 22, + "w": 22, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "@timestamp" + } + ] + }, + "pluginVersion": "11.6.3", + "targets": [ + { + "alias": "", + "bucketAggs": [ + { + "field": "@timestamp", + "id": "2", + "settings": { + "interval": "auto" + }, + "type": "date_histogram" + } + ], + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "format": "table", + "luceneQueryType": "Logs", + "metrics": [ + { + "id": "1", + "type": "logs" + } + ], + "query": "agent.hostname: $hostname AND host.mac: $mac AND agent.type: \"filebeat\"", + "queryType": "lucene", + "refId": "A", + "timeField": "@timestamp" + } + ], + "title": "Panel Title", + "transformations": [ + { + "id": "organize", + "options": { + "excludeByName": { + "_id": true, + "_index": true, + "_source": true, + "_type": true, + "agent.ephemeral_id": true, + "agent.hostname": true, + "agent.id": true, + "agent.name": true, + "agent.type": true, + "agent.version": true, + "data_decoded.agent_version": true, + "data_decoded.cfg": true, + "data_decoded.exe": true, + "data_decoded.ida": true, + "data_decoded.idc": true, + "data_decoded.ido": true, + "data_decoded.iph": true, + "data_decoded.job_id": true, + "data_decoded.nfl": true, + "data_decoded.npc": true, + "data_decoded.progress": true, + "data_decoded.secret": true, + "data_decoded.timestamp": true, + "data_decoded.tpc": true, + "data_json": true, + "ecs.version": true, + "host.architecture": true, + "host.containerized": true, + "host.id": true, + "host.name": true, + "host.os.codename": true, + "host.os.family": true, + "host.os.kernel": true, + "host.os.name": true, + "host.os.platform": true, + "host.os.type": true, + "host.os.version": true, + "input.type": true, + "log.file.path": true, + "log.offset": true, + "message": true, + "message_decoded.function": true, + "message_decoded.message": false, + "message_decoded.threadName": true, + "message_decoded.timestamp": true, + "message_raw": true + }, + "includeByName": {}, + "indexByName": { + "@timestamp": 0, + "_id": 1, + "_index": 2, + "_source": 3, + "_type": 4, + "agent.ephemeral_id": 5, + "agent.hostname": 6, + "agent.id": 7, + "agent.name": 8, + "agent.type": 9, + "agent.version": 10, + "data_decoded.iph": 11, + "data_decoded.timestamp": 13, + "data_json": 35, + "ecs.version": 14, + "host.architecture": 15, + "host.containerized": 16, + "host.hostname": 17, + "host.id": 19, + "host.ip": 18, + "host.mac": 20, + "host.name": 21, + "host.os.codename": 22, + "host.os.family": 23, + "host.os.kernel": 24, + "host.os.name": 25, + "host.os.platform": 26, + "host.os.type": 27, + "host.os.version": 28, + "input.type": 29, + "log.file.path": 30, + "log.offset": 31, + "message": 38, + "message_decoded.function": 32, + "message_decoded.message": 33, + "message_decoded.severity": 12, + "message_decoded.threadName": 34, + "message_decoded.timestamp": 36, + "message_raw": 37 + }, + "renameByName": { + "agent.type": "", + "message_decoded.message": "" + } + } + } + ], + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 41, + "tags": [], + "templating": { + "list": [ + { + "current": {}, + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "definition": "{\"find\": \"terms\", \"field\": \"agent.hostname\"}", + "description": "Hostname to select logs", + "includeAll": true, + "label": "Host", + "multi": true, + "name": "hostname", + "options": [], + "query": "{\"find\": \"terms\", \"field\": \"agent.hostname\"}", + "refresh": 1, + "regex": "", + "sort": 1, + "type": "query" + }, + { + "current": {}, + "datasource": { + "type": "grafana-opensearch-datasource", + "uid": "${DS_OPENSEARCH}" + }, + "definition": "{\"find\": \"terms\", \"field\": \"host.mac\"}", + "includeAll": true, + "label": "mac", + "multi": true, + "name": "mac", + "options": [], + "query": "{\"find\": \"terms\", \"field\": \"host.mac\"}", + "refresh": 1, + "regex": "", + "type": "query" + } + ] + }, + "time": { + "from": "now-5m", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "filebeat-clients", + "uid": "opengnsys-clients", + "version": 2, + "weekStart": "" +} \ No newline at end of file