563 lines
15 KiB
JSON
563 lines
15 KiB
JSON
{
|
|
"__inputs": [
|
|
{
|
|
"name": "DS_OPENSEARCH",
|
|
"label": "OpenSearch",
|
|
"description": "",
|
|
"type": "datasource",
|
|
"pluginId": "grafana-opensearch-datasource",
|
|
"pluginName": "OpenSearch"
|
|
}
|
|
],
|
|
"__elements": {},
|
|
"__requires": [
|
|
{
|
|
"type": "grafana",
|
|
"id": "grafana",
|
|
"name": "Grafana",
|
|
"version": "11.6.3"
|
|
},
|
|
{
|
|
"type": "datasource",
|
|
"id": "grafana-opensearch-datasource",
|
|
"name": "OpenSearch",
|
|
"version": "2.27.0"
|
|
},
|
|
{
|
|
"type": "panel",
|
|
"id": "table",
|
|
"name": "Table",
|
|
"version": ""
|
|
}
|
|
],
|
|
"annotations": {
|
|
"list": [
|
|
{
|
|
"builtIn": 1,
|
|
"datasource": {
|
|
"type": "grafana",
|
|
"uid": "-- Grafana --"
|
|
},
|
|
"enable": true,
|
|
"hide": true,
|
|
"iconColor": "rgba(0, 211, 255, 1)",
|
|
"name": "Annotations & Alerts",
|
|
"type": "dashboard"
|
|
}
|
|
]
|
|
},
|
|
"editable": true,
|
|
"fiscalYearStartMonth": 0,
|
|
"graphTooltip": 0,
|
|
"id": null,
|
|
"links": [],
|
|
"panels": [
|
|
{
|
|
"datasource": {
|
|
"type": "grafana-opensearch-datasource",
|
|
"uid": "OpenSearch-Opengnsys"
|
|
},
|
|
"fieldConfig": {
|
|
"defaults": {
|
|
"color": {
|
|
"mode": "thresholds"
|
|
},
|
|
"custom": {
|
|
"align": "auto",
|
|
"cellOptions": {
|
|
"type": "auto"
|
|
},
|
|
"inspect": false
|
|
},
|
|
"mappings": [],
|
|
"thresholds": {
|
|
"mode": "absolute",
|
|
"steps": [
|
|
{
|
|
"color": "green"
|
|
},
|
|
{
|
|
"color": "red",
|
|
"value": 80
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"overrides": [
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "agent.type"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 121
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "message_decoded.message"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 1250
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "@timestamp"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 193
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "message"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 496
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "host.os.type"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 42
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "data_json"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 359
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "message_decoded.severity"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 203
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "host.hostname"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 159
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "host.ip"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 177
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "host.mac"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 369
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "data_decoded.job_id"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 240
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "data_decoded.secret"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 217
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "description"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 1131
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "parsed_message.request_uri"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 577
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "method"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 120
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "parsed_message.operation"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 227
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "http_code"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 132
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "severity"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 93
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"matcher": {
|
|
"id": "byName",
|
|
"options": "log level"
|
|
},
|
|
"properties": [
|
|
{
|
|
"id": "custom.width",
|
|
"value": 107
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"gridPos": {
|
|
"h": 19,
|
|
"w": 21,
|
|
"x": 0,
|
|
"y": 0
|
|
},
|
|
"id": 1,
|
|
"options": {
|
|
"cellHeight": "sm",
|
|
"footer": {
|
|
"countRows": false,
|
|
"fields": "",
|
|
"reducer": [
|
|
"sum"
|
|
],
|
|
"show": false
|
|
},
|
|
"showHeader": true,
|
|
"sortBy": []
|
|
},
|
|
"pluginVersion": "11.6.3",
|
|
"targets": [
|
|
{
|
|
"alias": "",
|
|
"bucketAggs": [
|
|
{
|
|
"field": "@timestamp",
|
|
"id": "2",
|
|
"settings": {
|
|
"interval": "auto"
|
|
},
|
|
"type": "date_histogram"
|
|
}
|
|
],
|
|
"datasource": {
|
|
"type": "grafana-opensearch-datasource",
|
|
"uid": "OpenSearch-Opengnsys"
|
|
},
|
|
"format": "table",
|
|
"luceneQueryType": "Logs",
|
|
"metrics": [
|
|
{
|
|
"id": "1",
|
|
"type": "logs"
|
|
}
|
|
],
|
|
"query": "syslog.identifier: \"ogdhcp\" AND severity \"INFO\" ",
|
|
"queryType": "lucene",
|
|
"refId": "A",
|
|
"timeField": "@timestamp"
|
|
}
|
|
],
|
|
"title": "Panel Title",
|
|
"transformations": [
|
|
{
|
|
"id": "organize",
|
|
"options": {
|
|
"excludeByName": {
|
|
"_id": true,
|
|
"_index": true,
|
|
"_source": true,
|
|
"_type": true,
|
|
"agent.ephemeral_id": true,
|
|
"agent.hostname": true,
|
|
"agent.id": true,
|
|
"agent.name": true,
|
|
"agent.type": true,
|
|
"agent.version": true,
|
|
"data_decoded.agent_version": true,
|
|
"data_decoded.cfg": true,
|
|
"data_decoded.exe": true,
|
|
"data_decoded.ida": true,
|
|
"data_decoded.idc": true,
|
|
"data_decoded.ido": true,
|
|
"data_decoded.iph": true,
|
|
"data_decoded.job_id": true,
|
|
"data_decoded.nfl": true,
|
|
"data_decoded.npc": true,
|
|
"data_decoded.progress": true,
|
|
"data_decoded.secret": true,
|
|
"data_decoded.timestamp": true,
|
|
"data_decoded.tpc": true,
|
|
"data_json": true,
|
|
"debug": true,
|
|
"ecs.version": true,
|
|
"event.created": true,
|
|
"event.kind": true,
|
|
"host.architecture": true,
|
|
"host.containerized": true,
|
|
"host.hostname": true,
|
|
"host.id": true,
|
|
"host.name": true,
|
|
"host.os.codename": true,
|
|
"host.os.family": true,
|
|
"host.os.kernel": true,
|
|
"host.os.name": true,
|
|
"host.os.platform": true,
|
|
"host.os.type": true,
|
|
"host.os.version": true,
|
|
"input.type": true,
|
|
"journald.custom.runtime_scope": true,
|
|
"journald.custom.selinux_context": true,
|
|
"journald.custom.syslog_timestamp": true,
|
|
"journald.gid": true,
|
|
"journald.host.boot_id": true,
|
|
"journald.pid": true,
|
|
"journald.process.capabilites": true,
|
|
"journald.process.command_line": true,
|
|
"journald.process.executable": true,
|
|
"journald.process.name": true,
|
|
"journald.uid": true,
|
|
"log.file.path": true,
|
|
"log.offset": true,
|
|
"log.syslog.facility.name": true,
|
|
"log.syslog.priority": true,
|
|
"message": true,
|
|
"message_decoded.function": true,
|
|
"message_decoded.message": false,
|
|
"message_decoded.threadName": true,
|
|
"message_decoded.timestamp": true,
|
|
"message_raw": true,
|
|
"parsed_message.component": true,
|
|
"parsed_message.desc": true,
|
|
"parsed_message.http_code": true,
|
|
"parsed_message.method": true,
|
|
"parsed_message.params": true,
|
|
"parsed_message.params.filePath": true,
|
|
"parsed_message.params.subnets_count": true,
|
|
"parsed_message.params.templateCount": true,
|
|
"parsed_message.params.templateDir": true,
|
|
"parsed_message.params.templateName": true,
|
|
"parsed_message.route": true,
|
|
"parsed_message.route_parameters._controller": true,
|
|
"parsed_message.route_parameters._route": true,
|
|
"parsed_message.route_parameters.templateName": true,
|
|
"process.args": true,
|
|
"process.args_count": true,
|
|
"process.command_line": true,
|
|
"process.pid": true,
|
|
"processed_message": true,
|
|
"request_uri": true,
|
|
"route": true,
|
|
"route_parameters": true,
|
|
"syslog.facility": true,
|
|
"syslog.identifier": true,
|
|
"syslog.pid": true,
|
|
"syslog.priority": true,
|
|
"systemd.cgroup": true,
|
|
"systemd.invocation_id": true,
|
|
"systemd.slice": true,
|
|
"systemd.transport": true,
|
|
"systemd.unit": true,
|
|
"user.group.id": true,
|
|
"user.id": true
|
|
},
|
|
"includeByName": {},
|
|
"indexByName": {
|
|
"@timestamp": 0,
|
|
"_id": 2,
|
|
"_index": 3,
|
|
"_source": 4,
|
|
"_type": 5,
|
|
"agent.ephemeral_id": 6,
|
|
"agent.hostname": 7,
|
|
"agent.id": 8,
|
|
"agent.name": 9,
|
|
"agent.type": 10,
|
|
"agent.version": 11,
|
|
"debug": 17,
|
|
"description": 56,
|
|
"ecs.version": 12,
|
|
"event.created": 19,
|
|
"event.kind": 20,
|
|
"host.hostname": 13,
|
|
"host.id": 14,
|
|
"host.name": 15,
|
|
"http_code": 18,
|
|
"journald.custom.runtime_scope": 21,
|
|
"journald.custom.selinux_context": 22,
|
|
"journald.custom.syslog_timestamp": 23,
|
|
"journald.gid": 24,
|
|
"journald.host.boot_id": 25,
|
|
"journald.pid": 26,
|
|
"journald.process.capabilites": 27,
|
|
"journald.process.command_line": 28,
|
|
"journald.process.executable": 29,
|
|
"journald.process.name": 30,
|
|
"journald.uid": 31,
|
|
"log.syslog.facility.name": 32,
|
|
"log.syslog.priority": 33,
|
|
"message": 16,
|
|
"parsed_message.component": 34,
|
|
"parsed_message.desc": 35,
|
|
"parsed_message.http_code": 36,
|
|
"parsed_message.operation": 37,
|
|
"parsed_message.params.templateCount": 38,
|
|
"parsed_message.params.templateDir": 39,
|
|
"parsed_message.params.templateName": 40,
|
|
"parsed_message.severity": 1,
|
|
"process.args": 41,
|
|
"process.args_count": 42,
|
|
"process.command_line": 43,
|
|
"process.pid": 44,
|
|
"processed_message": 45,
|
|
"syslog.facility": 46,
|
|
"syslog.identifier": 47,
|
|
"syslog.pid": 48,
|
|
"syslog.priority": 49,
|
|
"systemd.cgroup": 50,
|
|
"systemd.invocation_id": 51,
|
|
"systemd.slice": 52,
|
|
"systemd.transport": 53,
|
|
"systemd.unit": 54,
|
|
"user.group.id": 55,
|
|
"user.id": 57
|
|
},
|
|
"renameByName": {
|
|
"@timestamp": "fecha",
|
|
"agent.type": "",
|
|
"message_decoded.message": "",
|
|
"parsed_message.operation": "operation",
|
|
"parsed_message.severity": "log level"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"type": "table"
|
|
}
|
|
],
|
|
"refresh": "5s",
|
|
"schemaVersion": 41,
|
|
"tags": [],
|
|
"templating": {
|
|
"list": []
|
|
},
|
|
"time": {
|
|
"from": "now-5m",
|
|
"to": "now"
|
|
},
|
|
"timepicker": {},
|
|
"timezone": "browser",
|
|
"title": "ogdhcp-logs",
|
|
"uid": "ogdhcp-logs",
|
|
"version": 3,
|
|
"weekStart": ""
|
|
}
|