juliojsb/security-dashboard-grafana.json

## security-dashboard-grafana.json
  {
  "annotations": {
    "list": [
      {
        "builtIn": 1,
        "datasource": "-- Grafana --",
        "enable": true,
        "hide": true,
        "iconColor": "rgba(0, 211, 255, 1)",
        "name": "Annotations & Alerts",
        "type": "dashboard"
      }
    ]
  },
  "editable": true,
  "gnetId": null,
  "graphTooltip": 0,
  "id": 13,
  "iteration": 1543350905281,
  "links": [],
  "panels": [
    {
      "aliasColors": {},
      "bars": true,
      "dashLength": 10,
      "dashes": false,
      "datasource": null,
      "fill": 1,
      "gridPos": {
        "h": 9,
        "w": 24,
        "x": 0,
        "y": 0
      },
      "id": 2,
      "legend": {
        "alignAsTable": true,
        "avg": false,
        "current": false,
        "hideEmpty": false,
        "hideZero": false,
        "max": false,
        "min": false,
        "rightSide": true,
        "show": true,
        "total": false,
        "values": false
      },
      "lines": false,
      "linewidth": 1,
      "links": [],
      "nullPointMode": "connected",
      "percentage": false,
      "pointradius": 5,
      "points": false,
      "renderer": "flot",
      "seriesOverrides": [],
      "spaceLength": 10,
      "stack": true,
      "steppedLine": false,
      "targets": [
        {
          "alias": "user-sessions",
          "groupBy": [
            {
              "params": [
                "$__interval"
              ],
              "type": "time"
            },
            {
              "params": [
                "null"
              ],
              "type": "fill"
            }
          ],
          "hide": false,
          "orderByTime": "ASC",
          "policy": "default",
          "query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'auth_user_session') AND $timeFilter GROUP BY time(10m) fill(null)",
          "rawQuery": true,
          "refId": "A",
          "resultFormat": "time_series",
          "select": [
            [
              {
                "params": [
                  "value"
                ],
                "type": "field"
              },
              {
                "params": [],
                "type": "mean"
              }
            ]
          ],
          "tags": []
        }
      ],
      "thresholds": [],
      "timeFrom": null,
      "timeShift": null,
      "title": "Total User Sessions",
      "tooltip": {
        "shared": true,
        "sort": 0,
        "value_type": "individual"
      },
      "type": "graph",
      "xaxis": {
        "buckets": null,
        "mode": "time",
        "name": null,
        "show": true,
        "values": []
      },
      "yaxes": [
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        },
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        }
      ],
      "yaxis": {
        "align": false,
        "alignLevel": null
      }
    },
    {
      "aliasColors": {},
      "bars": true,
      "dashLength": 10,
      "dashes": false,
      "datasource": null,
      "fill": 1,
      "gridPos": {
        "h": 7,
        "w": 12,
        "x": 0,
        "y": 9
      },
      "id": 5,
      "legend": {
        "alignAsTable": true,
        "avg": false,
        "current": false,
        "hideEmpty": false,
        "hideZero": false,
        "max": false,
        "min": false,
        "rightSide": true,
        "show": true,
        "total": false,
        "values": false
      },
      "lines": false,
      "linewidth": 1,
      "links": [],
      "nullPointMode": "connected",
      "percentage": false,
      "pointradius": 5,
      "points": false,
      "renderer": "flot",
      "seriesOverrides": [],
      "spaceLength": 10,
      "stack": true,
      "steppedLine": false,
      "targets": [
        {
          "alias": "sshd-invalid-user",
          "groupBy": [
            {
              "params": [
                "$__interval"
              ],
              "type": "time"
            },
            {
              "params": [
                "null"
              ],
              "type": "fill"
            }
          ],
          "hide": false,
          "orderByTime": "ASC",
          "policy": "default",
          "query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'sshd_invalid_user') AND $timeFilter GROUP BY time(10m) fill(null)",
          "rawQuery": true,
          "refId": "A",
          "resultFormat": "time_series",
          "select": [
            [
              {
                "params": [
                  "value"
                ],
                "type": "field"
              },
              {
                "params": [],
                "type": "mean"
              }
            ]
          ],
          "tags": []
        }
      ],
      "thresholds": [],
      "timeFrom": null,
      "timeShift": null,
      "title": "SSHD Invalid user",
      "tooltip": {
        "shared": true,
        "sort": 0,
        "value_type": "individual"
      },
      "type": "graph",
      "xaxis": {
        "buckets": null,
        "mode": "time",
        "name": null,
        "show": true,
        "values": []
      },
      "yaxes": [
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        },
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        }
      ],
      "yaxis": {
        "align": false,
        "alignLevel": null
      }
    },
    {
      "aliasColors": {},
      "bars": true,
      "dashLength": 10,
      "dashes": false,
      "datasource": null,
      "fill": 1,
      "gridPos": {
        "h": 7,
        "w": 12,
        "x": 12,
        "y": 9
      },
      "id": 3,
      "legend": {
        "alignAsTable": true,
        "avg": false,
        "current": false,
        "hideEmpty": false,
        "hideZero": false,
        "max": false,
        "min": false,
        "rightSide": true,
        "show": true,
        "total": false,
        "values": false
      },
      "lines": false,
      "linewidth": 1,
      "links": [],
      "nullPointMode": "connected",
      "percentage": false,
      "pointradius": 5,
      "points": false,
      "renderer": "flot",
      "seriesOverrides": [],
      "spaceLength": 10,
      "stack": true,
      "steppedLine": false,
      "targets": [
        {
          "alias": "modsecurity-block",
          "groupBy": [
            {
              "params": [
                "$__interval"
              ],
              "type": "time"
            },
            {
              "params": [
                "null"
              ],
              "type": "fill"
            }
          ],
          "hide": false,
          "orderByTime": "ASC",
          "policy": "default",
          "query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'modsecurity_block') AND $timeFilter GROUP BY time(10m) fill(null)",
          "rawQuery": true,
          "refId": "A",
          "resultFormat": "time_series",
          "select": [
            [
              {
                "params": [
                  "value"
                ],
                "type": "field"
              },
              {
                "params": [],
                "type": "mean"
              }
            ]
          ],
          "tags": []
        }
      ],
      "thresholds": [],
      "timeFrom": null,
      "timeShift": null,
      "title": "Modsecurity Blocked Requests",
      "tooltip": {
        "shared": true,
        "sort": 0,
        "value_type": "individual"
      },
      "type": "graph",
      "xaxis": {
        "buckets": null,
        "mode": "time",
        "name": null,
        "show": true,
        "values": []
      },
      "yaxes": [
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        },
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        }
      ],
      "yaxis": {
        "align": false,
        "alignLevel": null
      }
    },
    {
      "aliasColors": {},
      "bars": true,
      "dashLength": 10,
      "dashes": false,
      "datasource": null,
      "fill": 1,
      "gridPos": {
        "h": 7,
        "w": 12,
        "x": 0,
        "y": 16
      },
      "id": 4,
      "legend": {
        "alignAsTable": true,
        "avg": false,
        "current": false,
        "hideEmpty": false,
        "hideZero": false,
        "max": false,
        "min": false,
        "rightSide": true,
        "show": true,
        "total": false,
        "values": false
      },
      "lines": false,
      "linewidth": 1,
      "links": [],
      "nullPointMode": "connected",
      "percentage": false,
      "pointradius": 5,
      "points": false,
      "renderer": "flot",
      "seriesOverrides": [],
      "spaceLength": 10,
      "stack": true,
      "steppedLine": false,
      "targets": [
        {
          "alias": "fail2ban-block",
          "groupBy": [
            {
              "params": [
                "$__interval"
              ],
              "type": "time"
            },
            {
              "params": [
                "null"
              ],
              "type": "fill"
            }
          ],
          "hide": false,
          "orderByTime": "ASC",
          "policy": "default",
          "query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'fail2ban_block') AND $timeFilter GROUP BY time(10m) fill(null)",
          "rawQuery": true,
          "refId": "A",
          "resultFormat": "time_series",
          "select": [
            [
              {
                "params": [
                  "value"
                ],
                "type": "field"
              },
              {
                "params": [],
                "type": "mean"
              }
            ]
          ],
          "tags": []
        }
      ],
      "thresholds": [],
      "timeFrom": null,
      "timeShift": null,
      "title": "Fail2ban blocks",
      "tooltip": {
        "shared": true,
        "sort": 0,
        "value_type": "individual"
      },
      "type": "graph",
      "xaxis": {
        "buckets": null,
        "mode": "time",
        "name": null,
        "show": true,
        "values": []
      },
      "yaxes": [
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        },
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        }
      ],
      "yaxis": {
        "align": false,
        "alignLevel": null
      }
    },
    {
      "aliasColors": {},
      "bars": true,
      "dashLength": 10,
      "dashes": false,
      "datasource": null,
      "fill": 1,
      "gridPos": {
        "h": 7,
        "w": 12,
        "x": 12,
        "y": 16
      },
      "id": 6,
      "legend": {
        "alignAsTable": true,
        "avg": false,
        "current": false,
        "hideEmpty": false,
        "hideZero": false,
        "max": false,
        "min": false,
        "rightSide": true,
        "show": true,
        "total": false,
        "values": false
      },
      "lines": false,
      "linewidth": 1,
      "links": [],
      "nullPointMode": "connected",
      "percentage": false,
      "pointradius": 5,
      "points": false,
      "renderer": "flot",
      "seriesOverrides": [],
      "spaceLength": 10,
      "stack": true,
      "steppedLine": false,
      "targets": [
        {
          "alias": "ssh-logins",
          "groupBy": [
            {
              "params": [
                "$__interval"
              ],
              "type": "time"
            },
            {
              "params": [
                "null"
              ],
              "type": "fill"
            }
          ],
          "hide": false,
          "orderByTime": "ASC",
          "policy": "default",
          "query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'sshd_login') AND $timeFilter GROUP BY time(10m) fill(null)",
          "rawQuery": true,
          "refId": "A",
          "resultFormat": "time_series",
          "select": [
            [
              {
                "params": [
                  "value"
                ],
                "type": "field"
              },
              {
                "params": [],
                "type": "mean"
              }
            ]
          ],
          "tags": []
        }
      ],
      "thresholds": [],
      "timeFrom": null,
      "timeShift": null,
      "title": "SSH logins",
      "tooltip": {
        "shared": true,
        "sort": 0,
        "value_type": "individual"
      },
      "type": "graph",
      "xaxis": {
        "buckets": null,
        "mode": "time",
        "name": null,
        "show": true,
        "values": []
      },
      "yaxes": [
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        },
        {
          "format": "none",
          "label": null,
          "logBase": 1,
          "max": null,
          "min": null,
          "show": true
        }
      ],
      "yaxis": {
        "align": false,
        "alignLevel": null
      }
    }
  ],
  "schemaVersion": 16,
  "style": "dark",
  "tags": [
    "os",
    "server",
    "security"
  ],
  "templating": {
    "list": [
      {
        "allValue": null,
        "current": {
          "text": "jota-server",
          "value": "jota-server"
        },
        "datasource": "collectd_db",
        "hide": 0,
        "includeAll": false,
        "label": null,
        "multi": false,
        "name": "host",
        "options": [],
        "query": "SHOW TAG VALUES WITH KEY=host",
        "refresh": 1,
        "regex": "",
        "skipUrlSync": false,
        "sort": 0,
        "tagValuesQuery": "",
        "tags": [],
        "tagsQuery": "",
        "type": "query",
        "useTags": false
      }
    ]
  },
  "time": {
    "from": "now-12h",
    "to": "now"
  },
  "timepicker": {
    "refresh_intervals": [
      "5s",
      "10s",
      "30s",
      "1m",
      "5m",
      "15m",
      "30m",
      "1h",
      "2h",
      "1d"
    ],
    "time_options": [
      "5m",
      "15m",
      "1h",
      "6h",
      "12h",
      "24h",
      "2d",
      "7d",
      "30d"
    ]
  },
  "timezone": "",
  "title": "Server - Security",
  "uid": "ftCEL3fmk",
  "version": 13
}
	{
	"annotations": {
	"list": [
	{
	"builtIn": 1,
	"datasource": "-- Grafana --",
	"enable": true,
	"hide": true,
	"iconColor": "rgba(0, 211, 255, 1)",
	"name": "Annotations & Alerts",
	"type": "dashboard"
	}
	]
	},
	"editable": true,
	"gnetId": null,
	"graphTooltip": 0,
	"id": 13,
	"iteration": 1543350905281,
	"links": [],
	"panels": [
	{
	"aliasColors": {},
	"bars": true,
	"dashLength": 10,
	"dashes": false,
	"datasource": null,
	"fill": 1,
	"gridPos": {
	"h": 9,
	"w": 24,
	"x": 0,
	"y": 0
	},
	"id": 2,
	"legend": {
	"alignAsTable": true,
	"avg": false,
	"current": false,
	"hideEmpty": false,
	"hideZero": false,
	"max": false,
	"min": false,
	"rightSide": true,
	"show": true,
	"total": false,
	"values": false
	},
	"lines": false,
	"linewidth": 1,
	"links": [],
	"nullPointMode": "connected",
	"percentage": false,
	"pointradius": 5,
	"points": false,
	"renderer": "flot",
	"seriesOverrides": [],
	"spaceLength": 10,
	"stack": true,
	"steppedLine": false,
	"targets": [
	{
	"alias": "user-sessions",
	"groupBy": [
	{
	"params": [
	"$__interval"
	],
	"type": "time"
	},
	{
	"params": [
	"null"
	],
	"type": "fill"
	}
	],
	"hide": false,
	"orderByTime": "ASC",
	"policy": "default",
	"query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'auth_user_session') AND $timeFilter GROUP BY time(10m) fill(null)",
	"rawQuery": true,
	"refId": "A",
	"resultFormat": "time_series",
	"select": [
	[
	{
	"params": [
	"value"
	],
	"type": "field"
	},
	{
	"params": [],
	"type": "mean"
	}
	]
	],
	"tags": []
	}
	],
	"thresholds": [],
	"timeFrom": null,
	"timeShift": null,
	"title": "Total User Sessions",
	"tooltip": {
	"shared": true,
	"sort": 0,
	"value_type": "individual"
	},
	"type": "graph",
	"xaxis": {
	"buckets": null,
	"mode": "time",
	"name": null,
	"show": true,
	"values": []
	},
	"yaxes": [
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	},
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	}
	],
	"yaxis": {
	"align": false,
	"alignLevel": null
	}
	},
	{
	"aliasColors": {},
	"bars": true,
	"dashLength": 10,
	"dashes": false,
	"datasource": null,
	"fill": 1,
	"gridPos": {
	"h": 7,
	"w": 12,
	"x": 0,
	"y": 9
	},
	"id": 5,
	"legend": {
	"alignAsTable": true,
	"avg": false,
	"current": false,
	"hideEmpty": false,
	"hideZero": false,
	"max": false,
	"min": false,
	"rightSide": true,
	"show": true,
	"total": false,
	"values": false
	},
	"lines": false,
	"linewidth": 1,
	"links": [],
	"nullPointMode": "connected",
	"percentage": false,
	"pointradius": 5,
	"points": false,
	"renderer": "flot",
	"seriesOverrides": [],
	"spaceLength": 10,
	"stack": true,
	"steppedLine": false,
	"targets": [
	{
	"alias": "sshd-invalid-user",
	"groupBy": [
	{
	"params": [
	"$__interval"
	],
	"type": "time"
	},
	{
	"params": [
	"null"
	],
	"type": "fill"
	}
	],
	"hide": false,
	"orderByTime": "ASC",
	"policy": "default",
	"query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'sshd_invalid_user') AND $timeFilter GROUP BY time(10m) fill(null)",
	"rawQuery": true,
	"refId": "A",
	"resultFormat": "time_series",
	"select": [
	[
	{
	"params": [
	"value"
	],
	"type": "field"
	},
	{
	"params": [],
	"type": "mean"
	}
	]
	],
	"tags": []
	}
	],
	"thresholds": [],
	"timeFrom": null,
	"timeShift": null,
	"title": "SSHD Invalid user",
	"tooltip": {
	"shared": true,
	"sort": 0,
	"value_type": "individual"
	},
	"type": "graph",
	"xaxis": {
	"buckets": null,
	"mode": "time",
	"name": null,
	"show": true,
	"values": []
	},
	"yaxes": [
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	},
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	}
	],
	"yaxis": {
	"align": false,
	"alignLevel": null
	}
	},
	{
	"aliasColors": {},
	"bars": true,
	"dashLength": 10,
	"dashes": false,
	"datasource": null,
	"fill": 1,
	"gridPos": {
	"h": 7,
	"w": 12,
	"x": 12,
	"y": 9
	},
	"id": 3,
	"legend": {
	"alignAsTable": true,
	"avg": false,
	"current": false,
	"hideEmpty": false,
	"hideZero": false,
	"max": false,
	"min": false,
	"rightSide": true,
	"show": true,
	"total": false,
	"values": false
	},
	"lines": false,
	"linewidth": 1,
	"links": [],
	"nullPointMode": "connected",
	"percentage": false,
	"pointradius": 5,
	"points": false,
	"renderer": "flot",
	"seriesOverrides": [],
	"spaceLength": 10,
	"stack": true,
	"steppedLine": false,
	"targets": [
	{
	"alias": "modsecurity-block",
	"groupBy": [
	{
	"params": [
	"$__interval"
	],
	"type": "time"
	},
	{
	"params": [
	"null"
	],
	"type": "fill"
	}
	],
	"hide": false,
	"orderByTime": "ASC",
	"policy": "default",
	"query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'modsecurity_block') AND $timeFilter GROUP BY time(10m) fill(null)",
	"rawQuery": true,
	"refId": "A",
	"resultFormat": "time_series",
	"select": [
	[
	{
	"params": [
	"value"
	],
	"type": "field"
	},
	{
	"params": [],
	"type": "mean"
	}
	]
	],
	"tags": []
	}
	],
	"thresholds": [],
	"timeFrom": null,
	"timeShift": null,
	"title": "Modsecurity Blocked Requests",
	"tooltip": {
	"shared": true,
	"sort": 0,
	"value_type": "individual"
	},
	"type": "graph",
	"xaxis": {
	"buckets": null,
	"mode": "time",
	"name": null,
	"show": true,
	"values": []
	},
	"yaxes": [
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	},
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	}
	],
	"yaxis": {
	"align": false,
	"alignLevel": null
	}
	},
	{
	"aliasColors": {},
	"bars": true,
	"dashLength": 10,
	"dashes": false,
	"datasource": null,
	"fill": 1,
	"gridPos": {
	"h": 7,
	"w": 12,
	"x": 0,
	"y": 16
	},
	"id": 4,
	"legend": {
	"alignAsTable": true,
	"avg": false,
	"current": false,
	"hideEmpty": false,
	"hideZero": false,
	"max": false,
	"min": false,
	"rightSide": true,
	"show": true,
	"total": false,
	"values": false
	},
	"lines": false,
	"linewidth": 1,
	"links": [],
	"nullPointMode": "connected",
	"percentage": false,
	"pointradius": 5,
	"points": false,
	"renderer": "flot",
	"seriesOverrides": [],
	"spaceLength": 10,
	"stack": true,
	"steppedLine": false,
	"targets": [
	{
	"alias": "fail2ban-block",
	"groupBy": [
	{
	"params": [
	"$__interval"
	],
	"type": "time"
	},
	{
	"params": [
	"null"
	],
	"type": "fill"
	}
	],
	"hide": false,
	"orderByTime": "ASC",
	"policy": "default",
	"query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'fail2ban_block') AND $timeFilter GROUP BY time(10m) fill(null)",
	"rawQuery": true,
	"refId": "A",
	"resultFormat": "time_series",
	"select": [
	[
	{
	"params": [
	"value"
	],
	"type": "field"
	},
	{
	"params": [],
	"type": "mean"
	}
	]
	],
	"tags": []
	}
	],
	"thresholds": [],
	"timeFrom": null,
	"timeShift": null,
	"title": "Fail2ban blocks",
	"tooltip": {
	"shared": true,
	"sort": 0,
	"value_type": "individual"
	},
	"type": "graph",
	"xaxis": {
	"buckets": null,
	"mode": "time",
	"name": null,
	"show": true,
	"values": []
	},
	"yaxes": [
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	},
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	}
	],
	"yaxis": {
	"align": false,
	"alignLevel": null
	}
	},
	{
	"aliasColors": {},
	"bars": true,
	"dashLength": 10,
	"dashes": false,
	"datasource": null,
	"fill": 1,
	"gridPos": {
	"h": 7,
	"w": 12,
	"x": 12,
	"y": 16
	},
	"id": 6,
	"legend": {
	"alignAsTable": true,
	"avg": false,
	"current": false,
	"hideEmpty": false,
	"hideZero": false,
	"max": false,
	"min": false,
	"rightSide": true,
	"show": true,
	"total": false,
	"values": false
	},
	"lines": false,
	"linewidth": 1,
	"links": [],
	"nullPointMode": "connected",
	"percentage": false,
	"pointradius": 5,
	"points": false,
	"renderer": "flot",
	"seriesOverrides": [],
	"spaceLength": 10,
	"stack": true,
	"steppedLine": false,
	"targets": [
	{
	"alias": "ssh-logins",
	"groupBy": [
	{
	"params": [
	"$__interval"
	],
	"type": "time"
	},
	{
	"params": [
	"null"
	],
	"type": "fill"
	}
	],
	"hide": false,
	"orderByTime": "ASC",
	"policy": "default",
	"query": "SELECT non_negative_derivative(last(\"value\"), 10m) FROM \"tail_value\" WHERE (\"host\" =~ /^$host$/ AND \"type_instance\" = 'sshd_login') AND $timeFilter GROUP BY time(10m) fill(null)",
	"rawQuery": true,
	"refId": "A",
	"resultFormat": "time_series",
	"select": [
	[
	{
	"params": [
	"value"
	],
	"type": "field"
	},
	{
	"params": [],
	"type": "mean"
	}
	]
	],
	"tags": []
	}
	],
	"thresholds": [],
	"timeFrom": null,
	"timeShift": null,
	"title": "SSH logins",
	"tooltip": {
	"shared": true,
	"sort": 0,
	"value_type": "individual"
	},
	"type": "graph",
	"xaxis": {
	"buckets": null,
	"mode": "time",
	"name": null,
	"show": true,
	"values": []
	},
	"yaxes": [
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	},
	{
	"format": "none",
	"label": null,
	"logBase": 1,
	"max": null,
	"min": null,
	"show": true
	}
	],
	"yaxis": {
	"align": false,
	"alignLevel": null
	}
	}
	],
	"schemaVersion": 16,
	"style": "dark",
	"tags": [
	"os",
	"server",
	"security"
	],
	"templating": {
	"list": [
	{
	"allValue": null,
	"current": {
	"text": "jota-server",
	"value": "jota-server"
	},
	"datasource": "collectd_db",
	"hide": 0,
	"includeAll": false,
	"label": null,
	"multi": false,
	"name": "host",
	"options": [],
	"query": "SHOW TAG VALUES WITH KEY=host",
	"refresh": 1,
	"regex": "",
	"skipUrlSync": false,
	"sort": 0,
	"tagValuesQuery": "",
	"tags": [],
	"tagsQuery": "",
	"type": "query",
	"useTags": false
	}
	]
	},
	"time": {
	"from": "now-12h",
	"to": "now"
	},
	"timepicker": {
	"refresh_intervals": [
	"5s",
	"10s",
	"30s",
	"1m",
	"5m",
	"15m",
	"30m",
	"1h",
	"2h",
	"1d"
	],
	"time_options": [
	"5m",
	"15m",
	"1h",
	"6h",
	"12h",
	"24h",
	"2d",
	"7d",
	"30d"
	]
	},
	"timezone": "",
	"title": "Server - Security",
	"uid": "ftCEL3fmk",
	"version": 13
	}