mmguero/export.json

## export.json
{
  "attributes": {
    "description": "",
    "kibanaSavedObjectMeta": {
      "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
    },
    "title": "Example table with transform",
    "uiStateJSON": "{}",
    "version": 1,
    "visState": "{\"title\":\"Example table with transform\",\"type\":\"transform\",\"aggs\":[],\"params\":{\"meta\":\"({})\",\"multiquerydsl\":\"{\\n  \\\"topn\\\": {\\n    \\\"index\\\": \\\"zeekicata-*\\\",\\n    \\\"query\\\": {\\n      \\\"bool\\\": {\\n        \\\"must\\\": [\\n          \\\"_DASHBOARD_CONTEXT_\\\",\\n          \\\"_TIME_RANGE_[firstPacket]\\\",\\n          {\\n            \\\"match\\\": {\\n              \\\"event.dataset\\\": \\\"files\\\"\\n            }\\n          },\\n          {\\n            \\\"match\\\": {\\n              \\\"event.provider\\\": \\\"zeek\\\"\\n            }\\n          }\\n        ]\\n      }\\n    },\\n    \\\"aggs\\\": {\\n      \\\"uris\\\": {\\n        \\\"terms\\\": {\\n          \\\"field\\\": \\\"zeek.files.extracted_uri\\\",\\n          \\\"size\\\": 20,\\n          \\\"order\\\": { \\\"_key\\\": \\\"asc\\\" }\\n        }\\n      }\\n    }\\n  }\\n}\",\"formula\":\"<link rel=\\\"stylesheet\\\" href=\\\"/css/styles.css\\\">\\n\\n<h2>Extracted File Downloads</h2>\\n<p><small>Only the 20 results are displayed, sorted alphabetically. Apply filters to narrow the scope.</small></p>\\n<table class=\\\"table caption-top\\\">\\n  <thead>\\n    <tr>\\n      <th scope=\\\"col\\\">Download File (if preserved)</th>\\n      <th scope=\\\"col\\\">Count</th>\\n    </tr>\\n  </thead>\\n  <tbody>\\n    {{#response.topn.aggregations.uris.buckets}} \\n    <tr>\\n      <th scope=\\\"row\\\"><a href=\\\"/{{key}}\\\">{{key}}</a></th>\\n      <td>{{doc_count}}</td>\\n    </tr>\\n    {{/response.topn.aggregations.uris.buckets}} \\n    </tbody>\\n</table>\\n\"}}"
  },
  "id": "e87df6b0-f124-11ee-b6bb-474cdc003f68",
  "migrationVersion": {
    "visualization": "7.10.0"
  },
  "references": [],
  "type": "visualization",
  "updated_at": "2024-04-02T19:45:42.403Z",
  "version": "Wzk4NiwxXQ=="
}
{
  "exportedCount": 1,
  "missingRefCount": 0,
  "missingReferences": []
}
	{
	"attributes": {
	"description": "",
	"kibanaSavedObjectMeta": {
	"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
	},
	"title": "Example table with transform",
	"uiStateJSON": "{}",
	"version": 1,
	"visState": "{\"title\":\"Example table with transform\",\"type\":\"transform\",\"aggs\":[],\"params\":{\"meta\":\"({})\",\"multiquerydsl\":\"{\\n \\\"topn\\\": {\\n \\\"index\\\": \\\"zeekicata-*\\\",\\n \\\"query\\\": {\\n \\\"bool\\\": {\\n \\\"must\\\": [\\n \\\"_DASHBOARD_CONTEXT_\\\",\\n \\\"_TIME_RANGE_[firstPacket]\\\",\\n {\\n \\\"match\\\": {\\n \\\"event.dataset\\\": \\\"files\\\"\\n }\\n },\\n {\\n \\\"match\\\": {\\n \\\"event.provider\\\": \\\"zeek\\\"\\n }\\n }\\n ]\\n }\\n },\\n \\\"aggs\\\": {\\n \\\"uris\\\": {\\n \\\"terms\\\": {\\n \\\"field\\\": \\\"zeek.files.extracted_uri\\\",\\n \\\"size\\\": 20,\\n \\\"order\\\": { \\\"_key\\\": \\\"asc\\\" }\\n }\\n }\\n }\\n }\\n}\",\"formula\":\"<link rel=\\\"stylesheet\\\" href=\\\"/css/styles.css\\\">\\n\\n<h2>Extracted File Downloads</h2>\\n<p><small>Only the 20 results are displayed, sorted alphabetically. Apply filters to narrow the scope.</small></p>\\n<table class=\\\"table caption-top\\\">\\n <thead>\\n <tr>\\n <th scope=\\\"col\\\">Download File (if preserved)</th>\\n <th scope=\\\"col\\\">Count</th>\\n </tr>\\n </thead>\\n <tbody>\\n {{#response.topn.aggregations.uris.buckets}} \\n <tr>\\n <th scope=\\\"row\\\"><a href=\\\"/{{key}}\\\">{{key}}</a></th>\\n <td>{{doc_count}}</td>\\n </tr>\\n {{/response.topn.aggregations.uris.buckets}} \\n </tbody>\\n</table>\\n\"}}"
	},
	"id": "e87df6b0-f124-11ee-b6bb-474cdc003f68",
	"migrationVersion": {
	"visualization": "7.10.0"
	},
	"references": [],
	"type": "visualization",
	"updated_at": "2024-04-02T19:45:42.403Z",
	"version": "Wzk4NiwxXQ=="
	}
	{
	"exportedCount": 1,
	"missingRefCount": 0,
	"missingReferences": []
	}