Skip to content

Instantly share code, notes, and snippets.

@rogerthat

rogerthat/gist:33a91e1e2001eb6c3758

Created January 22, 2015 15:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rogerthat/33a91e1e2001eb6c3758 to your computer and use it in GitHub Desktop.
Save rogerthat/33a91e1e2001eb6c3758 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
{"user":"guest","group":"guest","title":"DX-Console","dashboard":"{\"title\":\"DX-Console\",\"services\":{\"query\":{\"list\":{\"0\":{\"query\":\"cscore=sql\",\"alias\":\"\",\"color\":\"#7EB26D\",\"id\":0,\"pin\":true,\"type\":\"lucene\",\"enable\":true},\"1\":{\"id\":1,\"color\":\"#EAB839\",\"alias\":\"\",\"pin\":true,\"type\":\"lucene\",\"enable\":true,\"query\":\"cscore=uwa\"},\"2\":{\"id\":2,\"color\":\"#6ED0E0\",\"alias\":\"\",\"pin\":true,\"type\":\"lucene\",\"enable\":true,\"query\":\"cscore=xss\"},\"3\":{\"id\":3,\"color\":\"#EF843C\",\"alias\":\"\",\"pin\":true,\"type\":\"lucene\",\"enable\":true,\"query\":\"cscore=attack\"},\"4\":{\"id\":4,\"color\":\"#E24D42\",\"alias\":\"\",\"pin\":true,\"type\":\"lucene\",\"enable\":true,\"query\":\"cscore=rfi\"},\"5\":{\"id\":5,\"color\":\"#1F78C1\",\"alias\":\"\",\"pin\":false,\"type\":\"lucene\",\"enable\":true,\"query\":\"*java\"}},\"ids\":[0,1,2,3,4,5]},\"filter\":{\"list\":{\"0\":{\"type\":\"terms\",\"field\":\"_type\",\"value\":\"ngx_err\",\"mandate\":\"must\",\"active\":true,\"alias\":\"\",\"id\":0},\"1\":{\"type\":\"field\",\"field\":\"tags\",\"query\":\"\\\"t_naxsi_event\\\"\",\"mandate\":\"must\",\"active\":true,\"alias\":\"\",\"id\":1},\"2\":{\"type\":\"terms\",\"field\":\"sid\",\"value\":\"42000361\",\"mandate\":\"mustNot\",\"active\":true,\"alias\":\"\",\"id\":2},\"3\":{\"type\":\"time\",\"field\":\"@timestamp\",\"from\":\"now-7d\",\"to\":\"now\",\"mandate\":\"must\",\"active\":true,\"alias\":\"\",\"id\":3}},\"ids\":[0,1,2,3]}},\"rows\":[{\"title\":\"All Attacks\",\"height\":\"150px\",\"editable\":true,\"collapse\":false,\"collapsable\":true,\"panels\":[{\"span\":12,\"editable\":true,\"type\":\"histogram\",\"loadingEditor\":false,\"mode\":\"count\",\"time_field\":\"@timestamp\",\"value_field\":null,\"x-axis\":true,\"y-axis\":true,\"scale\":1,\"y_format\":\"none\",\"grid\":{\"max\":null,\"min\":0},\"queries\":{\"mode\":\"pinned\",\"ids\":[0,1,2,3,4]},\"annotate\":{\"enable\":false,\"query\":\"*\",\"size\":20,\"field\":\"_type\",\"sort\":[\"_score\",\"desc\"]},\"auto_int\":false,\"resolution\":100,\"interval\":\"1h\",\"intervals\":[\"auto\",\"1s\",\"1m\",\"5m\",\"10m\",\"30m\",\"1h\",\"3h\",\"12h\",\"1d\",\"1w\",\"1y\"],\"lines\":false,\"fill\":1,\"linewidth\":1,\"points\":false,\"pointradius\":5,\"bars\":true,\"stack\":true,\"spyable\":true,\"zoomlinks\":true,\"options\":true,\"legend\":true,\"show_query\":true,\"interactive\":true,\"legend_counts\":true,\"timezone\":\"browser\",\"percentage\":false,\"zerofill\":true,\"derivative\":false,\"tooltip\":{\"value_type\":\"cumulative\",\"query_as_alias\":true},\"title\":\"All Attacks\"}],\"notice\":false},{\"title\":\"Global\",\"height\":\"250px\",\"editable\":true,\"collapse\":true,\"collapsable\":true,\"panels\":[{\"error\":false,\"span\":6,\"editable\":true,\"type\":\"map\",\"loadingEditor\":false,\"map\":\"world\",\"colors\":[\"#A0E2E2\",\"#265656\"],\"size\":100,\"exclude\":[],\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0]},\"field\":\"geoip.country_code2\",\"title\":\"Geo_IP\"},{\"height\":\"200px\",\"chart\":\"pie\",\"field\":\"geoip.country_code2\",\"span\":3,\"type\":\"terms\",\"title\":\"Top 10 Countries\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":10,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\"},{\"height\":\"200px\",\"chart\":\"pie\",\"field\":\"geoip.continent_code\",\"span\":3,\"type\":\"terms\",\"title\":\"Top 10 Continets\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":10,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true}],\"notice\":false},{\"title\":\"SIDs\",\"height\":\"150px\",\"editable\":true,\"collapse\":false,\"collapsable\":true,\"panels\":[{\"height\":\"200px\",\"chart\":\"pie\",\"field\":\"sid\",\"span\":3,\"type\":\"terms\",\"title\":\"SIDs\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":10,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true},{\"height\":\"200px\",\"chart\":\"pie\",\"field\":\"naxsi_sensor\",\"span\":3,\"type\":\"terms\",\"title\":\"Sensors\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":10,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true},{\"height\":\"200px\",\"chart\":\"pie\",\"field\":\"mz\",\"span\":3,\"type\":\"terms\",\"title\":\"Top 10 MZ\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":10,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\"},{\"height\":\"200px\",\"chart\":\"pie\",\"field\":\"cscore\",\"span\":3,\"type\":\"terms\",\"title\":\"Top 10 Scores\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":10,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true}],\"notice\":false},{\"title\":\"Tables\",\"height\":\"150px\",\"editable\":true,\"collapse\":false,\"collapsable\":true,\"panels\":[{\"height\":\"200px\",\"chart\":\"table\",\"field\":\"Host\",\"span\":4,\"type\":\"terms\",\"title\":\"Top 10 Hosts\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":20,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true},{\"height\":\"200px\",\"chart\":\"table\",\"field\":\"PEER_IP\",\"span\":4,\"type\":\"terms\",\"title\":\"Top 20 IPs\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":20,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":false,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true},{\"height\":\"200px\",\"chart\":\"table\",\"field\":\"sid\",\"span\":4,\"type\":\"terms\",\"title\":\"SIDs\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":20,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":false,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true},{\"height\":\"200px\",\"chart\":\"table\",\"field\":\"URI\",\"span\":4,\"type\":\"terms\",\"title\":\"Top 20 URIs\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":20,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":false,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true},{\"height\":\"200px\",\"chart\":\"table\",\"field\":\"naxsi_sensor\",\"span\":3,\"type\":\"terms\",\"title\":\"Sensors\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":20,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":true,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"counter_pos\":\"above\",\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\",\"editable\":true}],\"notice\":false},{\"title\":\"Graph\",\"height\":\"200px\",\"editable\":true,\"collapse\":false,\"collapsable\":true,\"panels\":[{\"error\":false,\"span\":3,\"editable\":true,\"group\":[\"default\"],\"type\":\"terms\",\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"field\":\"_type\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":100,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":false,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"chart\":\"pie\",\"counter_pos\":\"none\",\"title\":\"Document types\",\"spyable\":true,\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\"},{\"span\":3,\"editable\":true,\"group\":[\"default\"],\"type\":\"terms\",\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"field\":\"_type\",\"exclude\":[],\"missing\":true,\"other\":true,\"size\":10,\"order\":\"count\",\"style\":{\"font-size\":\"10pt\"},\"donut\":false,\"tilt\":false,\"labels\":true,\"arrangement\":\"horizontal\",\"chart\":\"table\",\"counter_pos\":\"above\",\"spyable\":true,\"title\":\"Document Types\",\"tmode\":\"terms\",\"tstat\":\"total\",\"valuefield\":\"\"}],\"notice\":false},{\"title\":\"Events\",\"height\":\"650px\",\"editable\":true,\"collapse\":false,\"collapsable\":true,\"panels\":[{\"error\":false,\"span\":12,\"editable\":true,\"group\":[\"default\"],\"type\":\"table\",\"size\":100,\"pages\":5,\"offset\":0,\"sort\":[\"@timestamp\",\"desc\"],\"style\":{\"font-size\":\"9pt\"},\"overflow\":\"min-height\",\"fields\":[\"@timestamp\",\"PEER_IP\",\"sid\",\"mz\",\"URI\",\"Host\",\"cscore\",\"score\"],\"highlight\":[],\"sortable\":true,\"header\":true,\"paging\":true,\"spyable\":true,\"queries\":{\"mode\":\"all\",\"ids\":[0,1,2,3,4,5]},\"field_list\":true,\"status\":\"Stable\",\"trimFactor\":300,\"normTimes\":true,\"title\":\"Documents\",\"all_fields\":false,\"localTime\":false,\"timeField\":\"@timestamp\"}],\"notice\":false}],\"editable\":true,\"index\":{\"interval\":\"day\",\"pattern\":\"[logstash-]YYYY.MM.DD\",\"default\":\"_all\",\"warm_fields\":false},\"style\":\"light\",\"failover\":true,\"panel_hints\":true,\"loader\":{\"save_gist\":false,\"save_elasticsearch\":true,\"save_local\":true,\"save_default\":true,\"save_temp\":true,\"save_temp_ttl_enable\":true,\"save_temp_ttl\":\"30d\",\"load_gist\":false,\"load_elasticsearch\":true,\"load_elasticsearch_size\":20,\"load_local\":true,\"hide\":false},\"pulldowns\":[{\"type\":\"query\",\"collapse\":false,\"notice\":false,\"query\":\"*\",\"pinned\":true,\"history\":[\"*java\",\"cscore=rfi\",\"cscore=attack\",\"cscore=xss\",\"cscore=uwa\",\"cscore=sql\",\"*\",\"\",\"score=sql\",\"score=uwa\"],\"remember\":10,\"enable\":true},{\"type\":\"filtering\",\"collapse\":false,\"notice\":true,\"enable\":true}],\"nav\":[{\"type\":\"timepicker\",\"collapse\":false,\"notice\":false,\"status\":\"Stable\",\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"],\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"timefield\":\"@timestamp\",\"enable\":true,\"now\":true,\"filter_id\":3}],\"refresh\":\"5m\"}"}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment