2017-02-16 12:51:11 +00:00
< md-content flex layout = "column" ng-if = "submenuNavItem == 'oscap'" ng-controller = "overviewOSCAPController" layout-align = "start" >
2017-01-13 20:34:35 +00:00
2017-02-13 19:58:44 +00:00
<!-- Kibana search bar -->
2017-09-07 15:32:37 +00:00
< kbn-searchbar ng-if = "tabView == 'panels'" > < / kbn-searchbar >
2017-06-19 17:00:19 +00:00
< div class = 'uil-ring-css' ng-if = "tabView == 'panels'" ng-show = '!hideRing(14)' > < div > < / div > < / div >
2017-08-13 22:40:58 +00:00
2017-02-10 13:53:08 +00:00
<!-- No results message -->
2017-07-03 15:51:46 +00:00
< md-content flex layout = "row" layout-align = "start start" ng-show = "!results && !loading" ng-if = "tabView == 'panels' && hideRing(14)" >
2017-02-10 13:53:08 +00:00
< md-card flex layout = "column" >
< md-card-content style = "text-align: center;" >
No results for selected time interval
< / md-card-content >
2017-08-13 22:40:58 +00:00
< / md-card >
< / md-content >
2017-02-07 16:05:53 +00:00
<!-- View: Discover -->
2017-10-24 16:51:45 +00:00
< md-content style = "background-color: white" flex layout = "column" layout-align = "start space-around" ng-if = "tabView == 'discover'" >
2017-08-13 22:40:58 +00:00
< kbn-disfull table-height = "1000px;" dis-a = "(columns:!(_source),filters:!(),index:'wazuh-alerts-*',interval:auto,query:(query_string:(analyze_wildcard:!t,query:'*')),sort:!('@timestamp',desc))"
dis-filter="rule.groups:oscap"
2017-02-07 16:05:53 +00:00
infinite-scroll="true">
< / kbn-disfull >
2017-08-13 22:40:58 +00:00
< / md-content >
2017-02-07 16:05:53 +00:00
<!-- View: Panels -->
2017-07-03 15:51:46 +00:00
< div ng-show = "hideRing(14) && results && !loading" ng-if = "tabView == 'panels'" >
2017-10-09 15:49:10 +00:00
< md-content layout = "row" layout-align = "center stretch" >
2017-02-07 16:05:53 +00:00
< md-card flex = "20" layout = "column" >
< md-card-content style = "text-align: center;" >
< div class = "ng-binding" > Last score< / div >
2017-10-11 12:12:05 +00:00
< kbn-vis-value vis-height = "37px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:data.oscap.scan.score,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter = "*" > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< / md-card-content >
2017-01-13 20:34:35 +00:00
< / md-card >
2017-02-07 16:05:53 +00:00
< md-card flex = "40" layout = "column" >
< md-card-content style = "text-align: center;" >
< div class = "ng-binding" > Last agent scanned< / div >
2017-10-11 12:12:05 +00:00
< kbn-vis-value vis-height = "37px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:agent.name,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter = "data.oscap.check.result: fail AND rule.groups:oscap" > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< / md-card-content >
2017-01-13 20:34:35 +00:00
< / md-card >
2017-02-07 16:05:53 +00:00
< md-card flex = "40" layout = "column" >
< md-card-content style = "text-align: center;" >
< div class = "ng-binding" > Last scan profile< / div >
2017-10-11 12:12:05 +00:00
< kbn-vis-value vis-height = "37px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:data.oscap.scan.profile.title,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter = "data.oscap.check.result: fail AND rule.groups: oscap " > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< / md-card-content >
< / md-card >
< / md-content >
2017-08-13 22:40:58 +00:00
2017-02-07 16:05:53 +00:00
2017-10-09 15:49:10 +00:00
< md-content layout = "row" layout-align = "center stretch" >
2017-02-07 16:05:53 +00:00
< md-card flex = "25" >
< md-card-title >
< md-card-title-text >
< span class = "md-headline" > Agents< / span >
< / md-card-title-text >
< / md-card-title >
< md-card-content >
< kbn-vis vis-height = "154px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:agent.name,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Agents',type:pie))"
2017-08-08 20:25:32 +00:00
vis-filter="data.oscap.check.result: fail AND rule.groups: oscap AND NOT rule.groups: syslog ">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< md-card flex = "25" >
< md-card-title >
< md-card-title-text >
< span class = "md-headline" > Profiles< / span >
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-08-08 19:06:08 +00:00
< kbn-vis vis-height = "154px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'3',params:(field:data.oscap.scan.profile.title,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Profiles',type:pie))"
2017-08-08 20:25:32 +00:00
vis-filter="data.oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< md-card flex = "25" >
< md-card-title >
< md-card-title-text >
< span class = "md-headline" > Content< / span >
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-08-08 19:06:08 +00:00
< kbn-vis vis-height = "154px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:data.oscap.scan.content,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Content',type:pie))"
2017-08-08 20:25:32 +00:00
vis-filter="data.oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
2017-08-13 22:40:58 +00:00
2017-02-07 16:05:53 +00:00
< md-card flex = "25" >
< md-card-title >
< md-card-title-text >
< span class = "md-headline" > Severity< / span >
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-08-08 19:06:08 +00:00
< kbn-vis vis-height = "154px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:data.oscap.check.severity,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Content',type:pie))"
2017-08-08 20:25:32 +00:00
vis-filter="data.oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< / md-content >
2017-10-09 15:49:10 +00:00
< md-content layout = "row" layout-align = "start stretch" >
2017-02-16 12:51:11 +00:00
< md-card flex >
2017-02-07 16:05:53 +00:00
< md-card-title >
< md-card-title-text >
2017-02-10 13:53:08 +00:00
< span class = "md-headline" > Top 5 Agents - Severity high< / span >
2017-02-07 16:05:53 +00:00
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-02-10 13:53:08 +00:00
< kbn-vis vis-height = "150px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:agent.name,order:desc,orderBy:'1',size:5),schema:group,type:terms)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,legendPosition:right,mode:grouped,scale:linear,setYExtents:!f,times:!()),title:'New%20Visualization',type:histogram))"
2017-08-10 19:24:21 +00:00
vis-filter="rule.groups: oscap AND data.oscap.check.severity: high">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< / md-content >
2017-08-13 22:40:58 +00:00
2017-10-09 15:49:10 +00:00
< md-content layout = "row" layout-align = "center stretch" >
2017-02-07 16:05:53 +00:00
< md-card flex = "50" >
2017-01-13 20:34:35 +00:00
< md-card-title >
< md-card-title-text >
2017-02-07 16:05:53 +00:00
< span class = "md-headline" > Top 10 - Alerts< / span >
2017-01-13 20:34:35 +00:00
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-08-08 19:06:08 +00:00
< kbn-vis class = "vis-expand-leyend" vis-height = "300px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:data.oscap.check.title,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!f,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Top%2020%20failed%20checks',type:pie))"
2017-08-08 20:25:32 +00:00
vis-filter="data.oscap.check.result: fail AND rule.groups:oscap AND rule.groups: oscap-result AND data.oscap.check.result:fail">
2017-01-13 20:34:35 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
2017-08-13 22:40:58 +00:00
2017-02-07 16:05:53 +00:00
< md-card flex = "50" >
2017-01-13 20:34:35 +00:00
< md-card-title >
< md-card-title-text >
2017-02-07 16:05:53 +00:00
< span class = "md-headline" > Top 10 - High risk alerts< / span >
2017-01-13 20:34:35 +00:00
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-08-08 19:06:08 +00:00
< kbn-vis class = "vis-expand-leyend" vis-height = "300px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:data.oscap.check.title,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!f,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Top%2020%20failed%20checks',type:pie))"
2017-08-08 20:25:32 +00:00
vis-filter="data.oscap.check.severity: high AND data.oscap.check.result: fail AND rule.groups:oscap AND rule.groups: oscap-result AND data.oscap.check.result:fail">
2017-01-13 20:34:35 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
2017-08-13 22:40:58 +00:00
2017-02-07 16:05:53 +00:00
< / md-content >
2017-08-13 22:40:58 +00:00
2017-10-09 15:49:10 +00:00
< md-content layout = "row" layout-align = "center stretch" >
2017-02-07 16:05:53 +00:00
< md-card flex = "20" layout = "column" >
2017-09-14 14:00:09 +00:00
< md-card-content class = "metric" >
< div class = "ng-binding" > Highest score< / div >
2017-10-11 12:12:05 +00:00
< kbn-vis-value vis-height = "44px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:data.oscap.scan.score),schema:metric,type:max)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:max),title:'Highest score',type:table))" vis-filter = "*" > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< / md-card-content >
< / md-card >
< md-card flex = "20" layout = "column" >
2017-09-14 14:00:09 +00:00
< md-card-content class = "metric" >
< div class = "ng-binding" > Lowest score< / div >
2017-10-11 12:12:05 +00:00
< kbn-vis-value vis-height = "44px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:data.oscap.scan.score),schema:metric,type:min)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:min),title:'Lowest score',type:table))" vis-filter = "*" > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< / md-card-content >
< / md-card >
< md-card flex = "60" layout = "column" >
< md-card-content style = "text-align: center;" >
< div class = "ng-binding" > Latest alert< / div >
2017-10-11 12:12:05 +00:00
< kbn-vis-value vis-height = "44px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:data.oscap.check.title,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter = "data.oscap.check.result: fail AND rule.groups:oscap" > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< / md-card-content >
< / md-card >
< / md-content >
2017-08-13 22:40:58 +00:00
2017-10-09 15:49:10 +00:00
< md-content layout-align = "center stretch" >
2017-02-07 16:05:53 +00:00
< md-card flex >
2017-01-13 20:34:35 +00:00
< md-card-title >
< md-card-title-text >
2017-02-07 16:05:53 +00:00
< span class = "md-headline" > Last alerts< / span >
2017-01-13 20:34:35 +00:00
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-08-08 19:06:08 +00:00
< kbn-vis vis-height = "450px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customLabel:'Agent name',field:agent.name,order:desc,orderBy:'1',size:99999),schema:bucket,type:terms),(enabled:!t,id:'3',params:(customLabel:Title,field:data.oscap.check.title,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'4',params:(customLabel:Profile,field:data.oscap.scan.profile.title,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'5',params:(customLabel:'Scan ID',field:data.oscap.scan.id,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'6',params:(customLabel:Content,field:data.oscap.scan.content,order:desc,orderBy:'1',size:5),schema:bucket,type:terms)),listeners:(),params:(perPage:10,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))"
2017-08-08 20:25:32 +00:00
vis-filter='data.oscap.check.result: fail AND rule.groups: oscap'>
2017-01-13 20:34:35 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
2017-02-07 16:05:53 +00:00
< / md-content >
< / div >
2017-09-14 14:00:09 +00:00
< / md-content >
