2017-02-10 13:53:08 +00:00
< md-content flex layout = "column" ng-if = "submenuNavItem == 'general'" ng-controller = "overviewGeneralController" layout-align = "start" >
2016-09-20 08:55:43 +00:00
2017-02-13 19:58:44 +00:00
<!-- Kibana search bar -->
2017-07-21 11:51:13 +00:00
< kbn-searchbar class = "wazuh-searchbar" ng-if = "tabView == 'panels'" > < / kbn-searchbar >
2017-06-19 17:00:19 +00:00
< div class = 'uil-ring-css' ng-if = "tabView == 'panels'" ng-show = '!hideRing(15)' > < div > < / div > < / div >
2017-02-13 19:58:44 +00:00
2017-02-10 21:33:49 +00:00
<!-- No results message -->
2017-07-03 15:51:46 +00:00
< md-content flex layout = "row" layout-align = "start start" ng-show = "!results && !loading" ng-if = "tabView == 'panels' && hideRing(15)" >
2017-02-10 21:33:49 +00:00
< md-card flex layout = "column" >
< md-card-content style = "text-align: center;" >
No results for selected time interval
< / md-card-content >
< / md-card >
< / md-content >
2017-02-07 16:05:53 +00:00
<!-- View: Discover -->
2017-07-27 16:24:50 +00:00
< md-content style = "background-color: white" flex layout = "column" layout-align = "start space-around" ng-show = "tabView == 'discover'" >
2017-02-07 16:05:53 +00:00
< kbn-disfull table-height = "1000px;" dis-a = "(columns:!(_source),filters:!(),index:'wazuh-alerts-*',interval:auto,query:(query_string:(analyze_wildcard:!t,query:'*')),sort:!('@timestamp',desc))"
2017-02-14 18:33:24 +00:00
dis-filter="manager.name: {{defaultManager ? defaultManager : '*'}}"
2017-02-07 16:05:53 +00:00
infinite-scroll="true">
< / kbn-disfull >
< / md-content >
2016-12-13 15:32:35 +00:00
2017-02-07 16:05:53 +00:00
<!-- View: Panels -->
2017-07-03 15:51:46 +00:00
< div ng-show = "hideRing(15) && results && !loading" ng-if = "tabView == 'panels'" >
2017-07-10 19:18:51 +00:00
< div layout = "row" layout-align = "center stretch" class = "no-legend" >
2017-02-07 16:05:53 +00:00
< md-card flex layout = "column" >
< md-card-content >
< kbn-vis vis-height = "58px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(customLabel:'Alerts'),schema:metric,type:count)),listeners:(),params:(fontSize:20,handleNoResults:!t),title:'Metric Alerts',type:metric))"
vis-filter="*">
< / kbn-vis >
< / md-card-content >
< / md-card >
2016-09-20 08:55:43 +00:00
2017-02-07 16:05:53 +00:00
< md-card flex layout = "column" >
< md-card-content >
2017-03-03 16:52:59 +00:00
< kbn-vis vis-height = "58px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(customLabel:'Level 12 or above alerts'),schema:metric,type:count)),listeners:(),params:(fontSize:20,handleNoResults:!t),title:'Metric Level 12 or above',type:metric))"
vis-filter="rule.level:[12 TO *]"
2016-09-22 12:02:46 +00:00
>
2017-02-07 16:05:53 +00:00
< / kbn-vis >
2016-09-20 08:55:43 +00:00
2017-02-07 16:05:53 +00:00
< / md-card-content >
< / md-card >
2016-09-20 08:55:43 +00:00
2017-02-07 16:05:53 +00:00
< md-card flex layout = "column" >
< md-card-content >
< kbn-vis vis-height = "58px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(customLabel:'Authentication failure'),schema:metric,type:count)),listeners:(),params:(fontSize:20,handleNoResults:!t),title:'Metric auth failed',type:metric))"
2017-03-04 04:34:10 +00:00
vis-filter="(rule.groups: authentication_failed OR rule.groups: authentication_failures)"
2017-02-07 16:05:53 +00:00
>
2017-01-30 12:03:17 +00:00
< / kbn-vis >
2017-03-04 04:34:10 +00:00
< / md-card-content >
2017-02-07 16:05:53 +00:00
< / md-card >
2016-12-13 15:32:35 +00:00
2017-02-07 16:05:53 +00:00
< md-card flex layout = "column" >
< md-card-content >
< kbn-vis vis-height = "58px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(customLabel:'Authentication success'),schema:metric,type:count)),listeners:(),params:(fontSize:20,handleNoResults:!t),title:'Metric auth success',type:metric))"
vis-filter="rule.groups: authentication_success"
>
2017-01-30 12:03:17 +00:00
< / kbn-vis >
2017-02-07 16:05:53 +00:00
< / md-card-content >
< / md-card >
< / div >
2017-02-13 19:58:44 +00:00
< div layout = "row" layout-align = "start stretch" >
< md-card flex class = "visBox-alert-level-evolution" >
2017-02-07 16:05:53 +00:00
< md-card-content >
< span class = "md-headline" > Alert level evolution< / span >
2017-02-14 18:33:24 +00:00
< kbn-vis vis-height = "150px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'3',params:(field:rule.level,order:desc,orderBy:'1',size:5),schema:group,type:terms),(enabled:!t,id:'2',params:(customInterval:'1h',extended_bounds:(),field:'@timestamp',interval:auto,min_doc_count:1),schema:segment,type:date_histogram)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,drawLinesBetweenPoints:!t,interpolate:cardinal,legendPosition:right,radiusRatio:9,scale:linear,setYExtents:!f,shareYAxis:!t,showCircles:!t,smoothLines:!f,times:!(),yAxis:()),title:'Alert%20level%20evolution',type:line))"
2017-02-13 19:58:44 +00:00
vis-filter="*">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< md-card flex = "60" >
< md-card-content >
< span class = "md-headline" > Alerts< / span >
2017-02-13 19:58:44 +00:00
< kbn-vis vis-height = "150px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(legendOpen:!f)),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customInterval:'2h',extended_bounds:(),field:'@timestamp',interval:'auto',min_doc_count:1),schema:segment,type:date_histogram)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,mode:stacked,scale:linear,setYExtents:!f,shareYAxis:!t,times:!(),yAxis:()),title:'Alerts',type:histogram))"
vis-filter="*">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< / div >
2016-09-02 10:01:01 +00:00
2017-02-07 19:45:31 +00:00
< div layout = "row" layout-align = "space-between stretch" >
2017-02-13 19:58:44 +00:00
< md-card flex >
2017-02-07 16:05:53 +00:00
< md-card-content >
2017-02-10 13:53:08 +00:00
< span class = "md-headline" > Top 5 agents< / span >
< kbn-vis vis-height = "170px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:agent.name,order:desc,orderBy:'1',size:5),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,shareYAxis:!t),title:'Top agents',type:pie))"
2017-02-07 16:05:53 +00:00
vis-filter="*">
< / kbn-vis >
< / md-card-content >
< / md-card >
2017-02-13 19:58:44 +00:00
< md-card flex >
2017-02-07 16:05:53 +00:00
< md-card-content >
< span class = "md-headline" > Alerts evolution - Top 5 agents< / span >
2017-02-16 12:51:11 +00:00
< kbn-vis vis-height = "193px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'3',params:(field:agent.name,order:desc,orderBy:'1',size:5),schema:group,type:terms),(enabled:!t,id:'2',params:(customInterval:'2h',extended_bounds:(),field:'@timestamp',interval:auto,min_doc_count:1),schema:segment,type:date_histogram)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,interpolate:linear,legendPosition:right,mode:stacked,scale:linear,setYExtents:!f,shareYAxis:!t,smoothLines:!t,times:!(),yAxis:()),title:Agents,type:area))"
2017-02-07 16:05:53 +00:00
vis-filter="*"
>
< / kbn-vis >
< / md-card-content >
< / md-card >
2017-02-10 13:53:08 +00:00
< md-card layout = "column" flex = "35" >
2017-02-07 16:05:53 +00:00
< md-card-content >
< span class = "md-headline" > Agents status< / span >
2017-08-08 19:06:08 +00:00
< kbn-vis vis-height = "193px" vis-index-pattern = "wazuh-monitoring-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'2',params:(customInterval:'2h',extended_bounds:(),field:'@timestamp',interval:'auto',min_doc_count:1),schema:segment,type:date_histogram),(enabled:!t,id:'3',params:(field:data.id),schema:metric,type:cardinality),(enabled:!t,id:'4',params:(field:data.status,order:asc,orderBy:'3',size:5),schema:group,type:terms)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,drawLinesBetweenPoints:!t,interpolate:linear,radiusRatio:9,scale:linear,setYExtents:!f,shareYAxis:!t,showCircles:!t,smoothLines:!f,times:!(),yAxis:()),title:'Agents Status',type:line))"
2017-02-14 18:33:24 +00:00
vis-filter="manager.name: {{defaultManager}}">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< / div >
2017-02-13 19:58:44 +00:00
2017-07-27 16:24:50 +00:00
< div class = "no-legend" layout = "row" layout-align = "center stretch" >
2017-02-07 16:05:53 +00:00
< md-card flex layout = "column" >
< md-card-content style = "text-align: center;" >
2017-08-08 19:06:08 +00:00
< kbn-vis-value vis-height = "29px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:data.srcuser,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'Top source user',type:table))" vis-filter = "*" > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< div class = "ng-binding" > Top source user< / div >
< / md-card-content >
< / md-card >
< md-card flex layout = "column" >
< md-card-content style = "text-align: center;" >
2017-08-08 19:06:08 +00:00
< kbn-vis-value vis-height = "29px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:data.srcip,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'Top source ip',type:table))" vis-filter = "*" > < / kbn-vis-value >
2017-02-07 16:05:53 +00:00
< div class = "ng-binding" > Top source ip< / div >
< / md-card-content >
< / md-card >
< md-card flex layout = "column" >
< md-card-content style = "text-align: center;" >
< kbn-vis-value vis-height = "29px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:rule.groups,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'Top group',type:table))" vis-filter = "*" > < / kbn-vis-value >
< div class = "ng-binding" > Top group< / div >
< / md-card-content >
< / md-card >
< md-card flex layout = "column" >
< md-card-content style = "text-align: center;" >
< kbn-vis-value vis-height = "29px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:rule.pci_dss,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'Top PCI DSS',type:table))" vis-filter = "*" > < / kbn-vis-value >
< div class = "ng-binding" > Top PCI DSS requirement< / div >
< / md-card-content >
< / md-card >
< / div >
< div layout = "row" layout-align = "center stretch" >
2017-02-10 13:53:08 +00:00
< md-card flex = "60" >
2017-02-07 16:05:53 +00:00
< md-card-title >
< md-card-title-text >
< span class = "md-headline" > Alerts summary< / span >
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-02-10 13:53:08 +00:00
< kbn-vis vis-height = "450px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:3,direction:desc)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customLabel:'Rule ID',field:rule.id,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'3',params:(customLabel:Description,field:rule.description,order:desc,orderBy:'1',size:1),schema:bucket,type:terms),(enabled:!t,id:'4',params:(customLabel:Level,field:rule.level,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:10,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:5,direction:desc),totalFunc:sum),title:'Alerts%20summary',type:table))"
vis-filter="*">
< / kbn-vis >
< / md-card-content >
< / md-card >
< md-card flex = "40" >
< md-card-title >
< md-card-title-text >
< span class = "md-headline" > Groups summary< / span >
< / md-card-title-text >
< / md-card-title >
< md-card-content >
2017-03-07 16:53:38 +00:00
< kbn-vis vis-height = "450px" vis-index-pattern = "wazuh-alerts-*" vis-a = "(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:1,direction:desc)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customLabel:Group,field:rule.groups,order:desc,orderBy:'1',size:99999),schema:bucket,type:terms)),listeners:(),params:(perPage:10,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:5,direction:desc),totalFunc:sum),title:'Groups',type:table))"
2017-06-07 10:08:52 +00:00
vis-filter="*">
2017-02-07 16:05:53 +00:00
< / kbn-vis >
< / md-card-content >
< / md-card >
< / div >
< div flex > < / div >
< / div >
2016-12-13 15:32:35 +00:00
< / md-content >