From bd2987fe97c984d9c67c1355b762f1f0c7c55405 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs=20=C3=81ngel=20Gonz=C3=A1lez?= Date: Mon, 9 Apr 2018 18:56:15 +0200 Subject: [PATCH] Split visualizations for manager ruleset --- .../ruleset/ruleset-decoders.js | 16 +++++ .../visualizations/ruleset/ruleset-rules.js | 66 +++++++++++++++++++ 2 files changed, 82 insertions(+) create mode 100644 server/integration-files/visualizations/ruleset/ruleset-decoders.js create mode 100644 server/integration-files/visualizations/ruleset/ruleset-rules.js diff --git a/server/integration-files/visualizations/ruleset/ruleset-decoders.js b/server/integration-files/visualizations/ruleset/ruleset-decoders.js new file mode 100644 index 000000000..edc254715 --- /dev/null +++ b/server/integration-files/visualizations/ruleset/ruleset-decoders.js @@ -0,0 +1,16 @@ +module.exports = [ + { + "_id": "Wazuh-App-Manager-Ruleset-Decoders-Top-24h-Decoder-name", + "_source": { + "title": "Wazuh App Manager Ruleset Decoders Top 24h Decoder name", + "visState": "{\"title\":\"Wazuh App Manager Ruleset Decoders Top 24h Decoder name\",\"type\":\"area\",\"params\":{\"type\":\"area\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"decoder.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"h\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"wazuh-alerts\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" + } + }, + "_type": "visualization" + } +] \ No newline at end of file diff --git a/server/integration-files/visualizations/ruleset/ruleset-rules.js b/server/integration-files/visualizations/ruleset/ruleset-rules.js new file mode 100644 index 000000000..5cb924518 --- /dev/null +++ b/server/integration-files/visualizations/ruleset/ruleset-rules.js @@ -0,0 +1,66 @@ +module.exports = [ + { + "_id": "Wazuh-App-Manager-Ruleset-Rules-Top-24h-Groups", + "_source": { + "title": "Wazuh App Manager Ruleset Rules Top 24h Groups", + "visState": + "{\"title\":\"Wazuh App Manager Ruleset Rules Top 24h Groups\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"rule.groups\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": + "{\"index\":\"wazuh-alerts\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" + } + }, + "_type": "visualization" + }, + { + "_id": "Wazuh-App-Manager-Ruleset-Rules-Top-24h-Level", + "_source": { + "title": "Wazuh App Manager Ruleset Rules Top 24h Level", + "visState": + "{\"title\":\"Wazuh App Manager Ruleset Rules Top 24h Level\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"rule.level\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": + "{\"index\":\"wazuh-alerts\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" + } + }, + "_type": "visualization" + }, + { + "_id": "Wazuh-App-Manager-Ruleset-Rules-Top-24h-Rule-ID", + "_source": { + "title": "Wazuh App Manager Ruleset Rules Top 24h Rule ID", + "visState": + "{\"title\":\"Wazuh App Manager Ruleset Rules Top 24h Rule ID\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"rule.id\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": + "{\"index\":\"wazuh-alerts\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" + } + }, + "_type": "visualization" + }, + { + "_id": "Wazuh-App-Manager-Ruleset-Rules-Top-24h-PCI-DSS-requirements", + "_source": { + "title": "Wazuh App Manager Ruleset Rules Top 24h PCI DSS requirements", + "visState": + "{\"title\":\"Wazuh App Manager Ruleset Rules Top 24h PCI DSS requirements\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"rule.pci_dss\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": + "{\"index\":\"wazuh-alerts\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}" + } + }, + "_type": "visualization" + } +] \ No newline at end of file