2018-11-19 19:38:36 +00:00
[
{
2018-11-20 17:09:29 +00:00
"_id" : "29f51af0-4876-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Heralding Protocols Histogram" ,
"visState" : "{\"title\":\"Heralding Protocols Histogram\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Events\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"step-after\",\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"proto.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "4e2887d0-8379-11e7-97dc-15d31af3c77f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Honeytrap Heatmap" ,
"visState" : "{\"title\":\"Honeytrap Heatmap\",\"type\":\"heatmap\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"enableHover\":false,\"legendPosition\":\"right\",\"times\":[],\"colorsNumber\":10,\"colorSchema\":\"Green to Red\",\"setColorRange\":false,\"colorsRange\":[],\"invertColors\":false,\"percentageMode\":false,\"valueAxes\":[{\"show\":false,\"id\":\"ValueAxis-1\",\"type\":\"value\",\"scale\":{\"type\":\"square root\",\"defaultYExtents\":false},\"labels\":{\"show\":false,\"rotate\":0,\"color\":\"#555\",\"overwriteColor\":false}}],\"type\":\"heatmap\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Destination Port\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"defaultColors\":{\"0 - 650\":\"rgb(0,104,55)\",\"650 - 1300\":\"rgb(26,151,80)\",\"1300 - 1950\":\"rgb(102,189,99)\",\"1950 - 2600\":\"rgb(166,217,106)\",\"2600 - 3250\":\"rgb(217,239,139)\",\"3250 - 3900\":\"rgb(255,255,190)\",\"3900 - 4550\":\"rgb(254,224,139)\",\"4550 - 5200\":\"rgb(253,174,97)\",\"5200 - 5850\":\"rgb(244,109,67)\",\"5850 - 6500\":\"rgb(214,47,39)\"}},\"spy\":{\"mode\":{\"name\":null,\"fill\":false}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "54213440-8b56-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Rdpy Username Tagcloud" ,
"visState" : "{\"title\":\"Rdpy Username Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"textScale\":\"linear\",\"orientations\":1,\"fromDegree\":\"0\",\"toDegree\":\"0\",\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"timeInterval\":\"500\",\"spiral\":\"rectangular\",\"minFontSize\":16,\"maxFontSize\":64,\"scale\":\"linear\",\"orientation\":\"single\",\"hideLabel\":false,\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"username.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "7c5959b0-4889-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Heralding Password Tagcloud" ,
"visState" : "{\"title\":\"Heralding Password Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":16,\"maxFontSize\":64,\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"password.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "656df650-6357-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner HTTP Encoding Pie - Top 10" ,
"visState" : "{\"title\":\"Tanner HTTP Encoding Pie - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"headers.accept-encoding.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "7dcaa2b0-8596-11e7-a686-392ac617767d" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX Top Users Histogram" ,
"visState" : "{\"title\":\"NGINX Top Users Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"remote_user.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "7e9a7d20-e858-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glutton Flow Direction" ,
"visState" : "{\"title\":\"Glutton Flow Direction\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"direction.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "87cf3b50-6357-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner HTTP Language Pie - Top 10" ,
"visState" : "{\"title\":\"Tanner HTTP Language Pie - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"headers.accept-language.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "946dc4d0-6352-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner HTTP Method Pie - Top 10" ,
"visState" : "{\"title\":\"Tanner HTTP Method Pie - Top 10\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"method.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "895645f0-6356-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner Detection Type Pie - Top 10" ,
"visState" : "{\"title\":\"Tanner Detection Type Pie - Top 10\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"response_msg.response.message.detection.name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "c1c8a3a0-6352-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner HTTP Hostname Pie - Top 10" ,
"visState" : "{\"title\":\"Tanner HTTP Hostname Pie - Top 10\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"headers.host.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "a6ccd530-6352-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner HTTP User Agent Pie - Top 10" ,
"visState" : "{\"title\":\"Tanner HTTP User Agent Pie - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"headers.user-agent.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ConPot-Event-Type" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Conpot Event Type" ,
"visState" : "{\"title\":\"Conpot Event Type\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"shareYAxis\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"event_type.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ConPot-Protocol" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Conpot Protocol" ,
"visState" : "{\"title\":\"Conpot Protocol\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"data_type.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Cowrie-Version-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Cowrie Version Pie - Top 10" ,
"visState" : "{\"title\":\"Cowrie Version Pie - Top 10\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"version.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Cowrie-Input-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Cowrie Input - Top 10" ,
"visState" : "{\"title\":\"Cowrie Input - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"input.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Command Line Input\"}}],\"listeners\":{}}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Dionaea-Protocol" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Dionaea Protocol" ,
"visState" : "{\"title\":\"Dionaea Protocol\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"connection.protocol.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Dionaea-Transport" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Dionaea Transport" ,
"visState" : "{\"title\":\"Dionaea Transport\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"connection.transport.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Dionaea-Type" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Dionaea Type" ,
"visState" : "{\"title\":\"Dionaea Type\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"connection.type.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "a001a350-e85b-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glutton Payload Hex - Top 10" ,
"visState" : "{\"title\":\"Glutton Payload Hex - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"payload_hex.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Payload Hex\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "c80e9ff0-e866-11e8-95af-236f09a02fdb" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glutton Msg - Top 10" ,
"visState" : "{\"title\":\"Glutton Msg - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"msg.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Msg\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "bf6f6000-8598-11e7-8f60-4f4666b0a88e" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Events Bar" ,
"visState" : "{\"title\":\"Suricata Events Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Suricata\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Events\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Suricata\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "cb2a3a00-8b56-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Rdpy Password Tagcloud" ,
"visState" : "{\"title\":\"Rdpy Password Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"textScale\":\"linear\",\"orientations\":1,\"fromDegree\":\"0\",\"toDegree\":\"0\",\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"timeInterval\":\"500\",\"spiral\":\"rectangular\",\"minFontSize\":16,\"maxFontSize\":64,\"scale\":\"linear\",\"orientation\":\"single\",\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"password.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ConPot-Input-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Conpot Input - Top 10" ,
"visState" : "{\"title\":\"Conpot Input - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"request.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Input\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ConPot-Response-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Conpot Response - Top 10" ,
"visState" : "{\"title\":\"Conpot Response - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"response.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Response\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Cowrie-Password-Tagcloud-Large" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Cowrie Password Tagcloud" ,
"visState" : "{\"title\":\"Cowrie Password Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"textScale\":\"sqrt\",\"orientations\":1,\"fromDegree\":0,\"toDegree\":0,\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"timeInterval\":500,\"spiral\":\"rectangular\",\"minFontSize\":16,\"maxFontSize\":64,\"scale\":\"linear\",\"orientation\":\"single\",\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"password.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{\"spy\":{\"mode\":{\"name\":null,\"fill\":false}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Cowrie-Username-Tagcloud-Large" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Cowrie Username Tagcloud" ,
"visState" : "{\"title\":\"Cowrie Username Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"textScale\":\"sqrt\",\"orientations\":1,\"fromDegree\":\"0\",\"toDegree\":\"0\",\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"timeInterval\":\"500\",\"spiral\":\"rectangular\",\"minFontSize\":16,\"maxFontSize\":64,\"scale\":\"linear\",\"orientation\":\"single\",\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"username.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Dionaea-Username-Tagcloud-Large" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Dionaea Username Tagcloud" ,
"visState" : "{\"title\":\"Dionaea Username Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"fromDegree\":0,\"maxFontSize\":64,\"minFontSize\":16,\"orientations\":1,\"spiral\":\"rectangular\",\"textScale\":\"sqrt\",\"timeInterval\":500,\"toDegree\":0,\"scale\":\"linear\",\"orientation\":\"single\",\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"username.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Dionaea-Password-Tagcloud-Large" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Dionaea Password Tagcloud" ,
"visState" : "{\"title\":\"Dionaea Password Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"textScale\":\"sqrt\",\"orientations\":1,\"fromDegree\":0,\"toDegree\":0,\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"timeInterval\":500,\"spiral\":\"rectangular\",\"minFontSize\":16,\"maxFontSize\":64,\"scale\":\"linear\",\"orientation\":\"single\",\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"password.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-19 20:48:37 +00:00
"_id" : "e9e534d0-6356-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-19 20:48:37 +00:00
"title" : "Tanner URI - Top 10" ,
"visState" : "{\"title\":\"Tanner URI - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"path.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"URI\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "e624bc50-7dd6-11e7-bee2-c98307c16efa" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Alert Category Histogram" ,
"visState" : "{\"title\":\"Suricata Alert Category Histogram\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"alert.category.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ElasticPot-Query-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "ElasticPot Query - Top 10" ,
"visState" : "{\"title\":\"ElasticPot Query - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"honeypot.query.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Query\"}}],\"listeners\":{}}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-19 20:48:37 +00:00
"_id" : "f4444100-e858-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-19 20:48:37 +00:00
"title" : "Glutton Handler" ,
"visState" : "{\"title\":\"Glutton Handler\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"handler.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-HTTP-Method-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX HTTP Method Pie - Top 10" ,
"visState" : "{\"title\":\"NGINX HTTP Method Pie - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"request_method.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-Countries-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX Countries - Top 10" ,
"visState" : "{\"title\":\"NGINX Countries - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-HTTP-Status-Code-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX HTTP Status Code Pie - Top 10" ,
"visState" : "{\n \"title\": \"NGINX HTTP Status Code Pie - Top 10\",\n \"type\": \"pie\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"isDonut\": true,\n \"legendPosition\": \"right\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"status\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-HTTP-User-Agent-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX HTTP User Agent Pie - Top 10" ,
"visState" : "{\"title\":\"NGINX HTTP User Agent Pie - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"http_user_agent.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-SSH-Client-Software-Version-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata SSH Client Software Version Pie - Top 10" ,
"visState" : "{\"title\":\"Suricata SSH Client Software Version Pie - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ssh.client.software_version.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-Source-IP-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX Source IP - Top 10" ,
"visState" : "{\"title\":\"NGINX Source IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-HTTP-Hostname-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata HTTP Hostname Pie - Top 10" ,
"visState" : "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"http.hostname.keyword\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":10},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true},\"title\":\"Suricata HTTP Hostname Pie - Top 10\",\"type\":\"pie\"}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-Fileinfo-Magic-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Fileinfo Magic - Top 10" ,
"visState" : "{\"title\":\"Suricata Fileinfo Magic - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"fileinfo.magic.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-Countries-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Countries - Top 10" ,
"visState" : "{\"title\":\"Suricata Countries - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-Source-IP-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Source IP - Top 10" ,
"visState" : "{\"title\":\"Suricata Source IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-HTTP-Method-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata HTTP Method Pie - Top 10" ,
"visState" : "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"http.http_method.keyword\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":10},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true},\"title\":\"Suricata HTTP Method Pie - Top 10\",\"type\":\"pie\"}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "P0f-OS-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "P0f OS Distribution" ,
"visState" : "{\"title\":\"P0f OS Distribution\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"os.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "P0f-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-HTTP-User-Agent-Pie-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata HTTP User Agent Pie - Top 10" ,
"visState" : "{\"title\":\"Suricata HTTP User Agent Pie - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"http.http_user_agent.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-HTTP-Content-Type-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata HTTP Content Type - Top 10" ,
"visState" : "{\"title\":\"Suricata HTTP Content Type - Top 10\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":200}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"http.http_content_type.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-Events-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX Events Histogram" ,
"visState" : "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Events\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customInterval\":\"2h\",\"customLabel\":\"Timestamp\",\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"Unique Src IPs\",\"field\":\"src_ip.keyword\"},\"schema\":\"metric\",\"type\":\"cardinality\"}],\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Events\"},\"drawLinesBetweenPoints\":true,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{}},\"title\":\"NGINX Events Histogram\",\"type\":\"line\"}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX Events by Country Histogram" ,
"visState" : "{\"title\":\"NGINX Events by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Events by Country Histogram" ,
"visState" : "{\"title\":\"Suricata Events by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}],\"listeners\":{}}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-Events-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Events Histogram" ,
"visState" : "{\"title\":\"Suricata Events Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Events\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-Alert-Signature-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Alert Signature - Top 10" ,
"visState" : "{\"title\":\"Suricata Alert Signature - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"alert.signature_id\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"ID\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"alert.signature.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Description\"}}],\"listeners\":{}}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-Username-Tagcloud" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX Username Tagcloud" ,
"visState" : "{\"title\":\"NGINX Username Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"textScale\":\"linear\",\"orientations\":1,\"fromDegree\":0,\"toDegree\":0,\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"timeInterval\":500,\"spiral\":\"rectangular\",\"minFontSize\":16,\"maxFontSize\":64,\"scale\":\"linear\",\"orientation\":\"single\",\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"remote_user.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "logstash-*" ,
"_type" : "index-pattern" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "logstash-*" ,
"timeFieldName" : "@timestamp" ,
"fields" : "[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ConnectionResetError\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ConnectionResetError.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"NameError\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"NameError.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ValueError\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ValueError.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"alert.action\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.action.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.category.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.cve_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.cve_id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.gid\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.rev\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.severity\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.signature\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.signature.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.signature_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"app\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"app.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"app_proto\",\"type\"
"fieldFormatMap" : "{\"src_ip\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://www.talosintelligence.com/reputation_center/lookup?search={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"dst_ip\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://www.talosintelligence.com/reputation_center/lookup?search={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"dest_port\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.speedguide.net/port.php?port={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"src_port\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.speedguide.net/port.php?port={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"proxy_connection.local_port\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.speedguide.net/port.php?port={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"proxy_connection.remote_port\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.speedguide.net/port.php?port={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"alert.signature_id\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://doc.emergingthreats.net/bin/view/Main/{{value}}\",\"labelTemplate\":\"{{value}}\"}},\"dest_ip\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://www.talosintelligence.com/reputation_center/lookup?search={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"geoip.ip\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.senderbase.org/lookup/?search_string={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"proxy_connection.local_ip\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.senderbase.org/lookup/?search_string={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"proxy_connection.remote_ip\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.senderbase.org/lookup/?search_string={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"geoip.country_name\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://en.wikipedia.org/w/index.php?search={{value}}&title=Special:Search&go=Go\",\"labelTemplate\":\"{{value}}\"}},\"geoip.real_region_name\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://en.wikipedia.org/w/index.php?search={{value}}&title=Special:Search&go=Go\",\"labelTemplate\":\"{{value}}\"}},\"geoip.city_name\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://en.wikipedia.org/w/index.php?search={{value}}&title=Special:Search&go=Go\",\"labelTemplate\":\"{{value}}\"}},\"geoip.number\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://mxtoolbox.com/SuperTool.aspx?action=asn%3a{{value}}&run=toolpage\",\"labelTemplate\":\"{{value}}\"}},\"status\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://httpstatuses.com/{{value}}\",\"labelTemplate\":\"{{value}}\"}},\"http.status\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://httpstatuses.com/{{value}}\",\"labelTemplate\":\"{{value}}\"}},\"dns.rrname\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://www.senderbase.org/lookup/?search_string={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"http_user_agent\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://ua.theafh.net/list.php?s={{value}}&include=yes&class=abr&do=desc\",\"labelTemplate\":\"{{value}}\"}},\"http.http_user_agent\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"http://ua.theafh.net/list.php?s={{value}}&include=yes&class=abr&do=desc\",\"labelTemplate\":\"{{value}}\"}},\"os\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://duckduckgo.com/?q={{value}}&t=h_&ia=web\",\"labelTemplate\":\"{{value}}\"}},\"link\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://duckduckgo.com/?q={{value}}&t=h_&ia=web\",\"labelTemplate\":\"{{value}}\"}},\"event_type\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://duckduckgo.com/?q={{value}}&t=h_&ia=web\",\"labelTemplate\":\"{{value}}\"}},\"tls.sni\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://www.ssllabs.com/ssltest/analyze.html?d={{value}}\",\"labelTemplate\":\"{{value}}\"}},\"tls.version\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\"https://duckduckgo.com/?q={{value}}&t=h_&ia=web\",\"labelTemplate\":\"{{value}}\"}},\"src_ip.raw\":{\"id\":\"url\",\"params\":{\"urlTemplate\":\" h t t p : //ww
2018-11-19 19:38:36 +00:00
} ,
"_meta" : {
"savedObjectVersion" : 2
2018-11-23 16:08:02 +00:00
} ,
"_migrationVersion" : {
"index-pattern" : "6.5.0"
2018-11-19 19:38:36 +00:00
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX" ,
"hits" : 0 ,
"description" : "NGINX Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"2\"},\"id\":\"NGINX-Events-Histogram\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":12,\"y\":28,\"w\":12,\"h\":11,\"i\":\"3\"},\"id\":\"NGINX-HTTP-Method-Pie-Top-10\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":28,\"w\":12,\"h\":11,\"i\":\"4\"},\"id\":\"NGINX-HTTP-Status-Code-Pie-Top-10\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":36,\"y\":28,\"w\":12,\"h\":11,\"i\":\"5\"},\"id\":\"NGINX-HTTP-User-Agent-Pie-Top-10\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":17,\"w\":16,\"h\":11,\"i\":\"6\"},\"id\":\"NGINX-Username-Tagcloud\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":39,\"w\":24,\"h\":20,\"i\":\"7\"},\"id\":\"NGINX-ASN-Top-10\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":24,\"y\":39,\"w\":24,\"h\":20,\"i\":\"8\"},\"id\":\"NGINX-Source-IP-Top-10\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[30.14512718337613,-0.87890625],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"9\"},\"id\":\"NGINX-Map\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":32,\"y\":17,\"w\":16,\"h\":11,\"i\":\"13\"},\"id\":\"NGINX-Events-by-Country-Histogram\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":28,\"w\":12,\"h\":11,\"i\":\"14\"},\"id\":\"NGINX-Countries-Top-10\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":0,\"w\":14,\"h\":6,\"i\":\"15\"},\"id\":\"51ca6ee0-80d5-11e7-ab37-eb92b1bfb573\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":16,\"y\":17,\"w\":16,\"h\":11,\"i\":\"16\"},\"id\":\"7dcaa2b0-8596-11e7-a686-392ac617767d\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":14,\"y\":0,\"w\":10,\"h\":6,\"i\":\"17\"},\"version\":\"6.4.3\",\"panelIndex\":\"17\",\"type\":\"visualization\",\"id\":\"07581df0-e752-11e8-b4a6-215b0b97c069\",\"embeddableConfig\":{}}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata" ,
"hits" : 0 ,
"description" : "Suricata Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"h\":11,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":6},\"id\":\"Suricata-Events-Histogram\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"9\",\"w\":12,\"x\":36,\"y\":28},\"id\":\"Suricata-Countries-Top-10\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"12\",\"w\":12,\"x\":0,\"y\":39},\"id\":\"Suricata-Fileinfo-Magic-Top-10\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"14\",\"w\":12,\"x\":24,\"y\":28},\"id\":\"Suricata-HTTP-Content-Type-Top-10\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"15\",\"w\":12,\"x\":12,\"y\":28},\"id\":\"Suricata-HTTP-Hostname-Pie-Top-10\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"16\",\"w\":12,\"x\":24,\"y\":39},\"id\":\"Suricata-HTTP-Method-Pie-Top-10\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"18\",\"w\":12,\"x\":12,\"y\":39},\"id\":\"Suricata-HTTP-User-Agent-Pie-Top-10\",\"panelIndex\":\"18\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"19\",\"w\":12,\"x\":36,\"y\":39},\"id\":\"Suricata-SSH-Client-Software-Version-Pie-Top-10\",\"panelIndex\":\"19\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"22\",\"w\":16,\"x\":32,\"y\":17},\"id\":\"Suricata-Events-by-Country-Histogram\",\"panelIndex\":\"22\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[28.613459424004414,-3.33984375],\"mapZoom\":2},\"gridData\":{\"h\":17,\"i\":\"23\",\"w\":24,\"x\":24,\"y\":0},\"id\":\"Suricata-Map\",\"panelIndex\":\"23\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"24\",\"w\":8,\"x\":12,\"y\":50},\"id\":\"Suricata-Source-IP-Top-10\",\"panelIndex\":\"24\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"25\",\"w\":12,\"x\":0,\"y\":50},\"id\":\"Suricata-ASN-Top-10\",\"panelIndex\":\"25\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"26\",\"w\":20,\"x\":28,\"y\":50},\"id\":\"Suricata-Alert-Signature-Top-10\",\"panelIndex\":\"26\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"27\",\"w\":16,\"x\":0,\"y\":17},\"id\":\"e624bc50-7dd6-11e7-bee2-c98307c16efa\",\"panelIndex\":\"27\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":6,\"i\":\"28\",\"w\":14,\"x\":0,\"y\":0},\"id\":\"bf6f6000-8598-11e7-8f60-4f4666b0a88e\",\"panelIndex\":\"28\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"29\",\"w\":16,\"x\":16,\"y\":17},\"id\":\"0e230290-859b-11e7-8f60-4f4666b0a88e\",\"panelIndex\":\"29\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"30\",\"w\":12,\"x\":0,\"y\":28},\"id\":\"b1a7f8d0-859b-11e7-8f60-4f4666b0a88e\",\"panelIndex\":\"30\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"31\",\"w\":8,\"x\":20,\"y\":50},\"id\":\"1a097850-7c22-11e7-aa1e-6bf93670d67b\",\"panelIndex\":\"31\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":6,\"i\":\"32\",\"w\":10,\"x\":14,\"y\":0},\"id\":\"4a60fe20-e75f-11e8-803c-59c072645505\",\"panelIndex\":\"32\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ElasticPot" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "ElasticPot" ,
"hits" : 0 ,
"description" : "ElasticPot Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"2\"},\"id\":\"ElasticPot-Events-Histogram\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":12,\"y\":17,\"w\":12,\"h\":11,\"i\":\"3\"},\"id\":\"ElasticPot-Countries-Top-10\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":17,\"w\":24,\"h\":11,\"i\":\"4\"},\"id\":\"ElasticPot-Events-by-Country-Histogram\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[28.92163128242129,1.7578125000000002],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"5\"},\"id\":\"ElasticPot-Map\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":1,\"direction\":\"asc\"}}}},\"gridData\":{\"x\":16,\"y\":28,\"w\":12,\"h\":20,\"i\":\"6\"},\"id\":\"ElasticPot-Source-IP-Top-10\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":28,\"w\":16,\"h\":20,\"i\":\"7\"},\"id\":\"ElasticPot-ASN-Top-10\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":28,\"y\":28,\"w\":20,\"h\":20,\"i\":\"9\"},\"id\":\"ElasticPot-Query-Top-10\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":0,\"w\":14,\"h\":6,\"i\":\"10\"},\"id\":\"d01a6390-827e-11e7-afbf-a7491fba5d8a\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":17,\"w\":12,\"h\":11,\"i\":\"11\"},\"id\":\"59b9dd60-827f-11e7-afbf-a7491fba5d8a\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":14,\"y\":0,\"w\":10,\"h\":6,\"i\":\"12\"},\"id\":\"3814c570-e68e-11e8-b727-735f5b0e1502\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "83b11b50-e850-11e8-97df-bbc3de28ece0" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glutton" ,
"hits" : 0 ,
"description" : "Glutton Dashboard" ,
"panelsJSON" : "[{\"embeddableConfig\":{},\"gridData\":{\"x\":30,\"y\":17,\"w\":18,\"h\":11,\"i\":\"16\"},\"id\":\"e055e240-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":12,\"y\":39,\"w\":36,\"h\":11,\"i\":\"17\"},\"id\":\"133801c0-e852-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"17\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"18\"},\"id\":\"50aa1940-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"18\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":12,\"y\":17,\"w\":18,\"h\":11,\"i\":\"19\"},\"id\":\"9d251bd0-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"19\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":0,\"w\":14,\"h\":6,\"i\":\"20\"},\"id\":\"32814dd0-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"20\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[29.53522956294847,-3.1640625000000004],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"21\"},\"id\":\"63d0bf60-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"21\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":14,\"y\":0,\"w\":10,\"h\":6,\"i\":\"22\"},\"id\":\"3f646820-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"22\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":28,\"w\":12,\"h\":11,\"i\":\"23\"},\"id\":\"f66b9200-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"23\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":36,\"y\":28,\"w\":12,\"h\":11,\"i\":\"24\"},\"id\":\"0464b030-e852-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"24\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":17,\"w\":12,\"h\":11,\"i\":\"25\"},\"id\":\"7e6121d0-e851-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"25\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":50,\"w\":12,\"h\":20,\"i\":\"26\"},\"id\":\"21c65b10-e852-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"26\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":12,\"y\":50,\"w\":12,\"h\":20,\"i\":\"27\"},\"id\":\"41d04290-e852-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"27\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":12,\"y\":28,\"w\":12,\"h\":11,\"i\":\"28\"},\"id\":\"7e9a7d20-e858-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"28\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":28,\"w\":12,\"h\":11,\"i\":\"29\"},\"id\":\"f4444100-e858-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"29\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":39,\"w\":12,\"h\":11,\"i\":\"30\"},\"id\":\"160f9cb0-e85b-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"30\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":70,\"w\":48,\"h\":20,\"i\":\"31\"},\"id\":\"a001a350-e85b-11e8-97df-bbc3de28ece0\",\"panelIndex\":\"31\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":50,\"w\":24,\"h\":20,\"i\":\"32\"},\"version\":\"6.4.3\",\"panelIndex\":\"32\",\"type\":\"visualization\",\"id\":\"c80e9ff0-e866-11e8-95af-236f09a02fdb\",\"embeddableConfig\":{}}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "14ebefd0-488f-11e8-9b3d-f36e8d4f5cb2" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Heralding" ,
"hits" : 0 ,
"description" : "Heralding Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"h\":6,\"i\":\"1\",\"w\":14,\"x\":0,\"y\":0},\"id\":\"2cf90930-47d3-11e8-a905-f74bbc7cbd2d\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":6},\"id\":\"d3bb9bd0-4863-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"3\",\"w\":24,\"x\":24,\"y\":17},\"id\":\"d0dbe890-4870-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[25.799891182088334,16.875000000000004],\"mapZoom\":2},\"gridData\":{\"h\":17,\"i\":\"4\",\"w\":24,\"x\":24,\"y\":0},\"id\":\"94ae10e0-4871-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"5\",\"w\":24,\"x\":0,\"y\":17},\"id\":\"29f51af0-4876-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"6\",\"w\":16,\"x\":0,\"y\":28},\"id\":\"eca8e580-4877-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"7\",\"w\":16,\"x\":16,\"y\":28},\"id\":\"e1969e20-4878-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"8\",\"w\":16,\"x\":32,\"y\":28},\"id\":\"864b2f30-4883-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":16,\"i\":\"10\",\"w\":24,\"x\":24,\"y\":39},\"id\":\"7c5959b0-4889-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":16,\"i\":\"11\",\"w\":24,\"x\":0,\"y\":39},\"id\":\"1268af10-4889-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":20,\"i\":\"12\",\"w\":12,\"x\":0,\"y\":55},\"id\":\"21ad1c80-488a-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":20,\"i\":\"13\",\"w\":12,\"x\":12,\"y\":55},\"id\":\"844f33f0-488a-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":20,\"i\":\"14\",\"w\":24,\"x\":24,\"y\":55},\"id\":\"124a1140-488e-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":6,\"i\":\"15\",\"w\":10,\"x\":14,\"y\":0},\"id\":\"d500a3c0-e6b8-11e8-b727-735f5b0e1502\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Dionaea" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Dionaea" ,
"hits" : 0 ,
"description" : "Dionaea Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"2\"},\"id\":\"Dionaea-Events-Histogram\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":22,\"y\":28,\"w\":11,\"h\":11,\"i\":\"3\"},\"id\":\"Dionaea-Destination-Ports-Top-10\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":11,\"y\":17,\"w\":11,\"h\":11,\"i\":\"4\"},\"id\":\"Dionaea-Protocol\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":39,\"w\":24,\"h\":13,\"i\":\"8\"},\"id\":\"Dionaea-Password-Tagcloud-Large\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":33,\"y\":17,\"w\":15,\"h\":11,\"i\":\"10\"},\"id\":\"Dionaea-Events-by-Country-Histogram\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[26.073274367159797,8.357599969021976],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"11\"},\"id\":\"Dionaea-Map\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":52,\"w\":24,\"h\":20,\"i\":\"12\"},\"id\":\"Dionaea-ASN-Top-10\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":24,\"y\":52,\"w\":24,\"h\":20,\"i\":\"13\"},\"id\":\"Dionaea-Source-IP-Top-10\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":0,\"w\":14,\"h\":6,\"i\":\"14\"},\"id\":\"b9343070-80e9-11e7-a689-67e589a14a8a\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":17,\"w\":11,\"h\":11,\"i\":\"15\"},\"id\":\"cf8d0e40-80ea-11e7-a689-67e589a14a8a\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":22,\"y\":17,\"w\":11,\"h\":11,\"i\":\"16\"},\"id\":\"Dionaea-Countries-Top-10\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":28,\"w\":11,\"h\":11,\"i\":\"17\"},\"id\":\"Dionaea-Type\",\"panelIndex\":\"17\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":11,\"y\":28,\"w\":11,\"h\":11,\"i\":\"18\"},\"id\":\"Dionaea-Transport\",\"panelIndex\":\"18\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":33,\"y\":28,\"w\":15,\"h\":11,\"i\":\"19\"},\"id\":\"7e33e3d0-810c-11e7-8413-9fe5e30ade77\",\"panelIndex\":\"19\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":14,\"y\":0,\"w\":10,\"h\":6,\"i\":\"20\"},\"id\":\"465d9810-e5cf-11e8-b72a-b734d2b55cd4\",\"panelIndex\":\"20\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":39,\"w\":24,\"h\":13,\"i\":\"21\"},\"id\":\"Dionaea-Username-Tagcloud-Large\",\"panelIndex\":\"21\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Glastopf" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glastopf" ,
"hits" : 0 ,
"description" : "Glastopf Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"h\":11,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":6},\"id\":\"Glastopf-Events-Histogram\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"3\",\"w\":16,\"x\":16,\"y\":17},\"id\":\"Glastopf-Countries-Top-10\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[27.994401411046148,-6.679687500000001],\"mapZoom\":2},\"gridData\":{\"h\":17,\"i\":\"5\",\"w\":24,\"x\":24,\"y\":0},\"id\":\"Glastopf-Map\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"6\",\"w\":24,\"x\":24,\"y\":28},\"id\":\"Glastop-Source-IP-Top-10\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"7\",\"w\":24,\"x\":0,\"y\":28},\"id\":\"Glastopf-ASN-Top-10\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"9\",\"w\":16,\"x\":32,\"y\":17},\"id\":\"Glastopf-Events-by-Country-Histogram\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":6,\"i\":\"10\",\"w\":14,\"x\":0,\"y\":0},\"id\":\"307afd60-82a9-11e7-bcbe-2b6958a9c888\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"11\",\"w\":16,\"x\":0,\"y\":17},\"id\":\"59509e90-8590-11e7-a686-392ac617767d\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":6,\"i\":\"12\",\"w\":10,\"x\":14,\"y\":0},\"id\":\"409907c0-e6b5-11e8-b727-735f5b0e1502\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ConPot" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Conpot" ,
"hits" : 0 ,
"description" : "Conpot Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"h\":11,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":6},\"id\":\"ConPot-Events-Histogram\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"3\",\"w\":12,\"x\":12,\"y\":17},\"id\":\"ConPot-Countries-Top-10\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"4\",\"w\":12,\"x\":0,\"y\":28},\"id\":\"ConPot-Event-Type\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"5\",\"w\":12,\"x\":12,\"y\":28},\"id\":\"ConPot-Protocol\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"6\",\"w\":24,\"x\":24,\"y\":17},\"id\":\"ConPot-Events-by-Country-Histogram\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":21,\"i\":\"7\",\"w\":12,\"x\":24,\"y\":39},\"id\":\"ConPot-Input-Top-10\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":21,\"i\":\"8\",\"w\":12,\"x\":36,\"y\":39},\"id\":\"ConPot-Response-Top-10\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":21,\"i\":\"11\",\"w\":12,\"x\":0,\"y\":39},\"id\":\"ConPot-ASN-Top-10\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"14\",\"w\":12,\"x\":0,\"y\":17},\"id\":\"ffb284f0-80cd-11e7-ab37-eb92b1bfb573\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":21,\"i\":\"15\",\"w\":12,\"x\":12,\"y\":39},\"id\":\"082111a0-80cf-11e7-ab37-eb92b1bfb573\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":6,\"i\":\"16\",\"w\":13,\"x\":0,\"y\":0},\"id\":\"62fde9a0-858d-11e7-a686-392ac617767d\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[35.746512259918504,-16.171875000000004],\"mapZoom\":2},\"gridData\":{\"h\":17,\"i\":\"17\",\"w\":24,\"x\":24,\"y\":0},\"id\":\"ConPot-Map\",\"panelIndex\":\"17\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":6,\"i\":\"18\",\"w\":11,\"x\":13,\"y\":0},\"id\":\"10e765a0-e51e-11e8-8a75-d5f374dbaebe\",\"panelIndex\":\"18\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":11,\"i\":\"19\",\"w\":24,\"x\":24,\"y\":28},\"id\":\"a427e6c0-e521-11e8-8a75-d5f374dbaebe\",\"panelIndex\":\"19\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "faeb1340-6355-11e8-be86-73985bedf977" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner" ,
"hits" : 0 ,
"description" : "Tanner Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"x\":0,\"y\":50,\"w\":12,\"h\":20,\"i\":\"1\"},\"id\":\"06628c70-6352-11e8-be86-73985bedf977\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[36.03133177633189,4.218750000000001],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"2\"},\"id\":\"f8e24f20-634e-11e8-be86-73985bedf977\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":12,\"y\":17,\"w\":12,\"h\":11,\"i\":\"3\"},\"id\":\"d968d5e0-6350-11e8-be86-73985bedf977\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":0,\"w\":14,\"h\":6,\"i\":\"4\"},\"id\":\"5014cee0-634e-11e8-be86-73985bedf977\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"5\"},\"id\":\"77bf1310-634e-11e8-be86-73985bedf977\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":17,\"w\":24,\"h\":11,\"i\":\"6\"},\"id\":\"6ee57da0-634f-11e8-be86-73985bedf977\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":28,\"w\":16,\"h\":11,\"i\":\"7\"},\"id\":\"c1c8a3a0-6352-11e8-be86-73985bedf977\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":32,\"y\":39,\"w\":16,\"h\":11,\"i\":\"8\"},\"id\":\"946dc4d0-6352-11e8-be86-73985bedf977\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":16,\"y\":39,\"w\":16,\"h\":11,\"i\":\"9\"},\"id\":\"a6ccd530-6352-11e8-be86-73985bedf977\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":12,\"y\":50,\"w\":12,\"h\":20,\"i\":\"10\"},\"id\":\"Cowrie-Source-IP-Top-10\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":17,\"w\":12,\"h\":11,\"i\":\"11\"},\"id\":\"a51e9ae0-6350-11e8-be86-73985bedf977\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":32,\"y\":28,\"w\":16,\"h\":11,\"i\":\"12\"},\"id\":\"895645f0-6356-11e8-be86-73985bedf977\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":50,\"w\":24,\"h\":20,\"i\":\"13\"},\"id\":\"e9e534d0-6356-11e8-be86-73985bedf977\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":39,\"w\":16,\"h\":11,\"i\":\"14\"},\"id\":\"87cf3b50-6357-11e8-be86-73985bedf977\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":16,\"y\":28,\"w\":16,\"h\":11,\"i\":\"15\"},\"id\":\"656df650-6357-11e8-be86-73985bedf977\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":14,\"y\":0,\"w\":10,\"h\":6,\"i\":\"16\"},\"version\":\"6.4.3\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"id\":\"535b0c80-e761-11e8-803c-59c072645505\",\"embeddableConfig\":{}}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "e05aac20-8b51-11e7-b92d-d39e43e3de0f" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Rdpy" ,
"hits" : 0 ,
"description" : "Rdpy Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":15,\"h\":6,\"i\":\"10\"},\"id\":\"0de24040-8b52-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"11\"},\"id\":\"c90f1f00-8b52-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":17,\"w\":24,\"h\":11,\"i\":\"12\"},\"id\":\"da489b20-8b52-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[30.44867367928756,-5.44921875],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"13\"},\"id\":\"e4b7cf40-8b52-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":17,\"w\":12,\"h\":11,\"i\":\"14\"},\"id\":\"051c59e0-8b53-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":12,\"y\":17,\"w\":12,\"h\":11,\"i\":\"15\"},\"id\":\"51c331f0-8b54-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":39,\"w\":24,\"h\":20,\"i\":\"16\"},\"id\":\"73364660-8b54-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":24,\"y\":39,\"w\":24,\"h\":20,\"i\":\"17\"},\"id\":\"874be060-8b54-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"17\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":28,\"w\":24,\"h\":11,\"i\":\"18\"},\"id\":\"54213440-8b56-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"18\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":28,\"w\":24,\"h\":11,\"i\":\"19\"},\"id\":\"cb2a3a00-8b56-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"19\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":15,\"y\":0,\"w\":9,\"h\":6,\"i\":\"20\"},\"id\":\"94e13130-e756-11e8-b4a6-215b0b97c069\",\"panelIndex\":\"20\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"match_all\":{}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Cowrie" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Cowrie" ,
"hits" : 0 ,
"description" : "Cowrie Dashboard" ,
"panelsJSON" : "[{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"22\"},\"id\":\"Cowrie-Events-Histogram\",\"panelIndex\":\"22\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":28,\"w\":12,\"h\":11,\"i\":\"28\"},\"id\":\"Cowrie-Countries-Top-10\",\"panelIndex\":\"28\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":32,\"y\":17,\"w\":16,\"h\":11,\"i\":\"29\"},\"id\":\"Cowrie-Events-by-Country-Histogram\",\"panelIndex\":\"29\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":12,\"y\":28,\"w\":12,\"h\":11,\"i\":\"31\"},\"id\":\"Cowrie-Version-Pie-Top-10\",\"panelIndex\":\"31\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":39,\"w\":24,\"h\":16,\"i\":\"34\"},\"id\":\"Cowrie-Username-Tagcloud-Large\",\"panelIndex\":\"34\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":39,\"w\":24,\"h\":16,\"i\":\"35\"},\"id\":\"Cowrie-Password-Tagcloud-Large\",\"panelIndex\":\"35\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[24.84656534821976,6.855468750000001],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"36\"},\"id\":\"Cowrie-Map\",\"panelIndex\":\"36\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":24,\"y\":55,\"w\":24,\"h\":20,\"i\":\"37\"},\"id\":\"Cowrie-Input-Top-10\",\"panelIndex\":\"37\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":55,\"w\":16,\"h\":20,\"i\":\"39\"},\"id\":\"Cowrie-ASN-Top-10\",\"panelIndex\":\"39\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":36,\"y\":28,\"w\":12,\"h\":11,\"i\":\"43\"},\"id\":\"Cowrie-Ports-Pie\",\"panelIndex\":\"43\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":0,\"y\":0,\"w\":14,\"h\":6,\"i\":\"44\"},\"id\":\"c1ef91c0-7dc2-11e7-8268-ed048f6272e0\",\"panelIndex\":\"44\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":0,\"y\":28,\"w\":12,\"h\":11,\"i\":\"45\"},\"id\":\"bf39e000-80d5-11e7-ba6f-4542711dd148\",\"panelIndex\":\"45\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":0,\"y\":17,\"w\":16,\"h\":11,\"i\":\"46\"},\"id\":\"f28b8c60-80e4-11e7-ba6f-4542711dd148\",\"panelIndex\":\"46\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":16,\"y\":17,\"w\":16,\"h\":11,\"i\":\"47\"},\"id\":\"2a6803f0-80e7-11e7-a689-67e589a14a8a\",\"panelIndex\":\"47\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":14,\"y\":0,\"w\":10,\"h\":6,\"i\":\"48\"},\"id\":\"45e32dc0-dec5-11e8-87cf-239397d2b8d3\",\"panelIndex\":\"48\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":16,\"y\":55,\"w\":8,\"h\":20,\"i\":\"49\"},\"version\":\"6.4.3\",\"panelIndex\":\"49\",\"type\":\"visualization\",\"id\":\"48d3dad0-e725-11e8-b4a6-215b0b97c069\",\"embeddableConfig\":{}}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Honeytrap" ,
"_type" : "dashboard" ,
2018-11-19 20:48:37 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Honeytrap" ,
"hits" : 0 ,
"description" : "Honeytrap Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"h\":11,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":6},\"id\":\"Honeytrap-Events-Histogram\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"5\",\"w\":12,\"x\":12,\"y\":28},\"id\":\"Honeytrap-Countries-Top-10\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"6\",\"w\":18,\"x\":30,\"y\":17},\"id\":\"Honeytrap-Events-by-Country-Histogram\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"7\",\"w\":12,\"x\":0,\"y\":17},\"id\":\"Honeytrap-Destination-Ports-Top-10\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[28.613459424004414,-3.69140625],\"mapZoom\":2},\"gridData\":{\"h\":17,\"i\":\"8\",\"w\":24,\"x\":24,\"y\":0},\"id\":\"Honeytrap-Map\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"9\",\"w\":24,\"x\":24,\"y\":39},\"id\":\"Honeytrap-Source-IP-Top-10\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"10\",\"w\":24,\"x\":0,\"y\":39},\"id\":\"Honeytrap-ASN-Top-10\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":6,\"i\":\"11\",\"w\":14,\"x\":0,\"y\":0},\"id\":\"6ee70b90-8374-11e7-9adb-2955c2136c8c\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"12\",\"w\":18,\"x\":12,\"y\":17},\"id\":\"ec53e470-8376-11e7-9adb-2955c2136c8c\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"13\",\"w\":12,\"x\":0,\"y\":28},\"id\":\"576a3cb0-82ae-11e7-bcbe-2b6958a9c888\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 450\":\"rgb(255,255,204)\",\"1350 - 1800\":\"rgb(254,201,101)\",\"1800 - 2250\":\"rgb(254,171,73)\",\"2250 - 2700\":\"rgb(253,141,60)\",\"2700 - 3150\":\"rgb(252,91,46)\",\"3150 - 3600\":\"rgb(237,47,34)\",\"3600 - 4050\":\"rgb(212,16,32)\",\"4050 - 4500\":\"rgb(176,0,38)\",\"450 - 900\":\"rgb(255,241,170)\",\"900 - 1350\":\"rgb(254,225,135)\"}}},\"gridData\":{\"h\":11,\"i\":\"14\",\"w\":24,\"x\":24,\"y\":28},\"id\":\"4e2887d0-8379-11e7-97dc-15d31af3c77f\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":6,\"i\":\"15\",\"w\":10,\"x\":14,\"y\":0},\"id\":\"f5e74220-e725-11e8-b4a6-215b0b97c069\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
"version" : 1 ,
"timeRestore" : false ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
}
2018-11-19 20:48:37 +00:00
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "dd95c950-8b5d-11e7-ba35-0d8832ac304f" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Mailoney" ,
"hits" : 0 ,
"description" : "Mailoney Dashboard" ,
"panelsJSON" : "[{\"gridData\":{\"h\":6,\"i\":\"10\",\"w\":14,\"x\":0,\"y\":0},\"id\":\"5234de80-8b5f-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"11\",\"w\":24,\"x\":0,\"y\":6},\"id\":\"63672eb0-8b5f-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"12\",\"w\":24,\"x\":24,\"y\":17},\"id\":\"88d899e0-8b5f-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"13\",\"w\":12,\"x\":12,\"y\":17},\"id\":\"cac48440-8b5f-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"h\":11,\"i\":\"14\",\"w\":12,\"x\":0,\"y\":17},\"id\":\"d2405e70-8b5e-11e7-ba35-0d8832ac304f\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"15\",\"w\":12,\"x\":0,\"y\":28},\"id\":\"ad6dcb50-8b5e-11e7-ba35-0d8832ac304f\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"16\",\"w\":12,\"x\":12,\"y\":28},\"id\":\"ba9d6280-8b5f-11e7-b92d-d39e43e3de0f\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":20,\"i\":\"17\",\"w\":24,\"x\":24,\"y\":28},\"id\":\"0169b450-8b62-11e7-ba35-0d8832ac304f\",\"panelIndex\":\"17\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[29.22889003019423,-7.207031249999999],\"mapZoom\":2},\"gridData\":{\"h\":17,\"i\":\"18\",\"w\":24,\"x\":24,\"y\":0},\"id\":\"c0916430-8b5e-11e7-ba35-0d8832ac304f\",\"panelIndex\":\"18\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":6,\"i\":\"19\",\"w\":10,\"x\":14,\"y\":0},\"id\":\"f2742de0-e745-11e8-b4a6-215b0b97c069\",\"panelIndex\":\"19\",\"type\":\"visualization\",\"version\":\"6.4.3\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-20 17:09:29 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"match_all\":{}}}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-19 20:48:37 +00:00
"_id" : "133801c0-e852-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-19 20:48:37 +00:00
"title" : "Glutton Heatmap" ,
"visState" : "{\n \"title\": \"Glutton Heatmap\",\n \"type\": \"heatmap\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": true,\n \"enableHover\": false,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"colorsNumber\": 10,\n \"colorSchema\": \"Green to Red\",\n \"setColorRange\": false,\n \"colorsRange\": [],\n \"invertColors\": false,\n \"percentageMode\": false,\n \"valueAxes\": [\n {\n \"show\": false,\n \"id\": \"ValueAxis-1\",\n \"type\": \"value\",\n \"scale\": {\n \"type\": \"square root\",\n \"defaultYExtents\": false\n },\n \"labels\": {\n \"show\": false,\n \"rotate\": 0,\n \"color\": \"#555\",\n \"overwriteColor\": false\n }\n }\n ],\n \"type\": \"heatmap\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"dest_port\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"customLabel\": \"Destination Port\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"@timestamp\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Timestamp\"\n }\n }\n ]\n}" ,
"uiStateJSON" : "{\n \"vis\": {\n \"defaultColors\": {\n \"0 - 500\": \"rgb(0,104,55)\",\n \"500 - 1000\": \"rgb(26,151,80)\",\n \"1000 - 1500\": \"rgb(102,189,99)\",\n \"1500 - 2000\": \"rgb(166,217,106)\",\n \"2000 - 2500\": \"rgb(217,239,139)\",\n \"2500 - 3000\": \"rgb(255,255,190)\",\n \"3000 - 3500\": \"rgb(254,224,139)\",\n \"3500 - 4000\": \"rgb(253,174,97)\",\n \"4000 - 4500\": \"rgb(244,109,67)\",\n \"4500 - 5000\": \"rgb(214,47,39)\"\n }\n },\n \"spy\": {\n \"mode\": {\n \"name\": null,\n \"fill\": false\n }\n }\n}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": []\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "1a097850-7c22-11e7-aa1e-6bf93670d67b" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata CVE - Top 10" ,
"visState" : "{\"title\":\"Suricata CVE - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"alert.cve_id.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"CVE ID\"}}],\"listeners\":{}}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "124a1140-488e-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Heralding Top Credentials Per Protocol" ,
"visState" : "{\"title\":\"Heralding Top Credentials Per Protocol\",\"type\":\"table\",\"params\":{\"perPage\":100,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"proto.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"username.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":3,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"password.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":3,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Password\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "0e230290-859b-11e7-8f60-4f4666b0a88e" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata Destination Ports Histogram" ,
"visState" : "{\"title\":\"Suricata Destination Ports Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}],\"listeners\":{}}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "2fc62270-e872-11e8-a876-6bccfb9086f2" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Medpot Data - Top 10" ,
"visState" : "{\"title\":\"Medpot Data - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"data.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Data\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "1268af10-4889-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Heralding Username Tagcloud" ,
"visState" : "{\"title\":\"Heralding Username Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":16,\"maxFontSize\":64,\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"username.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "0169b450-8b62-11e7-ba35-0d8832ac304f" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Mailoney SMTP Input - Top 10" ,
"visState" : "{\"title\":\"Mailoney SMTP Input - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"smtp_input.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SMTP Input\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "160f9cb0-e85b-11e8-97df-bbc3de28ece0" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glutton Method" ,
"visState" : "{\"title\":\"Glutton Method\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"method.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Dionaea-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"Dionaea\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Cowrie-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"Cowrie\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Honeypot-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Honeypot-Logs" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"language\":\"lucene\",\"query\":\"type:\\\"Ciscoasa\\\" OR type:\\\"ConPot\\\" OR type:\\\"Cowrie\\\" OR type:\\\"Dionaea\\\" OR type:\\\"ElasticPot\\\" OR type:\\\"Glastopf\\\" OR type:\\\"Glutton\\\" OR type:\\\"Heralding\\\" OR type:\\\"Honeytrap\\\" OR type:\\\"Mailoney\\\" OR type:\\\"Medpot\\\" OR type:\\\"Rdpy\\\" OR type:\\\"Tanner\\\"\"},\"highlightAll\":true,\"version\":true}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "d800f130-633f-11e8-be86-73985bedf977" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Tanner-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"type:\\\"Tanner\\\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Honeytrap-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"Honeytrap\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glutton-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"type:\\\"Glutton\\\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "NGINX-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"NGINX\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ConPot-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"ConPot\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Rdpy-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"Rdpy\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "3290fa70-69a2-11e7-bcac-d3ee6f9c26fd" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "NSM-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"filter\":[],\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"Suricata\\\" OR type:\\\"p0f\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Ciscoasa-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"type:\\\"Ciscoasa\\\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Mailoney-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"type:\\\"Mailoney\\\"\",\"default_field\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ElasticPot-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"ElasticPot\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Suricata-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"Suricata\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "Glastopf-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"Glastopf\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "P0f-Logs" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "P0f-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":{\"query_string\":{\"query\":\"type:\\\"P0f\\\"\",\"analyze_wildcard\":true}},\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Medpot-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"type:\\\"Medpot\\\"\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Heralding-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"type:\\\"Heralding\\\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "c3b89bc0-69a7-11e7-bcac-d3ee6f9c26fd" ,
"_type" : "search" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "T-Pot-Logs" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"hits" : 0 ,
"columns" : [
"_source"
] ,
"sort" : [
"@timestamp" ,
"desc"
] ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"index\":\"logstash-*\",\"query\":{\"language\":\"lucene\",\"query\":\"type:\\\"Ciscoasa\\\" OR type:\\\"ConPot\\\" OR type:\\\"Cowrie\\\" OR type:\\\"Dionaea\\\" OR type:\\\"ElasticPot\\\" OR type:\\\"Glastopf\\\" OR type:\\\"Glutton\\\" OR type:\\\"Heralding\\\" OR type:\\\"Honeytrap\\\" OR type:\\\"Mailoney\\\" OR type:\\\"Medpot\\\" OR type:\\\"P0f\\\" OR type:\\\"Rdpy\\\" OR type:\\\"Suricata\\\" OR type:\\\"Tanner\\\"\"},\"highlightAll\":true,\"version\":true,\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "48f595c0-e7f8-11e8-9ac4-13ecd4ad8d70" ,
"_type" : "dashboard" ,
"_source" : {
"title" : "Medpot" ,
"hits" : 0 ,
"description" : "Medpot Dashboard" ,
"panelsJSON" : "[{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":0,\"w\":14,\"h\":6,\"i\":\"13\"},\"id\":\"65fdfd10-e7f8-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":14,\"y\":0,\"w\":10,\"h\":6,\"i\":\"14\"},\"id\":\"17130490-e7fb-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":6,\"w\":24,\"h\":11,\"i\":\"15\"},\"id\":\"554c9550-e7fb-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"15\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{\"mapCenter\":[32.84267363195431,-5.273437500000001],\"mapZoom\":2},\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":17,\"i\":\"16\"},\"id\":\"a81cba70-e7fc-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"16\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":17,\"w\":12,\"h\":11,\"i\":\"17\"},\"id\":\"099c23d0-e7fd-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"17\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":12,\"y\":17,\"w\":12,\"h\":11,\"i\":\"18\"},\"id\":\"15b696f0-e7fd-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"18\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":24,\"y\":17,\"w\":24,\"h\":11,\"i\":\"19\"},\"id\":\"490b4e60-e7fd-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"19\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":28,\"w\":12,\"h\":20,\"i\":\"20\"},\"id\":\"5b69e990-e7fd-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"20\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":12,\"y\":28,\"w\":12,\"h\":20,\"i\":\"21\"},\"id\":\"e3f00420-e7fd-11e8-9ac4-13ecd4ad8d70\",\"panelIndex\":\"21\",\"type\":\"visualization\",\"version\":\"6.4.3\"},{\"gridData\":{\"x\":24,\"y\":28,\"w\":24,\"h\":20,\"i\":\"22\"},\"version\":\"6.4.3\",\"panelIndex\":\"22\",\"type\":\"visualization\",\"id\":\"2fc62270-e872-11e8-a876-6bccfb9086f2\",\"embeddableConfig\":{}}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":true}" ,
"version" : 1 ,
"timeRestore" : false ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
2018-11-19 19:38:36 +00:00
{
2018-11-20 17:09:29 +00:00
"_id" : "885928c0-7ebe-11e7-a286-9f03beba6417" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"top\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "d94ff2a0-7ec2-11e7-a286-9f03beba6417" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "772cb2b0-7ec3-11e7-a7c8-5f38ad5bf75f" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Attacker Source IP - Top 10" ,
"visState" : "{\"title\":\"Attacker Source IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "f1a19000-7ebf-11e7-a286-9f03beba6417" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Attacks by Country and Port" ,
"visState" : "{\"title\":\"Attacks by Country and Port\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"top\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\",\"row\":false}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "50d82860-7ea0-11e7-a286-9f03beba6417" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Attacks by Country" ,
"visState" : "{\"title\":\"Attacks by Country\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "7b61a6a0-7ebf-11e7-a286-9f03beba6417" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Attacks by Destination Port Histogram" ,
"visState" : "{\"title\":\"Attacks by Destination Port Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"top\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{\"spy\":{\"mode\":{\"name\":null,\"fill\":false}}}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "ef227eb0-7e9d-11e7-a286-9f03beba6417" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Attacks by Honeypot Histogram" ,
"visState" : "{\"title\":\"Attacks by Honeypot Histogram\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"top\",\"times\":[],\"addTimeMarker\":false,\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "762f66c0-7e9e-11e7-a286-9f03beba6417" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Honeypot Attacks Histogram" ,
"visState" : "{\"title\":\"Honeypot Attacks Histogram\",\"type\":\"line\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2},{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Source IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Source IPs\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-20 17:09:29 +00:00
"_id" : "87428ba0-7e9d-11e7-a286-9f03beba6417" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-20 17:09:29 +00:00
"title" : "Honeypot Attacks Bar" ,
"visState" : "{\"title\":\"Honeypot Attacks Bar\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":false,\"rotate\":75,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Honeypots\"},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":15,\"order\":\"asc\",\"orderBy\":\"_key\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Honeypots\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "0d947000-7ebd-11e7-a286-9f03beba6417" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Attacks by Honeypot" ,
"visState" : "{\"title\":\"Attacks by Honeypot\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "54d8c6a0-dec0-11e8-87cf-239397d2b8d3" ,
"_type" : "dashboard" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa" ,
"hits" : 0 ,
"description" : "Ciscoasa Dashboard" ,
"panelsJSON" : "[{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":6,\"i\":\"1\",\"w\":14,\"x\":0,\"y\":0},\"id\":\"15f2c000-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":11,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":6},\"id\":\"8a455850-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":11,\"i\":\"3\",\"w\":24,\"x\":24,\"y\":17},\"id\":\"a72ec5f0-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"gridData\":{\"h\":11,\"i\":\"5\",\"w\":12,\"x\":0,\"y\":17},\"id\":\"d77bbba0-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"gridData\":{\"h\":11,\"i\":\"6\",\"w\":12,\"x\":12,\"y\":17},\"id\":\"fe02b580-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"gridData\":{\"h\":20,\"i\":\"7\",\"w\":24,\"x\":24,\"y\":28},\"id\":\"1a80b720-4ad6-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"gridData\":{\"h\":20,\"i\":\"8\",\"w\":24,\"x\":0,\"y\":28},\"id\":\"2a543aa0-4ad6-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"embeddableConfig\":{\"mapCenter\":[42.032974332441405,0.703125],\"mapZoom\":2},\"gridData\":{\"h\":17,\"i\":\"9\",\"w\":24,\"x\":24,\"y\":0},\"id\":\"b8745000-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.4.2\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":6,\"i\":\"10\",\"w\":10,\"x\":14,\"y\":0},\"id\":\"79a71e90-dec1-11e8-87cf-239397d2b8d3\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.4.2\"}]" ,
"optionsJSON" : "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":true}" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
2018-11-23 16:08:02 +00:00
"timeRestore" : false ,
2018-11-19 19:38:36 +00:00
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "32814dd0-e851-11e8-97df-bbc3de28ece0" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton Attacks Bar" ,
"visState" : "{\"title\":\"Glutton Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Honeytrap\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "5234de80-8b5f-11e7-b92d-d39e43e3de0f" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney Attacks Bar" ,
"visState" : "{\"title\":\"Mailoney Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Mailoney\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Mailoney\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "51ca6ee0-80d5-11e7-ab37-eb92b1bfb573" ,
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "NGINX Events Bar" ,
"visState" : "{\"title\":\"NGINX Events Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"NGINX\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Events\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"NGINX\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 20:48:37 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 20:48:37 +00:00
}
2018-11-19 19:38:36 +00:00
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "5014cee0-634e-11e8-be86-73985bedf977" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner Attacks Bar" ,
"visState" : "{\"title\":\"Tanner Attacks Bar\",\"type\":\"horizontal_bar\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":false,\"rotate\":90,\"show\":false,\"truncate\":200},\"position\":\"left\",\"scale\":{\"type\":\"linear\"},\"show\":false,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"2\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":true,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"bottom\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "65fdfd10-e7f8-11e8-9ac4-13ecd4ad8d70" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot Attacks Bar" ,
"visState" : "{\"title\":\"Medpot Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"ElasticPot\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ElasticPot\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 20:48:37 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 20:48:37 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "0de24040-8b52-11e7-b92d-d39e43e3de0f" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 20:48:37 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy Attacks Bar" ,
"visState" : "{\"title\":\"Rdpy Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Rdpy\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Rdpy\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d01a6390-827e-11e7-afbf-a7491fba5d8a" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot Attacks Bar" ,
"visState" : "{\"title\":\"ElasticPot Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"ElasticPot\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ElasticPot\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "6ee70b90-8374-11e7-9adb-2955c2136c8c" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap Attacks Bar" ,
"visState" : "{\"title\":\"Honeytrap Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Honeytrap\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "307afd60-82a9-11e7-bcbe-2b6958a9c888" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf Attacks Bar" ,
"visState" : "{\"title\":\"Glastopf Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Glastopf\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "62fde9a0-858d-11e7-a686-392ac617767d" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot Attacks Bar" ,
"visState" : "{\"title\":\"Conpot Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"ConPot\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Conpot\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "b9343070-80e9-11e7-a689-67e589a14a8a" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea Attacks Bar" ,
"visState" : "{\"title\":\"Dionaea Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Dionaea\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Dionaea\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "c1ef91c0-7dc2-11e7-8268-ed048f6272e0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie Attacks Bar" ,
"visState" : "{\"title\":\"Cowrie Attacks Bar\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Cowrie\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"histogram\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"type.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Cowrie\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "cac48440-8b5f-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Mailoney - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "a51e9ae0-6350-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Tanner - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d77bbba0-4ad5-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Ciscoasa - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "59b9dd60-827f-11e7-afbf-a7491fba5d8a" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"ElasticPot - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "576a3cb0-82ae-11e7-bcbe-2b6958a9c888" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Honeytrap - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "b1a7f8d0-859b-11e7-8f60-4f4666b0a88e" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Suricata - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Suricata - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "cf8d0e40-80ea-11e7-a689-67e589a14a8a" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Dionaea - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "bf39e000-80d5-11e7-ba6f-4542711dd148" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Cowrie - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "59509e90-8590-11e7-a686-392ac617767d" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Glastopf - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ElasticPot-Events-Histogram" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot Attacks Histogram" ,
"visState" : "{\"title\":\"ElasticPot Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Glastopf-Events-Histogram" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf Attacks Histogram" ,
"visState" : "{\"title\":\"Glastopf Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\",\"interpolate\":\"linear\",\"lineWidth\":2},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Honeytrap-Events-Histogram" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap Attacks Histogram" ,
"visState" : "{\"title\":\"Honeytrap Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"2\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "f66b9200-e851-11e8-97df-bbc3de28ece0" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Glutton - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "099c23d0-e7fd-11e8-9ac4-13ecd4ad8d70" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Medpot - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "051c59e0-8b53-11e7-b92d-d39e43e3de0f" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Rdpy - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "eca8e580-4877-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Heralding - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ffb284f0-80cd-11e7-ab37-eb92b1bfb573" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot - Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Conpot - Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"labels\":{\"last_level\":true,\"show\":false,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "349c11c0-7ea0-11e7-a286-9f03beba6417" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Attacker Src IP Reputation" ,
"visState" : "{\"title\":\"Attacker Src IP Reputation\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"ip_rep.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "63672eb0-8b5f-11e7-b92d-d39e43e3de0f" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney Attacks Histogram" ,
"visState" : "{\"title\":\"Mailoney Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"rotate\":0,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"legendOpen\":true}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "c90f1f00-8b52-11e7-b92d-d39e43e3de0f" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy Attacks Histogram" ,
"visState" : "{\"title\":\"Rdpy Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"rotate\":0,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"legendOpen\":true}}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "77bf1310-634e-11e8-be86-73985bedf977" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner Attacks Histogram" ,
"visState" : "{\"title\":\"Tanner Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"rotate\":0,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"legendOpen\":true}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "8a455850-4ad5-11e8-ab1b-fdef76c312f4" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa Attacks Histogram" ,
"visState" : "{\"title\":\"Ciscoasa Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"},\"valueAxis\":null},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"2\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":\"*\"},\"label\":\"All\"},{\"input\":{\"query\":\"src_port:*\"},\"label\":\"Exploit\"}]}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "554c9550-e7fb-11e8-9ac4-13ecd4ad8d70" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot Attacks Histogram" ,
"visState" : "{\"title\":\"Medpot Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Cowrie-Events-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie Attacks Histogram" ,
"visState" : "{\"title\":\"Cowrie Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"rotate\":0,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"legendOpen\":true}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Dionaea-Events-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea Attacks Histogram" ,
"visState" : "{\"title\":\"Dionaea Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ConPot-Events-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot Attacks Histogram" ,
"visState" : "{\"title\":\"Conpot Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d3bb9bd0-4863-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding Attacks Histogram" ,
"visState" : "{\"title\":\"Heralding Attacks Histogram\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"},\"valueAxis\":null},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"filter\":false},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2},{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"data\":{\"id\":\"2\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "50aa1940-e851-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton Attacks Histogram" ,
"visState" : "{\"title\":\"Glutton Attacks Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"2\",\"label\":\"Unique Src IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"line\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d2405e70-8b5e-11e7-ba35-0d8832ac304f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney - Attacks by Country" ,
"visState" : "{\"title\":\"Mailoney - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "51c331f0-8b54-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy - Attacks by Country" ,
"visState" : "{\"title\":\"Rdpy - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d968d5e0-6350-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner - Attacks by Country" ,
"visState" : "{\"title\":\"Tanner - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "e1969e20-4878-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding - Attacks by Country" ,
"visState" : "{\"title\":\"Heralding - Attacks by Country\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ElasticPot-Countries-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot - Attacks by Country" ,
"visState" : "{\"title\":\"ElasticPot - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Dionaea-Countries-Top-10" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea - Attacks by Country" ,
"visState" : "{\"title\":\"Dionaea - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ConPot-Countries-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot - Attacks by Country" ,
"visState" : "{\"title\":\"Conpot - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Cowrie-Countries-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie - Attacks by Country" ,
"visState" : "{\"title\":\"Cowrie - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "88d899e0-8b5f-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Mailoney - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Events\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "0464b030-e852-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton - Attacks by Country" ,
"visState" : "{\"title\":\"Glutton - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "15b696f0-e7fd-11e8-9ac4-13ecd4ad8d70" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot - Attacks by Country" ,
"visState" : "{\"title\":\"Medpot - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "fe02b580-4ad5-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa - Attacks by Country" ,
"visState" : "{\"title\":\"Ciscoasa - Attacks by Country\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Honeytrap-Countries-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap - Attacks by Country" ,
"visState" : "{\"title\":\"Honeytrap - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Glastopf-Countries-Top-10" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf - Attacks by Country" ,
"visState" : "{\"title\":\"Glastopf - Attacks by Country\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "e055e240-e851-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Glutton - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "490b4e60-e7fd-11e8-9ac4-13ecd4ad8d70" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Medpot - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Attacks\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "6ee57da0-634f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Tanner - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\",\"interpolate\":\"linear\",\"lineWidth\":2}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "da489b20-8b52-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Rdpy - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ElasticPot-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"ElasticPot - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ConPot-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Conpot - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Cowrie-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Cowrie - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\",\"interpolate\":\"linear\",\"lineWidth\":2}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d0dbe890-4870-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Heralding - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"type\":\"area\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "a72ec5f0-4ad5-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Ciscoasa - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"type\":\"area\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Honeytrap-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Honeytrap - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Glastopf-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Glastopf - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Dionaea-Events-by-Country-Histogram" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea - Attacks by Country Histogram" ,
"visState" : "{\"title\":\"Dionaea - Attacks by Country Histogram\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Timestamp\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"interpolate\":\"linear\",\"legendPosition\":\"right\",\"radiusRatio\":9,\"scale\":\"square root\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Attacks\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"times\":[],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}],\"yAxis\":{},\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "2a543aa0-4ad6-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Ciscoasa - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "082111a0-80cf-11e7-ab37-eb92b1bfb573" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Conpot - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ElasticPot-Source-IP-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"ElasticPot - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Honeytrap-Source-IP-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Honeytrap - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Glastop-Source-IP-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Glastopf - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Dionaea-Source-IP-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Dionaea - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "21ad1c80-488a-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Heralding - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-20 17:09:29 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "844f33f0-488a-11e8-9b3d-f36e8d4f5cb2" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Heralding - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-20 17:09:29 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ba9d6280-8b5f-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Mailoney - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "41d04290-e852-11e8-97df-bbc3de28ece0" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Glutton - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "e3f00420-e7fd-11e8-9ac4-13ecd4ad8d70" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Medpot - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "874be060-8b54-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Rdpy - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Cowrie-Source-IP-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Tanner - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "48d3dad0-e725-11e8-b4a6-215b0b97c069" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie - Attacker Src IP - Top 10" ,
"visState" : "{\"title\":\"Cowrie - Attacker Src IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ad6dcb50-8b5e-11e7-ba35-0d8832ac304f" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Mailoney - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "21c65b10-e852-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Glutton - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "5b69e990-e7fd-11e8-9ac4-13ecd4ad8d70" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Medpot - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "73364660-8b54-11e7-b92d-d39e43e3de0f" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Rdpy - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-20 17:09:29 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ElasticPot-ASN-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"ElasticPot - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Honeytrap-ASN-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Honeytrap - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Glastopf-ASN-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Glastopf - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ConPot-ASN-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Conpot - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Cowrie-ASN-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Cowrie - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Cowrie-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "a427e6c0-e521-11e8-8a75-d5f374dbaebe" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Conpot - Attacks by Destination Ports Histogram" ,
"visState" : "{\"title\":\"Conpot - Attacks by Destination Ports Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"@timestamp per 30 seconds\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "ConPot-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "2a6803f0-80e7-11e7-a689-67e589a14a8a" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Cowrie - Attacks by Destination Ports Histogram" ,
"visState" : "{\"title\":\"Cowrie - Attacks by Destination Ports Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"@timestamp per 30 seconds\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Cowrie-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "f28b8c60-80e4-11e7-ba6f-4542711dd148" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Cowrie - Attacks by Destination Ports Histogram Incoming" ,
"visState" : "{\"title\":\"Cowrie - Attacks by Destination Ports Histogram Incoming\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":\"dest_port:22\"},\"label\":\"SSH\"},{\"input\":{\"query\":\"dest_port:23\"},\"label\":\"Telnet\"}]}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "1a80b720-4ad6-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Ciscoasa - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "06628c70-6352-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Tanner - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Dionaea-ASN-Top-10" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea - Attacker AS/N - Top 10" ,
"visState" : "{\"title\":\"Dionaea - Attacker AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Suricata-ASN-Top-10" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Suricata - AS/N - Top 10" ,
"visState" : "{\"title\":\"Suricata - AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "NGINX-ASN-Top-10" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "NGINX - AS/N - Top 10" ,
"visState" : "{\"title\":\"NGINX - AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"showMetricsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"AS\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"ASN\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "NGINX-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "Cowrie-Ports-Pie" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Cowrie - Attacks by Port" ,
"visState" : "{\"title\":\"Cowrie - Attacks by Port\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"shareYAxis\":true,\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"filters\",\"schema\":\"segment\",\"params\":{\"filters\":[{\"input\":{\"query\":\"dest_port:22\"},\"label\":\"SSH\"},{\"input\":{\"query\":\"dest_port:23\"},\"label\":\"Telnet\"}]}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Cowrie-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "9d251bd0-e851-11e8-97df-bbc3de28ece0" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Glutton - Attacks by Destination Ports Histogram" ,
"visState" : "{\"title\":\"Glutton - Attacks by Destination Ports Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "ec53e470-8376-11e7-9adb-2955c2136c8c" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Honeytrap - Attacks by Destination Ports Histogram" ,
"visState" : "{\"title\":\"Honeytrap - Attacks by Destination Ports Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeytrap-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "7e33e3d0-810c-11e7-8413-9fe5e30ade77" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Dionaea - Attacks by Destination Ports Histogram" ,
"visState" : "{\"title\":\"Dionaea - Attacks by Destination Ports Histogram\",\"type\":\"area\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{\"text\":\"Timestamp\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"step-after\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"area\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"dest_port\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Dionaea-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "7e6121d0-e851-11e8-97df-bbc3de28ece0" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Glutton - Attacks by Port" ,
"visState" : "{\"title\":\"Glutton - Attacks by Port\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dest_port\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "864b2f30-4883-11e8-9b3d-f36e8d4f5cb2" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Heralding - Attacks by Port" ,
"visState" : "{\"title\":\"Heralding - Attacks by Port\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dest_port\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "56cdedf0-ec08-11e8-96db-ebfb2a58ccf6" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Username Tagcloud" ,
"visState" : "{\"title\":\"Username Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"fromDegree\":\"0\",\"maxFontSize\":64,\"minFontSize\":16,\"orientation\":\"single\",\"orientations\":1,\"scale\":\"linear\",\"showLabel\":false,\"spiral\":\"rectangular\",\"textScale\":\"sqrt\",\"timeInterval\":\"500\",\"toDegree\":\"0\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"username.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"language\":\"kuery\",\"query\":\"(type.keyword:\\\"Cowrie\\\" AND system:\\\"ssh\\\") OR type.keyword:\\\"Dionaea\\\" OR type.keyword:\\\"Heralding\\\" OR type.keyword:\\\"RDPY\\\"\"},\"filter\":[],\"index\":\"logstash-*\"}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "Dionaea-Destination-Ports-Top-10" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Dionaea - Attacks by Port" ,
"visState" : "{\"title\":\"Dionaea - Attacks by Port\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dest_port\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Dionaea-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "Honeytrap-Destination-Ports-Top-10" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Honeytrap - Attacks by Port" ,
"visState" : "{\"title\":\"Honeytrap - Attacks by Port\",\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":true,\"legendPosition\":\"right\",\"type\":\"pie\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"dest_port\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeytrap-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "9b89ddb0-ec07-11e8-96db-ebfb2a58ccf6" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Password Tagcloud" ,
"visState" : "{\"title\":\"Password Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"font\":\"serif\",\"fontStyle\":\"normal\",\"fontWeight\":\"normal\",\"fromDegree\":0,\"maxFontSize\":64,\"minFontSize\":16,\"orientation\":\"single\",\"orientations\":1,\"scale\":\"linear\",\"showLabel\":false,\"spiral\":\"rectangular\",\"textScale\":\"sqrt\",\"timeInterval\":500,\"toDegree\":0},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"password.keyword\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{\"spy\":{\"mode\":{\"fill\":false,\"name\":null}}}" ,
"description" : "" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"(type:\\\"Cowrie\\\" AND system:\\\"ssh\\\") OR type:\\\"Dionaea\\\" OR type:\\\"Heralding\\\" OR type:\\\"RDPY\\\"\",\"language\":\"lucene\"},\"filter\":[],\"index\":\"logstash-*\"}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "8d4e8300-ebde-11e8-9675-1b303bfb38ef" ,
"_type" : "dashboard" ,
"_source" : {
"title" : ">T-Pot" ,
"hits" : 0 ,
"description" : "T-Pot Dashboard" ,
"panelsJSON" : "[{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":24,\"y\":36,\"w\":12,\"h\":15,\"i\":\"9\"},\"id\":\"P0f-OS-Top-10\",\"panelIndex\":\"9\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":28,\"y\":85,\"w\":20,\"h\":29,\"i\":\"21\"},\"id\":\"Suricata-Alert-Signature-Top-10\",\"panelIndex\":\"21\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":20,\"y\":85,\"w\":8,\"h\":29,\"i\":\"38\"},\"id\":\"1a097850-7c22-11e7-aa1e-6bf93670d67b\",\"panelIndex\":\"38\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":24,\"y\":51,\"w\":24,\"h\":15,\"i\":\"43\"},\"id\":\"e624bc50-7dd6-11e7-bee2-c98307c16efa\",\"panelIndex\":\"43\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":0,\"y\":85,\"w\":12,\"h\":29,\"i\":\"44\"},\"id\":\"d94ff2a0-7ec2-11e7-a286-9f03beba6417\",\"panelIndex\":\"44\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"gridData\":{\"x\":36,\"y\":36,\"w\":12,\"h\":15,\"i\":\"45\"},\"id\":\"50d82860-7ea0-11e7-a286-9f03beba6417\",\"panelIndex\":\"45\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"spy\":{\"mode\":{\"fill\":false,\"name\":null}},\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":0,\"y\":21,\"w\":16,\"h\":15,\"i\":\"46\"},\"id\":\"7b61a6a0-7ebf-11e7-a286-9f03beba6417\",\"panelIndex\":\"46\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"x\":0,\"y\":6,\"w\":16,\"h\":15,\"i\":\"47\"},\"id\":\"87428ba0-7e9d-11e7-a286-9f03beba6417\",\"panelIndex\":\"47\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"x\":16,\"y\":6,\"w\":16,\"h\":15,\"i\":\"48\"},\"id\":\"762f66c0-7e9e-11e7-a286-9f03beba6417\",\"panelIndex\":\"48\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"gridData\":{\"x\":12,\"y\":36,\"w\":12,\"h\":15,\"i\":\"49\"},\"id\":\"0d947000-7ebd-11e7-a286-9f03beba6417\",\"panelIndex\":\"49\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":32,\"y\":21,\"w\":16,\"h\":15,\"i\":\"50\"},\"id\":\"885928c0-7ebe-11e7-a286-9f03beba6417\",\"panelIndex\":\"50\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":16,\"y\":21,\"w\":16,\"h\":15,\"i\":\"51\"},\"id\":\"ef227eb0-7e9d-11e7-a286-9f03beba6417\",\"panelIndex\":\"51\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"mapCenter\":[24.5271348225978,-5.273437500000001],\"mapZoom\":1},\"gridData\":{\"x\":32,\"y\":6,\"w\":16,\"h\":15,\"i\":\"52\"},\"id\":\"d1aa9740-7e9e-11e7-a286-9f03beba6417\",\"panelIndex\":\"52\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"x\":12,\"y\":85,\"w\":8,\"h\":29,\"i\":\"53\"},\"id\":\"772cb2b0-7ec3-11e7-a7c8-5f38ad5bf75f\",\"panelIndex\":\"53\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":0,\"y\":36,\"w\":12,\"h\":15,\"i\":\"54\"},\"id\":\"349c11c0-7ea0-11e7-a286-9f03beba6417\",\"panelIndex\":\"54\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"x\":0,\"y\":51,\"w\":24,\"h\":15,\"i\":\"55\"},\"id\":\"f1a19000-7ebf-11e7-a286-9f03beba6417\",\"panelIndex\":\"55\",\"type\":\"visualization\",\"version\":\"6.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":6,\"i\":\"56\"},\"id\":\"e77bc660-e9d3-11e8-be2c-8fd05c77f582\",\" p a n e l I n d e x \
"optionsJSON" : "{\"darkTheme\":true,\"useMargins\":false}" ,
"version" : 1 ,
"timeRestore" : false ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"default_field\":\"*\",\"query\":\"*\"}}}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "63d0bf60-e851-11e8-97df-bbc3de28ece0" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Glutton Attack Map" ,
"visState" : "{\"title\":\"Glutton Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "a81cba70-e7fc-11e8-9ac4-13ecd4ad8d70" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Medpot Attack Map" ,
"visState" : "{\"title\":\"Medpot Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "b8745000-4ad5-11e8-ab1b-fdef76c312f4" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Ciscoasa Attack Map" ,
"visState" : "{\"title\":\"Ciscoasa Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatClusterSize\":1.5,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true,\"layers\":\"OSM-WMS\",\"version\":\"1.3.0\",\"styles\":\"\",\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]},\"url\":\"http://ows.terrestris.de/osm/service\"},\"colorSchema\":\"Yellow to Red\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":2.2851562500000004,\"lat\":37.85750715625203},\"precision\":2}}]}" ,
"uiStateJSON" : "{\"mapZoom\":2,\"mapCenter\":[37.782941450067156,2.458449960686267]}" ,
"description" : "" ,
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "94ae10e0-4871-11e8-9b3d-f36e8d4f5cb2" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Heralding Attack Map" ,
"visState" : "{\"title\":\"Heralding Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatClusterSize\":1.5,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true,\"layers\":\"OSM-WMS\",\"version\":\"1.3.0\",\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]},\"url\":\"http://ows.terrestris.de/osm/service\"},\"colorSchema\":\"Yellow to Red\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "e77bc660-e9d3-11e8-be2c-8fd05c77f582" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Honeypot Attacks - Top 10" ,
"visState" : "{\"title\":\"Honeypot Attacks - Top 10\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":24}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"type.keyword\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "Honeypot-Logs" ,
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
"_id" : "c0916430-8b5e-11e7-ba35-0d8832ac304f" ,
"_type" : "visualization" ,
"_source" : {
"title" : "Mailoney Attack Map" ,
"visState" : "{\"title\":\"Mailoney Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "e4b7cf40-8b52-11e7-b92d-d39e43e3de0f" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy Attack Map" ,
"visState" : "{\"title\":\"Rdpy Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "f8e24f20-634e-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner Attack Map" ,
"visState" : "{\"title\":\"Tanner Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"heatClusterSize\":1.5,\"colorSchema\":\"Yellow to Red\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ElasticPot-Map" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot Attack Map" ,
"visState" : "{\"title\":\"ElasticPot Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Honeytrap-Map" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap Attack Map" ,
"visState" : "{\"title\":\"Honeytrap Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "NGINX-Map" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "NGINX Attack Map" ,
"visState" : "{\"title\":\"NGINX Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Glastopf-Map" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf Attack Map" ,
"visState" : "{\"title\":\"Glastopf Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "ConPot-Map" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot Attack Map" ,
"visState" : "{\"title\":\"Conpot Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d1aa9740-7e9e-11e7-a286-9f03beba6417" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeypot Attack Map" ,
"visState" : "{\"title\":\"Honeypot Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":0,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.2&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.2&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":3}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeypot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Suricata-Map" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Suricata Attack Map" ,
"visState" : "{\"title\":\"Suricata Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Dionaea-Map" ,
2018-11-19 20:48:37 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea Attack Map" ,
"visState" : "{\"title\":\"Dionaea Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 20:48:37 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-19 20:48:37 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "Cowrie-Map" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie Attack Map" ,
"visState" : "{\"title\":\"Cowrie Attack Map\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"http://ows.terrestris.de/osm/service\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"OSM-WMS\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors\",\"styles\":\"\"},\"baseLayersAreLoaded\":{},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.4.3&license=9fb155de-424a-423c-a59a-07b920363565\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>© <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p> \",\"subdomains\":[]}},\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"colorSchema\":\"Yellow to Red\",\"heatClusterSize\":1.5},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"mapZoom\":2,\"mapCenter\":{\"lon\":0.17578125,\"lat\":-0.17578097424708533},\"precision\":2}}]}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-19 20:48:37 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-20 17:09:29 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "17130490-e7fb-11e8-9ac4-13ecd4ad8d70" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Medpot Attacks" ,
"visState" : "{\n \"title\": \"Medpot Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"metric\": {\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"invertColors\": false,\n \"labels\": {\n \"show\": true\n },\n \"metricColorMode\": \"None\",\n \"percentageMode\": false,\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": 30,\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"useRanges\": false\n },\n \"type\": \"metric\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "baa53b00-b597-11e8-9a34-d951cebce834" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"language\": \"lucene\",\n \"query\": \"\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "3814c570-e68e-11e8-b727-735f5b0e1502" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "ElasticPot Attacks" ,
"visState" : "{\n \"title\": \"ElasticPot Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"metric\": {\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"invertColors\": false,\n \"labels\": {\n \"show\": true\n },\n \"metricColorMode\": \"None\",\n \"percentageMode\": false,\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": 30,\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"useRanges\": false\n },\n \"type\": \"metric\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ElasticPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"language\": \"lucene\",\n \"query\": \"\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "45e32dc0-dec5-11e8-87cf-239397d2b8d3" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Cowrie Attacks" ,
"visState" : "{\n \"title\": \"Cowrie Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-20 17:09:29 +00:00
"savedSearchId" : "Cowrie-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "465d9810-e5cf-11e8-b72a-b734d2b55cd4" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Dionaea Attacks" ,
"visState" : "{\n \"title\": \"Dionaea Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addLegend\": false,\n \"addTooltip\": true,\n \"metric\": {\n \"colorSchema\": \"Green to Red\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"invertColors\": false,\n \"labels\": {\n \"show\": true\n },\n \"metricColorMode\": \"None\",\n \"percentageMode\": false,\n \"style\": {\n \"bgColor\": false,\n \"bgFill\": \"#000\",\n \"fontSize\": 30,\n \"labelColor\": false,\n \"subText\": \"\"\n },\n \"useRanges\": false\n },\n \"type\": \"metric\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Dionaea-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"language\": \"lucene\",\n \"query\": \"\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "10e765a0-e51e-11e8-8a75-d5f374dbaebe" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Conpot Attacks" ,
"visState" : "{\n \"title\": \"Conpot Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "ConPot-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": []\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "d500a3c0-e6b8-11e8-b727-735f5b0e1502" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding Attacks" ,
"visState" : "{\n \"title\": \"Heralding Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "f2742de0-e745-11e8-b4a6-215b0b97c069" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Mailoney Attacks" ,
"visState" : "{\n \"title\": \"Mailoney Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "9c35dd90-6977-11e7-9c11-8d9c11943fa0" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "3f646820-e851-11e8-97df-bbc3de28ece0" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glutton Attacks" ,
"visState" : "{\n \"title\": \"Glutton Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "385ea460-ad22-11e8-942c-a39712fa9ddf" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "535b0c80-e761-11e8-803c-59c072645505" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Tanner Attacks" ,
"visState" : "{\n \"title\": \"Tanner Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "d800f130-633f-11e8-be86-73985bedf977" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "94e13130-e756-11e8-b4a6-215b0b97c069" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Rdpy Attacks" ,
"visState" : "{\n \"title\": \"Rdpy Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "aa750980-8ab5-11e7-8fef-33e989079c7d" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "79a71e90-dec1-11e8-87cf-239397d2b8d3" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa Attacks" ,
"visState" : "{\n \"title\": \"Ciscoasa Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": []\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "f5e74220-e725-11e8-b4a6-215b0b97c069" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Honeytrap Attacks" ,
"visState" : "{\n \"title\": \"Honeytrap Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Honeytrap-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "409907c0-e6b5-11e8-b727-735f5b0e1502" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Glastopf Attacks" ,
"visState" : "{\n \"title\": \"Glastopf Attacks\",\n \"type\": \"metric\",\n \"params\": {\n \"addTooltip\": true,\n \"addLegend\": false,\n \"type\": \"metric\",\n \"metric\": {\n \"percentageMode\": false,\n \"useRanges\": false,\n \"colorSchema\": \"Green to Red\",\n \"metricColorMode\": \"None\",\n \"colorsRange\": [\n {\n \"from\": 0,\n \"to\": 10000\n }\n ],\n \"labels\": {\n \"show\": true\n },\n \"invertColors\": false,\n \"style\": {\n \"bgFill\": \"#000\",\n \"bgColor\": false,\n \"labelColor\": false,\n \"subText\": \"\",\n \"fontSize\": 30\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Attacks\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Src IPs\"\n }\n }\n ]\n}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Glastopf-Logs" ,
2018-11-20 17:09:29 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n },\n \"filter\": [],\n \"index\": \"logstash-*\"\n}"
2018-11-20 17:09:29 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "07581df0-e752-11e8-b4a6-215b0b97c069" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "NGINX Events" ,
"visState" : "{\"title\":\"NGINX Events\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":30}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 20:48:37 +00:00
"uiStateJSON" : "{}" ,
2018-11-19 19:38:36 +00:00
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "NGINX-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"index\":\"logstash-*\"}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "4a60fe20-e75f-11e8-803c-59c072645505" ,
2018-11-19 19:38:36 +00:00
"_type" : "visualization" ,
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Suricata Events" ,
"visState" : "{\"title\":\"Suricata Events\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":30}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-19 19:38:36 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "Suricata-Logs" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"index\":\"logstash-*\"}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "15f2c000-4ad5-11e8-ab1b-fdef76c312f4" ,
2018-11-20 17:09:29 +00:00
"_type" : "visualization" ,
2018-11-19 19:38:36 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Ciscoasa Attacks Bar" ,
"visState" : "{\"title\":\"Ciscoasa Attacks Bar\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"data\":{\"id\":\"2\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
2018-11-20 17:09:29 +00:00
"uiStateJSON" : "{}" ,
"description" : "" ,
2018-11-23 16:08:02 +00:00
"savedSearchId" : "2934abc0-4ad4-11e8-ab1b-fdef76c312f4" ,
2018-11-19 19:38:36 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-19 19:38:36 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
2018-11-21 14:42:37 +00:00
} ,
{
2018-11-23 16:08:02 +00:00
"_id" : "2cf90930-47d3-11e8-a905-f74bbc7cbd2d" ,
"_type" : "visualization" ,
2018-11-21 14:42:37 +00:00
"_source" : {
2018-11-23 16:08:02 +00:00
"title" : "Heralding Attacks Bar" ,
"visState" : "{\"title\":\"Heralding Attacks Bar\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":false,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Attacks\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"data\":{\"id\":\"2\",\"label\":\"Unique Src IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Attacks\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Src IPs\"}}]}" ,
"uiStateJSON" : "{}" ,
"description" : "" ,
"savedSearchId" : "c2bea500-47ca-11e8-a905-f74bbc7cbd2d" ,
2018-11-21 14:42:37 +00:00
"version" : 1 ,
"kibanaSavedObjectMeta" : {
2018-11-23 16:08:02 +00:00
"searchSourceJSON" : "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
2018-11-21 14:42:37 +00:00
}
} ,
"_meta" : {
"savedObjectVersion" : 2
}
2018-11-19 19:38:36 +00:00
}
]
