© OpenStreetMap contributors | Elastic Maps Service
\",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\"minZoom\":0,\"maxZoom\":10,\"attribution\":\"© OpenStreetMap contributors | Elastic Maps Service
\",\"subdomains\":[]}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"precision\":2}}]}","uiStateJSON":"{}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} {"_index":".kibana","_type":"doc","_id":"visualization:2cf90930-47d3-11e8-a905-f74bbc7cbd2d","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-24T15:21:35.299Z","visualization":{"title":"Heralding Events Bar","visState":"{\"title\":\"Heralding Events Bar\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":false,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Events\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"data\":{\"id\":\"2\",\"label\":\"Unique Source IPs\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Source IPs\"}}]}","uiStateJSON":"{}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} -{"_index":".kibana","_type":"doc","_id":"config:6.2.4","_score":1,"_source":{"type":"config","updated_at":"2018-04-23T15:51:42.498Z","config":{"buildNum":16627,"defaultIndex":"a06b3310-43e2-11e8-bf89-a753125435f7","dateFormat:dow":"Monday","fields:popularLimit":"0","format:number:defaultPattern":"0.[000]"}}} -{"_index":".kibana","_type":"doc","_id":"search:Honeypot-Logs","_score":1,"_source":{"type":"search","updated_at":"2018-04-24T14:23:59.800Z","search":{"title":"Honeypot-Logs","description":"","hits":0,"columns":["_source"],"sort":["@timestamp","desc"],"version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"a06b3310-43e2-11e8-bf89-a753125435f7\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":\"type:\\\"ConPot\\\" OR type:\\\"Cowrie\\\" OR type:\\\"Dionaea\\\" OR type:\\\"ElasticPot\\\" OR type:\\\"eMobility\\\" OR type:\\\"Glastopf\\\" OR type:\\\"Heralding\\\" OR type:\\\"Honeytrap\\\" OR type:\\\"Mailoney\\\" OR type:\\\"Rdpy\\\" OR type:\\\"Vnclowpot\\\"\",\"language\":\"lucene\"},\"highlightAll\":true,\"version\":true}"}}}} {"_index":".kibana","_type":"doc","_id":"search:c2bea500-47ca-11e8-a905-f74bbc7cbd2d","_score":1,"_source":{"type":"search","updated_at":"2018-04-24T14:21:21.104Z","search":{"title":"Heralding-Logs","description":"","hits":0,"columns":["_source"],"sort":["@timestamp","desc"],"version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"a06b3310-43e2-11e8-bf89-a753125435f7\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"type:\\\"Heralding\\\"\",\"language\":\"lucene\"},\"filter\":[]}"}}}} {"_index":".kibana","_type":"doc","_id":"visualization:29f51af0-4876-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T10:57:18.711Z","visualization":{"title":"Heralding Protocols Histogram","visState":"{\"title\":\"Heralding Protocols Histogram\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Events\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"step-after\",\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Events\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"proto.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}","uiStateJSON":"{}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} {"_index":".kibana","_type":"doc","_id":"visualization:21ad1c80-488a-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:11:14.248Z","visualization":{"title":"Heralding AS/N - Top 10","visState":"{\"title\":\"Heralding AS/N - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.asn\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"AS\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"geoip.as_org.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"ASN\"}}]}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} @@ -205,7 +203,19 @@ {"_index":".kibana","_type":"doc","_id":"visualization:7c5959b0-4889-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:06:36.875Z","visualization":{"title":"Heralding Password Tagcloud - Large","visState":"{\"title\":\"Heralding Password Tagcloud - Large\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"right angled\",\"minFontSize\":16,\"maxFontSize\":64},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"password.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\"}}]}","uiStateJSON":"{}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} {"_index":".kibana","_type":"doc","_id":"visualization:34dedba0-4889-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:07:43.067Z","visualization":{"title":"Heralding Username Tagcloud","visState":"{\"title\":\"Heralding Username Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":16,\"maxFontSize\":64},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"username.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}","uiStateJSON":"{}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} {"_index":".kibana","_type":"doc","_id":"visualization:5a1dc520-4889-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:05:39.442Z","visualization":{"title":"Heralding Password Tagcloud","visState":"{\"title\":\"Heralding Password Tagcloud\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"linear\",\"orientation\":\"single\",\"minFontSize\":16,\"maxFontSize\":64},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"password.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}","uiStateJSON":"{}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} -{"_index":".kibana","_type":"doc","_id":"visualization:844f33f0-488a-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:13:59.727Z","visualization":{"title":"Heralding Source IP - Top 10","visState":"{\"title\":\"Heralding Source IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP\"}}]}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} -{"_index":".kibana","_type":"doc","_id":"visualization:124a1140-488e-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:45:52.622Z","visualization":{"title":"Heralding Top Credentials Per Protocol","visState":"{\"title\":\"Heralding Top Credentials Per Protocol\",\"type\":\"table\",\"params\":{\"perPage\":100,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"proto.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"username.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":3,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"password.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":3,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Password\"}}]}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":null}}}}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} {"_index":".kibana","_type":"doc","_id":"visualization:d0dbe890-4870-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T14:08:24.304Z","visualization":{"title":"Heralding Events by Country Histogram","visState":"{\"title\":\"Heralding Events by Country Histogram\",\"type\":\"area\",\"params\":{\"type\":\"area\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"square root\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Events\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"Events\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"geoip.country_name.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}}]}","uiStateJSON":"{}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} {"_index":".kibana","_type":"doc","_id":"dashboard:14ebefd0-488f-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"dashboard","updated_at":"2018-04-25T14:14:34.641Z","dashboard":{"title":"Heralding","hits":0,"description":"Heralding Dashboard","panelsJSON":"[{\"gridData\":{\"h\":2,\"i\":\"1\",\"w\":6,\"x\":0,\"y\":0},\"id\":\"2cf90930-47d3-11e8-a905-f74bbc7cbd2d\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":2,\"i\":\"2\",\"w\":6,\"x\":0,\"y\":2},\"id\":\"d3bb9bd0-4863-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":2,\"i\":\"3\",\"w\":6,\"x\":0,\"y\":4},\"id\":\"d0dbe890-4870-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"mapCenter\":[25.799891182088334,16.875000000000004],\"mapZoom\":2},\"gridData\":{\"h\":6,\"i\":\"4\",\"w\":6,\"x\":6,\"y\":0},\"id\":\"94ae10e0-4871-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":2,\"i\":\"5\",\"w\":12,\"x\":0,\"y\":6},\"id\":\"29f51af0-4876-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":3,\"i\":\"6\",\"w\":4,\"x\":0,\"y\":8},\"id\":\"eca8e580-4877-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":3,\"i\":\"7\",\"w\":4,\"x\":4,\"y\":8},\"id\":\"e1969e20-4878-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":3,\"i\":\"8\",\"w\":4,\"x\":8,\"y\":8},\"id\":\"864b2f30-4883-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":5,\"i\":\"10\",\"w\":6,\"x\":6,\"y\":11},\"id\":\"7c5959b0-4889-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"10\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":5,\"i\":\"11\",\"w\":6,\"x\":0,\"y\":11},\"id\":\"1268af10-4889-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"11\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":5,\"i\":\"12\",\"w\":3,\"x\":0,\"y\":16},\"id\":\"21ad1c80-488a-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"12\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":5,\"i\":\"13\",\"w\":3,\"x\":3,\"y\":16},\"id\":\"844f33f0-488a-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"13\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":5,\"i\":\"14\",\"w\":6,\"x\":6,\"y\":16},\"id\":\"124a1140-488e-11e8-9b3d-f36e8d4f5cb2\",\"panelIndex\":\"14\",\"type\":\"visualization\",\"version\":\"6.2.4\"}]","optionsJSON":"{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":false}","version":1,"timeRestore":false,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:15f2c000-4ad5-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T11:14:01.514Z","visualization":{"title":"Ciscoasa Events Bar","visState":"{\n \"title\": \"Ciscoasa Events Bar\",\n \"type\": \"horizontal_bar\",\n \"params\": {\n \"type\": \"histogram\",\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": false,\n \"rotate\": 90,\n \"filter\": false,\n \"truncate\": 200\n },\n \"title\": {}\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"square root\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": true,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": true,\n \"type\": \"histogram\",\n \"mode\": \"normal\",\n \"data\": {\n \"label\": \"Events\",\n \"id\": \"1\"\n },\n \"valueAxis\": \"ValueAxis-1\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": true\n },\n {\n \"show\": true,\n \"mode\": \"normal\",\n \"type\": \"histogram\",\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": true,\n \"data\": {\n \"id\": \"2\",\n \"label\": \"Unique Source IPs\"\n },\n \"valueAxis\": \"ValueAxis-1\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Events\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"cardinality\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"customLabel\": \"Unique Source IPs\"\n }\n }\n ]\n}","uiStateJSON":"{}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:124a1140-488e-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:45:52.622Z","visualization":{"title":"Heralding Top Credentials Per Protocol","visState":"{\"title\":\"Heralding Top Credentials Per Protocol\",\"type\":\"table\",\"params\":{\"perPage\":100,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"proto.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Protocol\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"username.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":3,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Username\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"password.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":3,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Password\"}}]}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":null}}}}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:844f33f0-488a-11e8-9b3d-f36e8d4f5cb2","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-25T13:13:59.727Z","visualization":{"title":"Heralding Source IP - Top 10","visState":"{\"title\":\"Heralding Source IP - Top 10\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"CNT\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"src_ip.keyword\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Source IP\"}}]}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"c2bea500-47ca-11e8-a905-f74bbc7cbd2d","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"}}}} +{"_index":".kibana","_type":"doc","_id":"search:Honeypot-Logs","_score":1,"_source":{"type":"search","updated_at":"2018-04-28T11:05:23.734Z","search":{"title":"Honeypot-Logs","description":"","hits":0,"columns":["_source"],"sort":["@timestamp","desc"],"version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"a06b3310-43e2-11e8-bf89-a753125435f7\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query\":\"type:\\\"Ciscoasa\\\" OR type:\\\"ConPot\\\" OR type:\\\"Cowrie\\\" OR type:\\\"Dionaea\\\" OR type:\\\"ElasticPot\\\" OR type:\\\"eMobility\\\" OR type:\\\"Glastopf\\\" OR type:\\\"Heralding\\\" OR type:\\\"Honeytrap\\\" OR type:\\\"Mailoney\\\" OR type:\\\"Rdpy\\\" OR type:\\\"Vnclowpot\\\"\",\"language\":\"lucene\"},\"highlightAll\":true,\"version\":true}"}}}} +{"_index":".kibana","_type":"doc","_id":"search:2934abc0-4ad4-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"search","updated_at":"2018-04-28T11:06:11.964Z","search":{"title":"Ciscoasa-Logs","description":"","hits":0,"columns":["_source"],"sort":["@timestamp","desc"],"version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"a06b3310-43e2-11e8-bf89-a753125435f7\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"type:\\\"Ciscoasa\\\"\",\"language\":\"lucene\"},\"filter\":[]}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:a72ec5f0-4ad5-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T11:34:15.315Z","visualization":{"title":"Ciscoasa Events by Country Histogram","visState":"{\n \"title\": \"Ciscoasa Events by Country Histogram\",\n \"type\": \"area\",\n \"params\": {\n \"type\": \"area\",\n \"grid\": {\n \"categoryLines\": false,\n \"style\": {\n \"color\": \"#eee\"\n }\n },\n \"categoryAxes\": [\n {\n \"id\": \"CategoryAxis-1\",\n \"type\": \"category\",\n \"position\": \"bottom\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"linear\"\n },\n \"labels\": {\n \"show\": true,\n \"truncate\": 100\n },\n \"title\": {}\n }\n ],\n \"valueAxes\": [\n {\n \"id\": \"ValueAxis-1\",\n \"name\": \"LeftAxis-1\",\n \"type\": \"value\",\n \"position\": \"left\",\n \"show\": true,\n \"style\": {},\n \"scale\": {\n \"type\": \"square root\",\n \"mode\": \"normal\"\n },\n \"labels\": {\n \"show\": true,\n \"rotate\": 0,\n \"filter\": false,\n \"truncate\": 100\n },\n \"title\": {\n \"text\": \"Events\"\n }\n }\n ],\n \"seriesParams\": [\n {\n \"show\": \"true\",\n \"type\": \"area\",\n \"mode\": \"normal\",\n \"data\": {\n \"label\": \"Events\",\n \"id\": \"1\"\n },\n \"drawLinesBetweenPoints\": true,\n \"showCircles\": true,\n \"interpolate\": \"linear\",\n \"valueAxis\": \"ValueAxis-1\"\n }\n ],\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"times\": [],\n \"addTimeMarker\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"Events\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"geoip.country_name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"@timestamp\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"Timestamp\"\n }\n }\n ]\n}","uiStateJSON":"{}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:b8745000-4ad5-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T11:33:27.710Z","visualization":{"title":"Ciscoasa Attack Map","visState":"{\n \"title\": \"Ciscoasa Attack Map\",\n \"type\": \"tile_map\",\n \"params\": {\n \"mapType\": \"Shaded Circle Markers\",\n \"isDesaturated\": false,\n \"addTooltip\": true,\n \"heatClusterSize\": 1.5,\n \"legendPosition\": \"bottomright\",\n \"mapZoom\": 2,\n \"mapCenter\": [\n 0,\n 0\n ],\n \"wms\": {\n \"enabled\": false,\n \"options\": {\n \"format\": \"image/png\",\n \"transparent\": true\n },\n \"baseLayersAreLoaded\": {},\n \"tmsLayers\": [\n {\n \"id\": \"road_map\",\n \"url\": \"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\n \"minZoom\": 0,\n \"maxZoom\": 10,\n \"attribution\": \"© OpenStreetMap contributors | Elastic Maps Service
\",\n \"subdomains\": []\n }\n ],\n \"selectedTmsLayer\": {\n \"id\": \"road_map\",\n \"url\": \"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4\",\n \"minZoom\": 0,\n \"maxZoom\": 10,\n \"attribution\": \"© OpenStreetMap contributors | Elastic Maps Service
\",\n \"subdomains\": []\n }\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"geohash_grid\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"geoip.location\",\n \"autoPrecision\": true,\n \"isFilteredByCollar\": true,\n \"useGeocentroid\": true,\n \"precision\": 2\n }\n }\n ]\n}","uiStateJSON":"{}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:1a80b720-4ad6-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T11:33:07.323Z","visualization":{"title":"Ciscoasa AS/N - Top 10","visState":"{\n \"title\": \"Ciscoasa AS/N - Top 10\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showPartialRows\": false,\n \"showMeticsAtAllLevels\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"showTotal\": false,\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"CNT\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"geoip.asn\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"AS\"\n }\n },\n {\n \"id\": \"3\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"geoip.as_org.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"ASN\"\n }\n }\n ]\n}","uiStateJSON":"{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:2a543aa0-4ad6-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T11:34:58.847Z","visualization":{"title":"Ciscoasa Source IP - Top 10","visState":"{\n \"title\": \"Ciscoasa Source IP - Top 10\",\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showPartialRows\": false,\n \"showMeticsAtAllLevels\": false,\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n },\n \"showTotal\": false,\n \"totalFunc\": \"sum\"\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"CNT\"\n }\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"src_ip.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Source IP\"\n }\n }\n ]\n}","uiStateJSON":"{\n \"vis\": {\n \"params\": {\n \"sort\": {\n \"columnIndex\": null,\n \"direction\": null\n }\n }\n }\n}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:fe02b580-4ad5-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T11:33:41.114Z","visualization":{"title":"Ciscoasa Countries - Top 10","visState":"{\n \"title\": \"Ciscoasa Countries - Top 10\",\n \"type\": \"pie\",\n \"params\": {\n \"type\": \"pie\",\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true,\n \"labels\": {\n \"show\": false,\n \"values\": true,\n \"last_level\": true,\n \"truncate\": 100\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"geoip.country_name.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ]\n}","uiStateJSON":"{}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}"}}}} +{"_index":".kibana","_type":"doc","_id":"visualization:d77bbba0-4ad5-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T11:35:13.594Z","visualization":{"title":"Ciscoasa Source IP Reputation","visState":"{\n \"title\": \"Ciscoasa Source IP Reputation\",\n \"type\": \"pie\",\n \"params\": {\n \"type\": \"pie\",\n \"addTooltip\": true,\n \"addLegend\": true,\n \"legendPosition\": \"right\",\n \"isDonut\": true,\n \"labels\": {\n \"show\": false,\n \"values\": true,\n \"last_level\": true,\n \"truncate\": 100\n }\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"enabled\": true,\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"enabled\": true,\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"ip_rep.keyword\",\n \"otherBucket\": false,\n \"otherBucketLabel\": \"Other\",\n \"missingBucket\": false,\n \"missingBucketLabel\": \"Missing\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ]\n}","uiStateJSON":"{}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\n \"filter\": [],\n \"query\": {\n \"query\": \"\",\n \"language\": \"lucene\"\n }\n}"}}}} +{"_index":".kibana","_type":"doc","_id":"config:6.2.4","_score":1,"_source":{"type":"config","updated_at":"2018-04-28T12:08:57.014Z","config":{"buildNum":16627,"defaultIndex":"a06b3310-43e2-11e8-bf89-a753125435f7","dateFormat:dow":"Monday","fields:popularLimit":"0","format:number:defaultPattern":"0.[000]","dateFormat":null}}} +{"_index":".kibana","_type":"doc","_id":"visualization:8a455850-4ad5-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"visualization","updated_at":"2018-04-28T12:13:44.582Z","visualization":{"title":"Ciscoasa Events Histogram","visState":"{\"title\":\"Ciscoasa Events Histogram\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"},\"valueAxis\":null},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Events\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"2\",\"label\":\"Unique Source IPs\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"square root\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Events\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"src_ip.keyword\",\"customLabel\":\"Unique Source IPs\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Timestamp\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":\"*\"},\"label\":\"All\"},{\"input\":{\"query\":\"src_port:*\"},\"label\":\"Exploit\"}]}}]}","uiStateJSON":"{}","description":"","savedSearchId":"2934abc0-4ad4-11e8-ab1b-fdef76c312f4","version":1,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"}}}} +{"_index":".kibana","_type":"doc","_id":"dashboard:33e08170-4ad9-11e8-ab1b-fdef76c312f4","_score":1,"_source":{"type":"dashboard","updated_at":"2018-04-28T12:14:13.579Z","dashboard":{"title":"Ciscoasa","hits":0,"description":"Ciscoasa Dashboard","panelsJSON":"[{\"gridData\":{\"h\":2,\"i\":\"1\",\"w\":6,\"x\":0,\"y\":0},\"id\":\"15f2c000-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":2,\"i\":\"2\",\"w\":6,\"x\":0,\"y\":2},\"id\":\"8a455850-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":2,\"i\":\"3\",\"w\":6,\"x\":0,\"y\":4},\"id\":\"a72ec5f0-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"mapCenter\":[33.7243396617476,-19.687500000000004],\"mapZoom\":2},\"gridData\":{\"h\":6,\"i\":\"4\",\"w\":6,\"x\":6,\"y\":0},\"id\":\"b8745000-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":3,\"i\":\"5\",\"w\":6,\"x\":0,\"y\":6},\"id\":\"d77bbba0-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":3,\"i\":\"6\",\"w\":6,\"x\":6,\"y\":6},\"id\":\"fe02b580-4ad5-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":5,\"i\":\"7\",\"w\":6,\"x\":6,\"y\":9},\"id\":\"1a80b720-4ad6-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":5,\"i\":\"8\",\"w\":6,\"x\":0,\"y\":9},\"id\":\"2a543aa0-4ad6-11e8-ab1b-fdef76c312f4\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.2.4\"}]","optionsJSON":"{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":false}","version":1,"timeRestore":false,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}"}}}}