CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix grafana related issues. add redis to standalone

Browse Source
This commit is contained in:
m0duspwnens
2020-08-31 15:56:58 -04:00
parent 764ba4a0e9
commit 31f25eca57
8 changed files with 572 additions and 539 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
salt/grafana/dashboards/eval/eval.json
View File

@@ -3860,70 +3860,6 @@
"value": "{{ MONINT }}"
}
]
},
{
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$Interval"
],
"type": "time"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"measurement": "net",
"orderByTime": "ASC",
"policy": "default",
"query": "SELECT 8 * derivative(mean(\"bytes_sent\"),1s) FROM \"net\" WHERE \"host\" = 'JumpHost' AND \"interface\" = 'eth0' AND $timeFilter GROUP BY time($interval) fill(null)",
"rawQuery": false,
"refId": "B",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"bytes_sent"
],
"type": "field"
},
{
"params": [],
"type": "mean"
},
{
"params": [
"1s"
],
"type": "derivative"
},
{
"params": [
"*8"
],
"type": "math"
}
]
],
"tags": [
{
"key": "host",
"operator": "=",
"value": "{{ SERVERNAME }}"
},
{
"condition": "AND",
"key": "interface",
"operator": "=",
"value": "{{ MONINT }}"
}
]
}
],
"thresholds": [],

8
salt/grafana/dashboards/manager/manager.json
View File

@@ -583,7 +583,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS Unparsed Queue",
"title": "{{ SERVERNAME }} - Redis Queue",
"tooltip": {
"shared": true,
"sort": 0,
@@ -711,7 +711,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS Parsed Queue",
"title": "{{ SERVERNAME }} - Redis Parsed Queue",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1351,7 +1351,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS CPU Usage",
"title": "{{ SERVERNAME }} - Redis CPU Usage",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1485,7 +1485,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS Memory Usage",
"title": "{{ SERVERNAME }} - Redis Memory Usage",
"tooltip": {
"shared": true,
"sort": 0,

8
salt/grafana/dashboards/managersearch/managersearch.json
View File

@@ -588,7 +588,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS Unparsed Queue",
"title": "{{ SERVERNAME }} - Redis Queue",
"tooltip": {
"shared": true,
"sort": 0,
@@ -714,7 +714,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS Parsed Queue",
"title": "{{ SERVERNAME }} - Redis Parsed Queue",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1352,7 +1352,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS CPU Usage",
"title": "{{ SERVERNAME }} - Redis CPU Usage",
"tooltip": {
"shared": true,
"sort": 0,
@@ -1485,7 +1485,7 @@
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "{{ SERVERNAME }} - REDIS Memory Usage",
"title": "{{ SERVERNAME }} - Redis Memory Usage",
"tooltip": {
"shared": true,
"sort": 0,

64
salt/grafana/dashboards/sensor_nodes/sensor.json
View File

@@ -3420,70 +3420,6 @@
"value": "{{ MONINT }}"
}
]
},
{
"alias": "OutBound",
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$Interval"
],
"type": "time"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"measurement": "net",
"orderByTime": "ASC",
"policy": "default",
"query": "SELECT 8 * derivative(mean(\"bytes_sent\"),1s) FROM \"net\" WHERE \"host\" = 'JumpHost' AND \"interface\" = 'eth0' AND $timeFilter GROUP BY time($interval) fill(null)",
"rawQuery": false,
"refId": "B",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"bytes_sent"
],
"type": "field"
},
{
"params": [],
"type": "mean"
},
{
"params": [
"1s"
],
"type": "derivative"
},
{
"params": [
"*8"
],
"type": "math"
}
]
],
"tags": [
{
"key": "host",
"operator": "=",
"value": "{{ SERVERNAME }}"
},
{
"condition": "AND",
"key": "interface",
"operator": "=",
"value": "{{ MONINT }}"
}
]
}
],
"thresholds": [],

955
salt/grafana/dashboards/standalone/standalone.json
View File

File diff suppressed because it is too large Load Diff

6
salt/telegraf/scripts/broloss.sh
View File

@@ -4,14 +4,14 @@ ZEEKLOG=$(tac /host/nsm/zeek/logs/packetloss.log | head -2)
declare RESULT=($ZEEKLOG)
CURRENTDROP=${RESULT[3]}
PASTDROP=${RESULT[9]}
DROPPED=$(($CURRENTDROP - $PASTDROP))
DROPPED=$((CURRENTDROP - PASTDROP))
if [ $DROPPED == 0 ]; then
LOSS=0
echo "brodrop drop=0"
else
CURRENTPACKETS=${RESULT[5]}
PASTPACKETS=${RESULT[11]}
TOTAL=$(($CURRENTPACKETS - $PASTPACKETS))
TOTAL=$((CURRENTPACKETS - PASTPACKETS))
LOSS=$(echo $DROPPED $TOTAL / p | dc)
echo "brodrop drop=$LOSS"
fi
fi

4
salt/telegraf/scripts/influxdbsize.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash
INFLUXSIZE=$(du -s -B1 /host/nsm/influxdb | awk {'print $1'})
INFLUXSIZE=$(du -s -k /host/nsm/influxdb | awk {'print $1'})
echo "influxsize bytes=$INFLUXSIZE"
echo "influxsize kbytes=$INFLUXSIZE"

2
salt/top.sls
View File

@@ -199,6 +199,7 @@ base:
{%- endif %}
- logstash
- minio
- redis
- kibana
- pcap
- suricata
@@ -213,7 +214,6 @@ base:
- elastalert
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- redis
- fleet.install_package
{%- endif %}
- utility