diff --git a/pillar/data/addtotab.sh b/pillar/data/addtotab.sh index ac3d913a5..271558295 100644 --- a/pillar/data/addtotab.sh +++ b/pillar/data/addtotab.sh @@ -54,7 +54,8 @@ if [ $TYPE == 'evaltab' ] || [ $TYPE == 'standalonetab' ]; then salt-call state.apply utility queue=True fi fi -#if [ $TYPE == 'nodestab' ]; then +if [ $TYPE == 'nodestab' ]; then + salt-call state.apply elasticsearch queue=True # echo " nodetype: $NODETYPE" >> $local_salt_dir/pillar/data/$TYPE.sls # echo " hotname: $HOTNAME" >> $local_salt_dir/pillar/data/$TYPE.sls -#fi +fi diff --git a/pillar/firewall/ports.sls b/pillar/firewall/ports.sls deleted file mode 100644 index c10554fce..000000000 --- a/pillar/firewall/ports.sls +++ /dev/null @@ -1,65 +0,0 @@ -firewall: - analyst: - ports: - tcp: - - 80 - - 443 - udp: - beats_endpoint: - ports: - tcp: - - 5044 - forward_nodes: - ports: - tcp: - - 443 - - 5044 - - 5644 - - 9822 - udp: - manager: - ports: - tcp: - - 1514 - - 3200 - - 3306 - - 4200 - - 5601 - - 6379 - - 7788 - - 8086 - - 8090 - - 9001 - - 9200 - - 9300 - - 9400 - - 9500 - - 9595 - - 9696 - udp: - - 1514 - minions: - ports: - tcp: - - 3142 - - 4505 - - 4506 - - 5000 - - 8080 - - 8086 - - 55000 - osquery_endpoint: - ports: - tcp: - - 8090 - search_nodes: - ports: - tcp: - - 6379 - - 9300 - wazuh_endpoint: - ports: - tcp: - - 1514 - udp: - -1514 diff --git a/pillar/top.sls b/pillar/top.sls index 77db6fe60..627fed80b 100644 --- a/pillar/top.sls +++ b/pillar/top.sls @@ -82,6 +82,7 @@ base: - elasticsearch.search - global - minions.{{ grains.id }} + - data.nodestab '*_import': - zeeklogs diff --git a/salt/_modules/so.py b/salt/_modules/so.py index bbbbe4ea8..037b7da00 100644 --- a/salt/_modules/so.py +++ b/salt/_modules/so.py @@ -18,7 +18,7 @@ def mysql_conn(retry): return False mainint = __salt__['pillar.get']('host:mainint') - ip_arr = __salt__['grains.get']('ip_interfaces').get(mainint) + ip_arr = __salt__['grains.get']('ip4_interfaces').get(mainint) mysql_up = False diff --git a/salt/common/init.sls b/salt/common/init.sls index cf791cfa2..1192923b7 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -111,7 +111,7 @@ heldpackages: pkg.installed: - pkgs: - containerd.io: 1.2.13-2 - - docker-ce: 5:19.03.12~3-0~ubuntu-bionic + - docker-ce: 5:19.03.14~3-0~ubuntu-bionic - hold: True - update_holds: True @@ -147,7 +147,7 @@ heldpackages: pkg.installed: - pkgs: - containerd.io: 1.2.13-3.2.el7 - - docker-ce: 3:19.03.12-3.el7 + - docker-ce: 3:19.03.14-3.el7 - hold: True - update_holds: True {% endif %} diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common index 1dfa22a5f..6c7989c3d 100755 --- a/salt/common/tools/sbin/so-common +++ b/salt/common/tools/sbin/so-common @@ -135,3 +135,8 @@ fail() { echo "Exiting." exit 1 } + +get_random_value() { + length=${1:-20} + head -c 5000 /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w $length | head -n 1 +} \ No newline at end of file diff --git a/salt/common/tools/sbin/so-rule-update b/salt/common/tools/sbin/so-rule-update index ee6ac37df..397719d61 100755 --- a/salt/common/tools/sbin/so-rule-update +++ b/salt/common/tools/sbin/so-rule-update @@ -10,4 +10,4 @@ got_root() { } got_root -docker exec so-idstools /bin/bash -c 'cd /opt/so/idstools/etc && idstools-rulecat' +docker exec so-idstools /bin/bash -c "cd /opt/so/idstools/etc && idstools-rulecat $1" diff --git a/salt/common/tools/sbin/so-suricata-testrule b/salt/common/tools/sbin/so-suricata-testrule new file mode 100644 index 000000000..645a0368b --- /dev/null +++ b/salt/common/tools/sbin/so-suricata-testrule @@ -0,0 +1,63 @@ +#!/bin/bash +# +# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +{%- set MANAGER = salt['grains.get']('master') %} +{%- set VERSION = salt['pillar.get']('global:soversion') %} +{%- set IMAGEREPO = salt['pillar.get']('global:imagerepo') %} + +TESTRULE=$1 +TESTPCAP=$2 + +. /usr/sbin/so-common + +echo "" +echo "===============" +echo "Running all.rules and $TESTRULE against the following pcap: $TESTPCAP" +echo "" +sleep 3 + +cp /opt/so/conf/suricata/rules/all.rules /tmp/nids-testing/rules/all.rules +cat $TESTRULE >> /tmp/nids-testing/rules/all.rules + +rm -rf /tmp/nids-testing/output +mkdir -p /tmp/nids-testing/output +chown suricata:socore /tmp/nids-testing/output +mkdir -p /tmp/nids-testing/rules + + +echo "==== Begin Suricata Output ===" + + docker run --rm \ + -v /opt/so/conf/suricata/suricata.yaml:/etc/suricata/suricata.yaml:ro \ + -v /opt/so/conf/suricata/threshold.conf:/etc/suricata/threshold.conf:ro \ + -v /tmp/nids-testing/rules:/etc/suricata/rules:ro \ + -v "$TESTPCAP:/input.pcap:ro" \ + -v /opt/so/conf/suricata/bpf:/etc/suricata/bpf:ro \ + -v /tmp/nids-testing/output/:/nsm/:rw \ + {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-suricata:{{ VERSION }} \ + --runmode single -v -k none -r /input.pcap -l /tmp --init-errors-fatal +echo "==== End Suricata Output ===" + +echo "" +echo "If any alerts hit, they will be displayed below:" +echo "" + +cat /tmp/nids-testing/output/* | jq + +echo "" +echo "End so-suricata-testrule" +echo "===============" +echo "" diff --git a/salt/common/tools/sbin/so-yara-update b/salt/common/tools/sbin/so-yara-update index 9d7b3fcdf..a2a633957 100755 --- a/salt/common/tools/sbin/so-yara-update +++ b/salt/common/tools/sbin/so-yara-update @@ -16,6 +16,8 @@ # along with this program. If not, see . {%- set ISAIRGAP = salt['pillar.get']('global:airgap', 'False') %} +echo "Starting to check for yara rule updates at $(date)..." + output_dir="/opt/so/saltstack/default/salt/strelka/rules" mkdir -p $output_dir repos="$output_dir/repos.txt" @@ -27,6 +29,7 @@ updatecounter=0 {% if ISAIRGAP is sameas true %} +echo "Airgap mode enabled." clone_dir="/nsm/repo/rules/strelka" repo_name="signature-base" @@ -73,17 +76,17 @@ done echo "Done!" - if [ "$newcounter" -gt 0 ];then - echo "$newcounter new rules added." - fi +if [ "$newcounter" -gt 0 ];then + echo "$newcounter new rules added." +fi - if [ "$updatecounter" -gt 0 ];then - echo "$updatecounter rules updated." - fi +if [ "$updatecounter" -gt 0 ];then + echo "$updatecounter rules updated." +fi - if [ "$deletecounter" -gt 0 ];then - echo "$deletecounter rules removed because they were deprecated or don't exist in the source repo." - fi +if [ "$deletecounter" -gt 0 ];then + echo "$deletecounter rules removed because they were deprecated or don't exist in the source repo." +fi {% else %} @@ -162,4 +165,6 @@ else echo "No connectivity to Github...exiting..." exit 1 fi -{%- endif -%} \ No newline at end of file +{%- endif -%} + +echo "Finished rule updates at $(date)..." diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index da534281e..ce07168d5 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -219,8 +219,8 @@ rc1_to_rc2() { sed -i "/^global:/a \\$line" /opt/so/saltstack/local/pillar/global.sls; # Adding play values to the global.sls - local HIVEPLAYSECRET=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - local CORTEXPLAYSECRET=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) + local HIVEPLAYSECRET=$(get_random_value) + local CORTEXPLAYSECRET=$(get_random_value) sed -i "/^global:/a \\ hiveplaysecret: $HIVEPLAYSECRET" /opt/so/saltstack/local/pillar/global.sls; sed -i "/^global:/a \\ cortexplaysecret: $CORTEXPLAYSECRET" /opt/so/saltstack/local/pillar/global.sls; @@ -282,8 +282,8 @@ rc3_to_2.3.0() { sed -i 's/playbook:/playbook_db:/' /opt/so/saltstack/local/pillar/secrets.sls { - echo "playbook_admin: $(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1)" - echo "playbook_automation: $(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1)" + echo "playbook_admin: $(get_random_value)" + echo "playbook_automation: $(get_random_value)" } >> /opt/so/saltstack/local/pillar/secrets.sls } diff --git a/salt/elasticsearch/files/elasticsearch.yml b/salt/elasticsearch/files/elasticsearch.yml index 18d1c9c81..1ad65c43f 100644 --- a/salt/elasticsearch/files/elasticsearch.yml +++ b/salt/elasticsearch/files/elasticsearch.yml @@ -1,18 +1,19 @@ {%- set NODE_ROUTE_TYPE = salt['pillar.get']('elasticsearch:node_route_type', 'hot') %} -{%- if salt['pillar.get']('elasticsearch:hot_warm_enabled') or salt['pillar.get']('elasticsearch:true_cluster') %} -{%- set ESCLUSTERNAME = salt['pillar.get']('elasticsearch:true_cluster_name', '') %} +{%- set NODEIP = salt['pillar.get']('elasticsearch:mainip') %} +{%- set FEATURES = salt['pillar.get']('elastic:features', False) %} +{%- set TRUECLUSTER = salt['pillar.get']('elasticsearch:true_cluster', False) %} +{%- if TRUECLUSTER is sameas true %} + {%- set ESCLUSTERNAME = salt['pillar.get']('elasticsearch:true_cluster_name') %} {%- else %} -{%- set ESCLUSTERNAME = salt['pillar.get']('elasticsearch:esclustername', '') %} + {%- set ESCLUSTERNAME = salt['pillar.get']('elasticsearch:esclustername') %} {%- endif %} -{%- set NODEIP = salt['pillar.get']('elasticsearch:mainip', '') -%} -{% set FEATURES = salt['pillar.get']('elastic:features', False) %} cluster.name: "{{ ESCLUSTERNAME }}" network.host: 0.0.0.0 # minimum_master_nodes need to be explicitly set when bound on a public IP # set to 1 to allow single node clusters # Details: https://github.com/elastic/elasticsearch/pull/17288 -discovery.zen.minimum_master_nodes: 1 +#discovery.zen.minimum_master_nodes: 1 # This is a test -- if this is here, then the volume is mounted correctly. path.logs: /var/log/elasticsearch action.destructive_requires_name: true @@ -37,11 +38,30 @@ cluster.routing.allocation.disk.watermark.flood_stage: 98% #xpack.security.http.ssl.client_authentication: none #xpack.security.authc: # anonymous: -# username: anonymous_user -# roles: superuser -# authz_exception: true +# username: anonymous_user +# roles: superuser +# authz_exception: true {%- endif %} -node.attr.box_type: {{ NODE_ROUTE_TYPE }} -node.name: {{ ESCLUSTERNAME }} +node.name: {{ grains.host }} script.max_compilations_rate: 1000/1m +{%- if TRUECLUSTER is sameas true %} + {%- if grains.role == 'so-manager' %} + {%- if salt['pillar.get']('nodestab', {}) %} +node.roles: [ master, data, remote_cluster_client ] +discovery.seed_hosts: + - {{ grains.master }} + {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} + - {{ SN.split('_')|first }} + {%- endfor %} + {%- endif %} + {%- else %} +node.roles: [ data, ingest ] +node.attr.box_type: {{ NODE_ROUTE_TYPE }} +discovery.seed_hosts: + - {{ grains.master }} + {%- endif %} +{%- endif %} +{%- if TRUECLUSTER is sameas false %} +node.attr.box_type: {{ NODE_ROUTE_TYPE }} +{%- endif %} indices.query.bool.max_clause_count: 1500 diff --git a/salt/elasticsearch/files/ingest/ossec b/salt/elasticsearch/files/ingest/ossec index deb34168c..868de2798 100644 --- a/salt/elasticsearch/files/ingest/ossec +++ b/salt/elasticsearch/files/ingest/ossec @@ -63,7 +63,7 @@ { "rename": { "field": "fields.module", "target_field": "event.module", "ignore_failure": true, "ignore_missing": true } }, { "pipeline": { "if": "ctx.winlog?.channel == 'Microsoft-Windows-Sysmon/Operational'", "name": "sysmon" } }, { "pipeline": { "if": "ctx.winlog?.channel != 'Microsoft-Windows-Sysmon/Operational'", "name":"win.eventlogs" } }, - { "set": { "if": "ctx.containsKey('rule') && ctx.rule != null", "field": "event.dataset", "value": "alert", "override": true } }, + { "set": { "if": "ctx.rule != null && ctx.rule.name != null", "field": "event.dataset", "value": "alert", "override": true } }, { "pipeline": { "name": "common" } } ] } diff --git a/salt/elasticsearch/files/ingest/suricata.ftp_data b/salt/elasticsearch/files/ingest/suricata.ftp_data new file mode 100644 index 000000000..2867fbab0 --- /dev/null +++ b/salt/elasticsearch/files/ingest/suricata.ftp_data @@ -0,0 +1,10 @@ +{ + "description" : "suricata.ftp_data", + "processors" : [ + { "rename": { "field": "message2.proto", "target_field": "network.transport", "ignore_missing": true } }, + { "rename": { "field": "message2.app_proto", "target_field": "network.protocol", "ignore_missing": true } }, + { "rename": { "field": "message2.ftp_data.command", "target_field": "ftp.command", "ignore_missing": true } }, + { "rename": { "field": "message2.ftp_data.filename","target_field": "ftp.argument", "ignore_missing": true } }, + { "pipeline": { "name": "common" } } + ] +} diff --git a/salt/elasticsearch/files/ingest/win.eventlogs b/salt/elasticsearch/files/ingest/win.eventlogs index f7f9d6bac..3137e6bb5 100644 --- a/salt/elasticsearch/files/ingest/win.eventlogs +++ b/salt/elasticsearch/files/ingest/win.eventlogs @@ -6,7 +6,7 @@ { "set": { "if": "ctx.winlog?.computer_name != null", "field": "observer.name", "value": "{{winlog.computer_name}}", "override": true } }, { "set": { "field": "event.code", "value": "{{winlog.event_id}}", "override": true } }, { "set": { "field": "event.category", "value": "host", "override": true } }, - { "rename": { "field": "winlog.event_data.SubjectUserName", "target_field": "user.name", "ignore_missing": true } }, + { "rename": { "field": "winlog.event_data.SubjectUserName", "target_field": "user.name", "ignore_failure": true, "ignore_missing": true } }, { "rename": { "field": "winlog.event_data.User", "target_field": "user.name", "ignore_missing": true } } ] -} \ No newline at end of file +} diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls index 0b28ee6d1..3e0bac708 100644 --- a/salt/elasticsearch/init.sls +++ b/salt/elasticsearch/init.sls @@ -21,22 +21,22 @@ {% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %} {% set MANAGER = salt['grains.get']('master') %} {% set FEATURES = salt['pillar.get']('elastic:features', False) %} -{%- set NODEIP = salt['pillar.get']('elasticsearch:mainip', '') -%} +{% set NODEIP = salt['pillar.get']('elasticsearch:mainip', '') -%} +{% set TRUECLUSTER = salt['pillar.get']('elasticsearch:true_cluster', False) %} - -{%- if FEATURES is sameas true %} +{% if FEATURES is sameas true %} {% set FEATUREZ = "-features" %} {% else %} {% set FEATUREZ = '' %} {% endif %} {% if grains['role'] in ['so-eval','so-managersearch', 'so-manager', 'so-standalone', 'so-import'] %} - {% set esclustername = salt['pillar.get']('manager:esclustername', '') %} - {% set esheap = salt['pillar.get']('manager:esheap', '') %} + {% set esclustername = salt['pillar.get']('manager:esclustername') %} + {% set esheap = salt['pillar.get']('manager:esheap') %} {% set ismanager = True %} {% elif grains['role'] in ['so-node','so-heavynode'] %} - {% set esclustername = salt['pillar.get']('elasticsearch:esclustername', '') %} - {% set esheap = salt['pillar.get']('elasticsearch:esheap', '') %} + {% set esclustername = salt['pillar.get']('elasticsearch:esclustername') %} + {% set esheap = salt['pillar.get']('elasticsearch:esheap') %} {% set ismanager = False %} {% endif %} @@ -188,16 +188,16 @@ so-elasticsearch: - name: so-elasticsearch - user: elasticsearch - extra_hosts: - - {{ grains.host }}:{{ NODEIP }} - {%- if ismanager %} - {%- if salt['pillar.get']('nodestab', {}) %} - {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} - - {{ SN.split('_')|first }}:{{ SNDATA.ip }} - {%- endfor %} - {%- endif %} - {%- endif %} + - "{{ grains.host }}:{{ NODEIP }}" + {% if salt['pillar.get']('nodestab', {}) %} + {% for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} + - "{{ SN.split('_')|first }}:{{ SNDATA.ip }}" + {% endfor %} + {% endif %} - environment: + {% if TRUECLUSTER is sameas false or (TRUECLUSTER is sameas true and not salt['pillar.get']('nodestab', {})) %} - discovery.type=single-node + {% endif %} - ES_JAVA_OPTS=-Xms{{ esheap }} -Xmx{{ esheap }} ulimits: - memlock=-1:-1 diff --git a/salt/grafana/dashboards/eval/eval.json b/salt/grafana/dashboards/eval/eval.json index c9f3bced4..ee94504d1 100644 --- a/salt/grafana/dashboards/eval/eval.json +++ b/salt/grafana/dashboards/eval/eval.json @@ -24,18 +24,36 @@ "fieldConfig": { "defaults": { "custom": {}, - "decimals": 2, - "mappings": [], + "unit": "percent", + "min": 0, + "max": 100, "thresholds": { "mode": "absolute", "steps": [ { - "color": "rgb(255, 255, 255)", + "color": "rgba(50, 172, 45, 0.97)", "value": null + }, + { + "color": "rgba(237, 129, 40, 0.89)", + "value": 60 + }, + { + "color": "rgba(245, 54, 54, 0.9)", + "value": 80 } ] }, - "unit": "s" + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" }, "overrides": [] }, @@ -45,23 +63,15 @@ "x": 0, "y": 0 }, - "id": 39, + "id": 2, + "links": [], "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - } + "alertThreshold": true }, - "pluginVersion": "7.0.5", + "pluginVersion": "7.3.4", "targets": [ { + "dsType": "influxdb", "groupBy": [ { "params": [ @@ -76,7 +86,7 @@ "type": "fill" } ], - "measurement": "system", + "measurement": "cpu", "orderByTime": "ASC", "policy": "default", "refId": "A", @@ -85,13 +95,19 @@ [ { "params": [ - "uptime" + "usage_idle" ], "type": "field" }, { "params": [], - "type": "last" + "type": "mean" + }, + { + "params": [ + "* -1 + 100" + ], + "type": "math" } ] ], @@ -100,14 +116,87 @@ "key": "host", "operator": "=", "value": "{{ SERVERNAME }}" + }, + { + "condition": "AND", + "key": "cpu", + "operator": "=", + "value": "cpu-total" } - ] + ], + "alias": "Usage" } ], + "title": "{{ SERVERNAME }} - CPU", + "type": "graph", + "cacheTimeout": null, + "renderer": "flot", + "yaxes": [ + { + "label": null, + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "percent", + "$$hashKey": "object:395" + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:396" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "fillGradient": 0, + "linewidth": 1, + "dashes": false, + "hiddenSeries": false, + "dashLength": 10, + "spaceLength": 10, + "points": false, + "pointradius": 2, + "bars": false, + "stack": false, + "percentage": false, + "legend": { + "show": false, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "steppedLine": false, + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, "timeFrom": null, "timeShift": null, - "title": "{{ SERVERNAME }} - System Uptime", - "type": "stat" + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [] }, { "cacheTimeout": null, @@ -175,7 +264,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -416,7 +505,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -556,7 +645,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -696,7 +785,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -778,72 +867,58 @@ } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", "fieldConfig": { "defaults": { - "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ ROOTFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ ROOTFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ ROOTFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" + "custom": {} }, "overrides": [] }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 0, "y": 5 }, - "id": 12, - "links": [], - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 73, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "7.0.5", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -863,7 +938,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -888,76 +963,102 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", "fieldConfig": { "defaults": { - "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ NSMFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ NSMFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ NSMFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" + "custom": {} }, "overrides": [] }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 4, "y": 5 }, - "id": 31, - "links": [], - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 74, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "7.0.5", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -977,7 +1078,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -1002,8 +1103,48 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/nsm)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { "aliasColors": {}, @@ -1059,7 +1200,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1204,7 +1345,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1349,7 +1490,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1494,7 +1635,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1652,7 +1793,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1702,7 +1843,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1752,7 +1893,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1802,7 +1943,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1852,7 +1993,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1902,7 +2043,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2182,7 +2323,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2321,7 +2462,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2460,7 +2601,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2620,7 +2761,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2725,7 +2866,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2897,25 +3038,18 @@ "title": "Zeek Restarts via Healthcheck", "type": "stat" }, + + + { - "cacheTimeout": null, "datasource": "InfluxDB", "fieldConfig": { "defaults": { "custom": {}, - "decimals": 2, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": 1209600, + "unit": "s", "min": 0, - "nullValueMode": "connected", + "max": null, + "decimals": 2, "thresholds": { "mode": "absolute", "steps": [ @@ -2933,7 +3067,16 @@ } ] }, - "unit": "s" + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" }, "overrides": [] }, @@ -2946,25 +3089,16 @@ "id": 22, "links": [], "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "7.0.5", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3000,13 +3134,81 @@ "operator": "=", "value": "{{ SERVERNAME }}" } - ] + ], + "alias": "Oldest Pcap" } ], + "title": "{{ SERVERNAME }} - PCAP Retention", + "type": "graph", + "renderer": "flot", + "yaxes": [ + { + "label": "", + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "s", + "$$hashKey": "object:643", + "decimals": 2 + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:644" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "linewidth": 1, + "dashLength": 10, + "spaceLength": 10, + "pointradius": 2, + "legend": { + "show": true, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [], + "cacheTimeout": null, "timeFrom": null, "timeShift": null, - "title": "{{ SERVERNAME }} - PCAP Retention", - "type": "gauge" + "fillGradient": 0, + "dashes": false, + "hiddenSeries": false, + "points": false, + "bars": false, + "stack": false, + "percentage": false, + "steppedLine": false }, { "aliasColors": { @@ -3118,7 +3320,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3162,7 +3364,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3206,7 +3408,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3352,7 +3554,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3395,7 +3597,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3438,7 +3640,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3481,7 +3683,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3622,7 +3824,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3783,7 +3985,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3827,7 +4029,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3870,7 +4072,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4006,7 +4208,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4054,7 +4256,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4200,7 +4402,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4264,7 +4466,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4422,7 +4624,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4622,5 +4824,5 @@ "timezone": "browser", "title": "Evaluation Mode - {{ SERVERNAME }} Overview", "uid": "{{ UID }}", - "version": 6 + "version": 1 } diff --git a/salt/grafana/dashboards/manager/manager.json b/salt/grafana/dashboards/manager/manager.json index c5c09ae0e..9a498a34f 100644 --- a/salt/grafana/dashboards/manager/manager.json +++ b/salt/grafana/dashboards/manager/manager.json @@ -20,8 +20,43 @@ "links": [], "panels": [ { - "cacheTimeout": null, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {}, + "unit": "percent", + "min": 0, + "max": 100, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(50, 172, 45, 0.97)", + "value": null + }, + { + "color": "rgba(237, 129, 40, 0.89)", + "value": 60 + }, + { + "color": "rgba(245, 54, 54, 0.9)", + "value": 80 + } + ] + }, + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" + }, + "overrides": [] + }, "gridPos": { "h": 5, "w": 4, @@ -31,47 +66,16 @@ "id": 2, "links": [], "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "mappings": [], - "max": 100, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 60 - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [], - "values": false - }, - "orientation": "auto", - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "6.6.2", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -119,13 +123,80 @@ "operator": "=", "value": "cpu-total" } - ] + ], + "alias": "Usage" } ], + "title": "{{ SERVERNAME }} - CPU", + "type": "graph", + "cacheTimeout": null, + "renderer": "flot", + "yaxes": [ + { + "label": null, + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "percent", + "$$hashKey": "object:395" + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:396" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "fillGradient": 0, + "linewidth": 1, + "dashes": false, + "hiddenSeries": false, + "dashLength": 10, + "spaceLength": 10, + "points": false, + "pointradius": 2, + "bars": false, + "stack": false, + "percentage": false, + "legend": { + "show": false, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "steppedLine": false, + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, "timeFrom": null, "timeShift": null, - "title": "{{ SERVERNAME }} - CPU", - "type": "gauge" + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [] }, { "datasource": "InfluxDB", @@ -260,7 +331,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -400,7 +471,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -540,7 +611,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -622,68 +693,58 @@ } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 0, "y": 5 }, - "id": 12, - "links": [], - "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ ROOTFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ ROOTFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ ROOTFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" - }, - "overrides": [], - "values": false - }, - "orientation": "horizontal", - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 73, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "6.6.2", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -703,7 +764,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -728,72 +789,102 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 4, "y": 5 }, - "id": 35, - "links": [], - "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ NSMFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ NSMFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ NSMFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" - }, - "overrides": [], - "values": false - }, - "orientation": "horizontal", - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 74, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "6.6.2", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -813,7 +904,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -838,8 +929,48 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/nsm)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { "aliasColors": {}, @@ -888,7 +1019,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1028,7 +1159,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1168,7 +1299,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1308,7 +1439,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1454,7 +1585,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1504,7 +1635,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1554,7 +1685,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1604,7 +1735,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1654,7 +1785,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1704,7 +1835,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1846,7 +1977,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1910,7 +2041,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2286,7 +2417,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2330,7 +2461,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2374,7 +2505,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2510,7 +2641,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2574,7 +2705,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2734,7 +2865,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2777,7 +2908,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2820,7 +2951,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2863,7 +2994,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2997,7 +3128,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3041,7 +3172,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3084,7 +3215,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3219,7 +3350,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3283,7 +3414,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3434,7 +3565,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3481,7 +3612,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3616,7 +3747,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3751,7 +3882,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3815,7 +3946,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, diff --git a/salt/grafana/dashboards/managersearch/managersearch.json b/salt/grafana/dashboards/managersearch/managersearch.json index 838a37426..a852d8c0a 100644 --- a/salt/grafana/dashboards/managersearch/managersearch.json +++ b/salt/grafana/dashboards/managersearch/managersearch.json @@ -21,8 +21,43 @@ "links": [], "panels": [ { - "cacheTimeout": null, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {}, + "unit": "percent", + "min": 0, + "max": 100, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(50, 172, 45, 0.97)", + "value": null + }, + { + "color": "rgba(237, 129, 40, 0.89)", + "value": 60 + }, + { + "color": "rgba(245, 54, 54, 0.9)", + "value": 80 + } + ] + }, + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" + }, + "overrides": [] + }, "gridPos": { "h": 5, "w": 4, @@ -32,57 +67,16 @@ "id": 2, "links": [], "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": 100, - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": 60 - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [], - "values": false - }, - "orientation": "horizontal", - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "6.7.3", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -130,11 +124,80 @@ "operator": "=", "value": "cpu-total" } - ] + ], + "alias": "Usage" } ], "title": "{{ SERVERNAME }} - CPU", - "type": "gauge" + "type": "graph", + "cacheTimeout": null, + "renderer": "flot", + "yaxes": [ + { + "label": null, + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "percent", + "$$hashKey": "object:395" + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:396" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "fillGradient": 0, + "linewidth": 1, + "dashes": false, + "hiddenSeries": false, + "dashLength": 10, + "spaceLength": 10, + "points": false, + "pointradius": 2, + "bars": false, + "stack": false, + "percentage": false, + "legend": { + "show": false, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "steppedLine": false, + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, + "timeFrom": null, + "timeShift": null, + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [] }, { "datasource": "InfluxDB", @@ -269,7 +332,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -628,68 +691,58 @@ } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 0, "y": 5 }, - "id": 12, - "links": [], - "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ ROOTFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ ROOTFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ ROOTFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" - }, - "overrides": [], - "values": false - }, - "orientation": "horizontal", - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 73, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "6.7.3", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -709,7 +762,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -734,73 +787,102 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 4, "y": 5 }, - "id": 35, - "links": [], - "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "decimals": 2, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ NSMFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ NSMFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ NSMFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" - }, - "overrides": [], - "values": false - }, - "orientation": "horizontal", - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 74, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "6.7.3", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -820,7 +902,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -845,8 +927,48 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/nsm)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { "aliasColors": {}, @@ -1034,7 +1156,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1458,7 +1580,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1508,7 +1630,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1558,7 +1680,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1608,7 +1730,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1658,7 +1780,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1708,7 +1830,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1850,7 +1972,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1914,7 +2036,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2062,7 +2184,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2190,7 +2312,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2373,7 +2495,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2417,7 +2539,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2461,7 +2583,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2597,7 +2719,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2661,7 +2783,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2809,7 +2931,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2937,7 +3059,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3072,7 +3194,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3116,7 +3238,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3159,7 +3281,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3495,7 +3617,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3627,7 +3749,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4005,7 +4127,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4135,7 +4257,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4182,7 +4304,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4313,7 +4435,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4453,7 +4575,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4496,7 +4618,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4539,7 +4661,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4582,7 +4704,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, diff --git a/salt/grafana/dashboards/search_nodes/searchnode.json b/salt/grafana/dashboards/search_nodes/searchnode.json index a7170d276..72ebe768a 100644 --- a/salt/grafana/dashboards/search_nodes/searchnode.json +++ b/salt/grafana/dashboards/search_nodes/searchnode.json @@ -20,8 +20,43 @@ "links": [], "panels": [ { - "cacheTimeout": null, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {}, + "unit": "percent", + "min": 0, + "max": 100, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(50, 172, 45, 0.97)", + "value": null + }, + { + "color": "rgba(237, 129, 40, 0.89)", + "value": 60 + }, + { + "color": "rgba(245, 54, 54, 0.9)", + "value": 80 + } + ] + }, + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" + }, + "overrides": [] + }, "gridPos": { "h": 5, "w": 4, @@ -31,57 +66,16 @@ "id": 2, "links": [], "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": 100, - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": 60 - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [], - "values": false - }, - "orientation": "horizontal", - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "6.6.2", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -129,11 +123,80 @@ "operator": "=", "value": "cpu-total" } - ] + ], + "alias": "Usage" } ], "title": "{{ SERVERNAME }} - CPU", - "type": "gauge" + "type": "graph", + "cacheTimeout": null, + "renderer": "flot", + "yaxes": [ + { + "label": null, + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "percent", + "$$hashKey": "object:395" + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:396" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "fillGradient": 0, + "linewidth": 1, + "dashes": false, + "hiddenSeries": false, + "dashLength": 10, + "spaceLength": 10, + "points": false, + "pointradius": 2, + "bars": false, + "stack": false, + "percentage": false, + "legend": { + "show": false, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "steppedLine": false, + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, + "timeFrom": null, + "timeShift": null, + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [] }, { "datasource": "InfluxDB", @@ -268,7 +331,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -408,7 +471,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -548,7 +611,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -676,7 +739,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -757,68 +820,58 @@ } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 0, "y": 5 }, - "id": 12, - "links": [], - "options": { - "fieldOptions": { - "calcs": [ - "lastNotNull" - ], - "defaults": { - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ ROOTFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ ROOTFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ ROOTFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" - }, - "overrides": [], - "values": false - }, - "orientation": "horizontal", - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 73, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "6.6.2", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -838,7 +891,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -863,27 +916,102 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", - "cacheTimeout": null, + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 4, "y": 5 }, - "id": 35, - "links": [], + "hiddenSeries": false, + "id": 74, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -903,7 +1031,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -928,54 +1056,48 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/nsm)", - "type": "gauge", - "options": { - "showThresholdMarkers": true, - "showThresholdLabels": false, - "fieldOptions": { - "values": false, - "calcs": [ - "lastNotNull" - ], - "defaults": { - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ NSMFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ NSMFS * '.90'|float }}" - } - ] - }, - "mappings": [ - { - "op": "=", - "text": "N/A", - "value": "null", - "id": 0, - "type": 1 - } - ], - "unit": "bytes", - "nullValueMode": "connected", - "min": 0, - "max": "{{ NSMFS}}", - "decimals": 2 - }, - "overrides": [] - }, - "orientation": "horizontal" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" }, - "pluginVersion": "6.6.2" + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { "aliasColors": {}, @@ -1024,7 +1146,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1152,7 +1274,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1280,7 +1402,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1408,7 +1530,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1548,7 +1670,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1598,7 +1720,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1648,7 +1770,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1698,7 +1820,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1748,7 +1870,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1798,7 +1920,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1976,7 +2098,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2106,7 +2228,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2153,7 +2275,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2340,7 +2462,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2384,7 +2506,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2428,7 +2550,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2568,7 +2690,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2611,7 +2733,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2654,7 +2776,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2697,7 +2819,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2832,7 +2954,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2896,7 +3018,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3051,7 +3173,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3095,7 +3217,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3138,7 +3260,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3269,7 +3391,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3404,7 +3526,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3468,7 +3590,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, diff --git a/salt/grafana/dashboards/sensor_nodes/sensor.json b/salt/grafana/dashboards/sensor_nodes/sensor.json index 048bb5a34..9136a7838 100644 --- a/salt/grafana/dashboards/sensor_nodes/sensor.json +++ b/salt/grafana/dashboards/sensor_nodes/sensor.json @@ -109,23 +109,13 @@ "type": "stat" }, { - "cacheTimeout": null, "datasource": "InfluxDB", "fieldConfig": { "defaults": { "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": 100, + "unit": "percent", "min": 0, - "nullValueMode": "connected", + "max": 100, "thresholds": { "mode": "absolute", "steps": [ @@ -143,7 +133,16 @@ } ] }, - "unit": "percent" + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" }, "overrides": [] }, @@ -156,25 +155,16 @@ "id": 2, "links": [], "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "7.0.5", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -222,11 +212,80 @@ "operator": "=", "value": "cpu-total" } - ] + ], + "alias": "Usage" } ], "title": "{{ SERVERNAME }} - CPU", - "type": "gauge" + "type": "graph", + "cacheTimeout": null, + "renderer": "flot", + "yaxes": [ + { + "label": null, + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "percent", + "$$hashKey": "object:395" + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:396" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "fillGradient": 0, + "linewidth": 1, + "dashes": false, + "hiddenSeries": false, + "dashLength": 10, + "spaceLength": 10, + "points": false, + "pointradius": 2, + "bars": false, + "stack": false, + "percentage": false, + "legend": { + "show": false, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "steppedLine": false, + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, + "timeFrom": null, + "timeShift": null, + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [] }, { "aliasColors": {}, @@ -414,7 +473,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -553,7 +612,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -692,7 +751,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -773,72 +832,58 @@ } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", "fieldConfig": { "defaults": { - "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ ROOTFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ ROOTFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ ROOTFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" + "custom": {} }, "overrides": [] }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 0, "y": 5 }, - "id": 12, - "links": [], - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 73, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "7.0.5", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -858,7 +903,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -883,76 +928,102 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", "fieldConfig": { "defaults": { - "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ NSMFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ NSMFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ NSMFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" + "custom": {} }, "overrides": [] }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 4, "y": 5 }, - "id": 31, - "links": [], - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 74, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "7.0.5", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -972,7 +1043,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -997,28 +1068,58 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/nsm)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { - "cacheTimeout": null, "datasource": "InfluxDB", "fieldConfig": { "defaults": { "custom": {}, - "decimals": 2, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": 1209600, + "unit": "s", "min": 0, - "nullValueMode": "connected", + "max": null, + "decimals": 2, "thresholds": { "mode": "absolute", "steps": [ @@ -1036,7 +1137,16 @@ } ] }, - "unit": "s" + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" }, "overrides": [] }, @@ -1049,25 +1159,16 @@ "id": 22, "links": [], "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "7.0.5", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1103,12 +1204,82 @@ "operator": "=", "value": "{{ SERVERNAME }}" } - ] + ], + "alias": "Oldest Pcap" } ], "title": "{{ SERVERNAME }} - PCAP Retention", - "type": "gauge" - }, + "type": "graph", + "renderer": "flot", + "yaxes": [ + { + "label": "", + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "s", + "$$hashKey": "object:643", + "decimals": 2 + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:644" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "linewidth": 1, + "dashLength": 10, + "spaceLength": 10, + "pointradius": 2, + "legend": { + "show": true, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [], + "cacheTimeout": null, + "timeFrom": null, + "timeShift": null, + "fillGradient": 0, + "dashes": false, + "hiddenSeries": false, + "points": false, + "bars": false, + "stack": false, + "percentage": false, + "steppedLine": false + }, { "aliasColors": {}, "bars": false, @@ -1162,7 +1333,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1307,7 +1478,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1452,7 +1623,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1609,7 +1780,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1659,7 +1830,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1709,7 +1880,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1759,7 +1930,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1809,7 +1980,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1859,7 +2030,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1999,7 +2170,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2132,7 +2303,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2271,7 +2442,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2410,7 +2581,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2553,7 +2724,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2786,7 +2957,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2850,7 +3021,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3016,7 +3187,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3059,7 +3230,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3102,7 +3273,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3145,7 +3316,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3281,7 +3452,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3329,7 +3500,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3475,7 +3646,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3685,7 +3856,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3729,7 +3900,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3773,7 +3944,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3914,7 +4085,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3958,7 +4129,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4001,7 +4172,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4142,7 +4313,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4206,7 +4377,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, diff --git a/salt/grafana/dashboards/standalone/standalone.json b/salt/grafana/dashboards/standalone/standalone.json index 3bab1ff5f..079578a38 100644 --- a/salt/grafana/dashboards/standalone/standalone.json +++ b/salt/grafana/dashboards/standalone/standalone.json @@ -21,23 +21,13 @@ "links": [], "panels": [ { - "cacheTimeout": null, "datasource": "InfluxDB", "fieldConfig": { "defaults": { "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": 100, + "unit": "percent", "min": 0, - "nullValueMode": "connected", + "max": 100, "thresholds": { "mode": "absolute", "steps": [ @@ -55,7 +45,16 @@ } ] }, - "unit": "percent" + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" }, "overrides": [] }, @@ -68,25 +67,16 @@ "id": 2, "links": [], "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "7.0.5", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -134,12 +124,84 @@ "operator": "=", "value": "cpu-total" } - ] + ], + "alias": "Usage" } ], "title": "{{ SERVERNAME }} - CPU", - "type": "gauge" + "type": "graph", + "cacheTimeout": null, + "renderer": "flot", + "yaxes": [ + { + "label": null, + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "percent", + "$$hashKey": "object:395" + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:396" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "fillGradient": 0, + "linewidth": 1, + "dashes": false, + "hiddenSeries": false, + "dashLength": 10, + "spaceLength": 10, + "points": false, + "pointradius": 2, + "bars": false, + "stack": false, + "percentage": false, + "legend": { + "show": false, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "steppedLine": false, + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, + "timeFrom": null, + "timeShift": null, + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [] }, + + + { "datasource": "InfluxDB", "fieldConfig": { @@ -284,7 +346,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -574,7 +636,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -714,7 +776,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -796,72 +858,58 @@ } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", "fieldConfig": { "defaults": { - "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ ROOTFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ ROOTFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ ROOTFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" + "custom": {} }, "overrides": [] }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 0, "y": 5 }, - "id": 12, - "links": [], - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 73, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "7.0.5", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -881,7 +929,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -906,76 +954,102 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { - "cacheTimeout": null, + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, "datasource": "InfluxDB", "fieldConfig": { "defaults": { - "custom": {}, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": "{{ NSMFS }}", - "min": 0, - "nullValueMode": "connected", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(50, 172, 45, 0.97)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": "{{ NSMFS * '.80'|float }}" - }, - { - "color": "rgba(245, 54, 54, 0.9)", - "value": "{{ NSMFS * '.90'|float }}" - } - ] - }, - "unit": "bytes" + "custom": {} }, "overrides": [] }, + "fill": 1, + "fillGradient": 0, "gridPos": { "h": 5, "w": 4, "x": 4, "y": 5 }, - "id": 31, - "links": [], - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "hiddenSeries": false, + "id": 74, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false }, - "pluginVersion": "7.0.5", + "lines": true, + "linewidth": 1, + "nullPointMode": "connected", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.4", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, "targets": [ { - "dsType": "influxdb", + "alias": "Used", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -995,7 +1069,7 @@ [ { "params": [ - "used" + "used_percent" ], "type": "field" }, @@ -1020,8 +1094,48 @@ ] } ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, "title": "{{ SERVERNAME }} - Disk Used(/nsm)", - "type": "gauge" + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:708", + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "$$hashKey": "object:709", + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } }, { "aliasColors": {}, @@ -1366,7 +1480,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1511,7 +1625,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1669,7 +1783,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1719,7 +1833,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1769,7 +1883,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1819,7 +1933,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1869,7 +1983,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -1919,7 +2033,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2067,7 +2181,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2131,7 +2245,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2285,7 +2399,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2424,7 +2538,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2621,7 +2735,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2665,7 +2779,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2709,7 +2823,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -2851,7 +2965,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3045,24 +3159,14 @@ "type": "stat" }, { - "cacheTimeout": null, "datasource": "InfluxDB", "fieldConfig": { "defaults": { "custom": {}, - "decimals": 2, - "mappings": [ - { - "id": 0, - "op": "=", - "text": "N/A", - "type": 1, - "value": "null" - } - ], - "max": 1209600, + "unit": "s", "min": 0, - "nullValueMode": "connected", + "max": null, + "decimals": 2, "thresholds": { "mode": "absolute", "steps": [ @@ -3080,7 +3184,16 @@ } ] }, - "unit": "s" + "mappings": [ + { + "id": 0, + "op": "=", + "text": "N/A", + "type": 1, + "value": "null" + } + ], + "nullValueMode": "connected" }, "overrides": [] }, @@ -3093,25 +3206,16 @@ "id": 22, "links": [], "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "alertThreshold": true }, - "pluginVersion": "7.0.5", + "pluginVersion": "7.3.4", "targets": [ { "dsType": "influxdb", "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3147,13 +3251,81 @@ "operator": "=", "value": "{{ SERVERNAME }}" } - ] + ], + "alias": "Oldest Pcap" } ], + "title": "{{ SERVERNAME }} - PCAP Retention", + "type": "graph", + "renderer": "flot", + "yaxes": [ + { + "label": "", + "show": true, + "logBase": 1, + "min": null, + "max": null, + "format": "s", + "$$hashKey": "object:643", + "decimals": 2 + }, + { + "label": null, + "show": false, + "logBase": 1, + "min": null, + "max": null, + "format": "short", + "$$hashKey": "object:644" + } + ], + "xaxis": { + "show": true, + "mode": "time", + "name": null, + "values": [], + "buckets": null + }, + "yaxis": { + "align": false, + "alignLevel": null + }, + "lines": true, + "fill": 1, + "linewidth": 1, + "dashLength": 10, + "spaceLength": 10, + "pointradius": 2, + "legend": { + "show": false, + "values": false, + "min": false, + "max": false, + "current": false, + "total": false, + "avg": false + }, + "nullPointMode": "connected", + "tooltip": { + "value_type": "individual", + "shared": true, + "sort": 0 + }, + "aliasColors": {}, + "seriesOverrides": [], + "thresholds": [], + "timeRegions": [], + "cacheTimeout": null, "timeFrom": null, "timeShift": null, - "title": "{{ SERVERNAME }} - PCAP Retention", - "type": "gauge" + "fillGradient": 0, + "dashes": false, + "hiddenSeries": false, + "points": false, + "bars": false, + "stack": false, + "percentage": false, + "steppedLine": false }, { "aliasColors": { @@ -3215,7 +3387,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3259,7 +3431,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3302,7 +3474,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3648,7 +3820,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3794,7 +3966,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -3937,7 +4109,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -4550,7 +4722,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -5172,7 +5344,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -5220,7 +5392,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -5378,7 +5550,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -5483,7 +5655,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -5912,7 +6084,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -5955,7 +6127,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -5998,7 +6170,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, @@ -6041,7 +6213,7 @@ "groupBy": [ { "params": [ - "$Interval" + "$__interval" ], "type": "time" }, diff --git a/salt/grafana/defaults.yaml b/salt/grafana/defaults.yaml new file mode 100644 index 000000000..171f679e3 --- /dev/null +++ b/salt/grafana/defaults.yaml @@ -0,0 +1,26 @@ +grafana: + config: + server: + root_url: "%(protocol)s://%(domain)s/grafana/" + auth.anonymous: + enabled: true + org_name: Main Org. + org_role: Viewer + smtp: + enabled: false +# host: localhost:25 +# user: myuser + # If the password contains # or ; you have to wrap it with triple quotes wrapped by single quotes. Ex '"""#password;"""' +# password: mypassword +# cert_file: /etc/grafana/config/files/smtp_cert_file.crt +# key_file: /etc/grafana/config/files/smtp_key_file.key +# skip_verify: false + from_address: admin@grafana.localhost + from_name: Grafana +# ehlo_identity: dashboard.example.com +# auth.ldap: +# enabled: false +# config_file: /etc/grafana/config/files/ldap.toml +# allow_sign_up: true +# enterprise: +# license_path: /opt/so/conf/grafana/etc/files/license.jwt \ No newline at end of file diff --git a/salt/grafana/etc/dashboards/dashboard.yml b/salt/grafana/etc/dashboards/dashboard.yml index 72f77f845..b00dadc04 100644 --- a/salt/grafana/etc/dashboards/dashboard.yml +++ b/salt/grafana/etc/dashboards/dashboard.yml @@ -8,6 +8,7 @@ providers: type: file disableDeletion: false editable: true + allowUiUpdates: true options: path: /etc/grafana/grafana_dashboards/manager - name: 'Manager Search' @@ -15,6 +16,7 @@ providers: type: file disableDeletion: false editable: true + allowUiUpdates: true options: path: /etc/grafana/grafana_dashboards/managersearch - name: 'Sensor Nodes' @@ -22,6 +24,7 @@ providers: type: file disableDeletion: false editable: true + allowUiUpdates: true options: path: /etc/grafana/grafana_dashboards/sensor_nodes - name: 'Search Nodes' @@ -29,6 +32,7 @@ providers: type: file disableDeletion: false editable: true + allowUiUpdates: true options: path: /etc/grafana/grafana_dashboards/search_nodes - name: 'Standalone' @@ -36,6 +40,7 @@ providers: type: file disableDeletion: false editable: true + allowUiUpdates: true options: path: /etc/grafana/grafana_dashboards/standalone {%- else %} @@ -44,6 +49,7 @@ providers: type: file disableDeletion: false editable: true + allowUiUpdates: true options: path: /etc/grafana/grafana_dashboards/eval {% endif %} diff --git a/salt/grafana/etc/files/readme.txt b/salt/grafana/etc/files/readme.txt new file mode 100644 index 000000000..c78e8687c --- /dev/null +++ b/salt/grafana/etc/files/readme.txt @@ -0,0 +1 @@ +For files that are referenced inside the Grafana config, place them in /opt/so/saltstack/local/salt/grafana/etc/files/. This would include keys used for smtp or a Grafana enterprise license file. \ No newline at end of file diff --git a/salt/grafana/etc/grafana.ini b/salt/grafana/etc/grafana.ini deleted file mode 100644 index 3486ff241..000000000 --- a/salt/grafana/etc/grafana.ini +++ /dev/null @@ -1,482 +0,0 @@ -##################### Grafana Configuration Example ##################### -# -# Everything has defaults so you only need to uncomment things you want to -# change - -# possible values : production, development -;app_mode = production - -# instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty -;instance_name = ${HOSTNAME} - -#################################### Paths #################################### -[paths] -# Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used) -;data = /var/lib/grafana - -# Temporary files in `data` directory older than given duration will be removed -;temp_data_lifetime = 24h - -# Directory where grafana can store logs -;logs = /var/log/grafana - -# Directory where grafana will automatically scan and look for plugins -;plugins = /var/lib/grafana/plugins - -# folder that contains provisioning config files that grafana will apply on startup and while running. -;provisioning = conf/provisioning - -#################################### Server #################################### -[server] -# Protocol (http, https, socket) -;protocol = http - -# The ip address to bind to, empty will bind to all interfaces -;http_addr = - -# The http port to use -;http_port = 3000 - -# The public facing domain name used to access grafana from a browser -;domain = localhost - -# Redirect to correct domain if host header does not match domain -# Prevents DNS rebinding attacks -;enforce_domain = false - -# The full public facing url you use in browser, used for redirects and emails -# If you use reverse proxy and sub path specify full url (with sub path) -root_url = %(protocol)s://%(domain)s/grafana/ - -# Log web requests -;router_logging = false - -# the path relative working path -;static_root_path = public - -# enable gzip -;enable_gzip = false - -# https certs & key file -;cert_file = -;cert_key = - -# Unix socket path -;socket = - -#################################### Database #################################### -[database] -# You can configure the database connection by specifying type, host, name, user and password -# as separate properties or as on string using the url properties. - -# Either "mysql", "postgres" or "sqlite3", it's your choice -;type = sqlite3 -;host = 127.0.0.1:3306 -;name = grafana -;user = root -# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;""" -;password = - -# Use either URL or the previous fields to configure the database -# Example: mysql://user:secret@host:port/database -;url = - -# For "postgres" only, either "disable", "require" or "verify-full" -;ssl_mode = disable - -# For "sqlite3" only, path relative to data_path setting -;path = grafana.db - -# Max idle conn setting default is 2 -;max_idle_conn = 2 - -# Max conn setting default is 0 (mean not set) -;max_open_conn = - -# Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours) -;conn_max_lifetime = 14400 - -# Set to true to log the sql calls and execution times. -log_queries = - -#################################### Session #################################### -[session] -# Either "memory", "file", "redis", "mysql", "postgres", default is "file" -;provider = file - -# Provider config options -# memory: not have any config yet -# file: session dir path, is relative to grafana data_path -# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana` -# mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1:3306)/database_name` -# postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable -;provider_config = sessions - -# Session cookie name -;cookie_name = grafana_sess - -# If you use session in https only, default is false -;cookie_secure = false - -# Session life time, default is 86400 -;session_life_time = 86400 - -#################################### Data proxy ########################### -[dataproxy] - -# This enables data proxy logging, default is false -;logging = false - -#################################### Analytics #################################### -[analytics] -# Server reporting, sends usage counters to stats.grafana.org every 24 hours. -# No ip addresses are being tracked, only simple counters to track -# running instances, dashboard and error counts. It is very helpful to us. -# Change this option to false to disable reporting. -;reporting_enabled = true - -# Set to false to disable all checks to https://grafana.net -# for new vesions (grafana itself and plugins), check is used -# in some UI views to notify that grafana or plugin update exists -# This option does not cause any auto updates, nor send any information -# only a GET request to http://grafana.com to get latest versions -;check_for_updates = true - -# Google Analytics universal tracking code, only enabled if you specify an id here -;google_analytics_ua_id = - -#################################### Security #################################### -[security] -# default admin user, created on startup -;admin_user = admin - -# default admin password, can be changed before first start of grafana, or in profile settings -;admin_password = admin - -# used for signing -;secret_key = SW2YcwTIb9zpOOhoPsMm - -# Auto-login remember days -;login_remember_days = 7 -;cookie_username = grafana_user -;cookie_remember_name = grafana_remember - -# disable gravatar profile images -;disable_gravatar = false - -# data source proxy whitelist (ip_or_domain:port separated by spaces) -;data_source_proxy_whitelist = - -# disable protection against brute force login attempts -;disable_brute_force_login_protection = false - -#################################### Snapshots ########################### -[snapshots] -# snapshot sharing options -;external_enabled = true -;external_snapshot_url = https://snapshots-origin.raintank.io -;external_snapshot_name = Publish to snapshot.raintank.io - -# remove expired snapshot -;snapshot_remove_expired = true - -#################################### Dashboards History ################## -[dashboards] -# Number dashboard versions to keep (per dashboard). Default: 20, Minimum: 1 -;versions_to_keep = 20 - -#################################### Users ############################### -[users] -# disable user signup / registration -;allow_sign_up = true - -# Allow non admin users to create organizations -;allow_org_create = true - -# Set to true to automatically assign new users to the default organization (id 1) -;auto_assign_org = true - -# Default role new users will be automatically assigned (if disabled above is set to true) -;auto_assign_org_role = Viewer - -# Background text for the user field on the login page -;login_hint = email or username - -# Default UI theme ("dark" or "light") -;default_theme = dark - -# External user management, these options affect the organization users view -;external_manage_link_url = -;external_manage_link_name = -;external_manage_info = - -# Viewers can edit/inspect dashboard settings in the browser. But not save the dashboard. -;viewers_can_edit = false - -[auth] -# Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false -;disable_login_form = false - -# Set to true to disable the signout link in the side menu. useful if you use auth.proxy, defaults to false -;disable_signout_menu = false - -# URL to redirect the user to after sign out -;signout_redirect_url = - -#################################### Anonymous Auth ########################## -[auth.anonymous] -# enable anonymous access -enabled = true - -# specify organization name that should be used for unauthenticated users -org_name = Main Org. - -# specify role for unauthenticated users -org_role = Viewer - -#################################### Github Auth ########################## -[auth.github] -;enabled = false -;allow_sign_up = true -;client_id = some_id -;client_secret = some_secret -;scopes = user:email,read:org -;auth_url = https://github.com/login/oauth/authorize -;token_url = https://github.com/login/oauth/access_token -;api_url = https://api.github.com/user -;team_ids = -;allowed_organizations = - -#################################### Google Auth ########################## -[auth.google] -;enabled = false -;allow_sign_up = true -;client_id = some_client_id -;client_secret = some_client_secret -;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email -;auth_url = https://accounts.google.com/o/oauth2/auth -;token_url = https://accounts.google.com/o/oauth2/token -;api_url = https://www.googleapis.com/oauth2/v1/userinfo -;allowed_domains = - -#################################### Generic OAuth ########################## -[auth.generic_oauth] -;enabled = false -;name = OAuth -;allow_sign_up = true -;client_id = some_id -;client_secret = some_secret -;scopes = user:email,read:org -;auth_url = https://foo.bar/login/oauth/authorize -;token_url = https://foo.bar/login/oauth/access_token -;api_url = https://foo.bar/user -;team_ids = -;allowed_organizations = -;tls_skip_verify_insecure = false -;tls_client_cert = -;tls_client_key = -;tls_client_ca = - -#################################### Grafana.com Auth #################### -[auth.grafana_com] -;enabled = false -;allow_sign_up = true -;client_id = some_id -;client_secret = some_secret -;scopes = user:email -;allowed_organizations = - -#################################### Auth Proxy ########################## -[auth.proxy] -;enabled = false -;header_name = X-WEBAUTH-USER -;header_property = username -;auto_sign_up = true -;ldap_sync_ttl = 60 -;whitelist = 192.168.1.1, 192.168.2.1 -;headers = Email:X-User-Email, Name:X-User-Name - -#################################### Basic Auth ########################## -[auth.basic] -;enabled = true - -#################################### Auth LDAP ########################## -[auth.ldap] -;enabled = false -;config_file = /etc/grafana/ldap.toml -;allow_sign_up = true - -#################################### SMTP / Emailing ########################## -[smtp] -;enabled = false -;host = localhost:25 -;user = -# If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;""" -;password = -;cert_file = -;key_file = -;skip_verify = false -;from_address = admin@grafana.localhost -;from_name = Grafana -# EHLO identity in SMTP dialog (defaults to instance_name) -;ehlo_identity = dashboard.example.com - -[emails] -;welcome_email_on_sign_up = false - -#################################### Logging ########################## -[log] -# Either "console", "file", "syslog". Default is console and file -# Use space to separate multiple modes, e.g. "console file" -;mode = console file - -# Either "debug", "info", "warn", "error", "critical", default is "info" -;level = info - -# optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug -;filters = - -# For "console" mode only -[log.console] -;level = - -# log line format, valid options are text, console and json -;format = console - -# For "file" mode only -[log.file] -;level = - -# log line format, valid options are text, console and json -;format = text - -# This enables automated log rotate(switch of following options), default is true -;log_rotate = true - -# Max line number of single file, default is 1000000 -;max_lines = 1000000 - -# Max size shift of single file, default is 28 means 1 << 28, 256MB -;max_size_shift = 28 - -# Segment log daily, default is true -;daily_rotate = true - -# Expired days of log file(delete after max days), default is 7 -;max_days = 7 - -[log.syslog] -;level = - -# log line format, valid options are text, console and json -;format = text - -# Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used. -;network = -;address = - -# Syslog facility. user, daemon and local0 through local7 are valid. -;facility = - -# Syslog tag. By default, the process' argv[0] is used. -;tag = - -#################################### Alerting ############################ -[alerting] -# Disable alerting engine & UI features -;enabled = true -# Makes it possible to turn off alert rule execution but alerting UI is visible -;execute_alerts = true - -# Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state) -;error_or_timeout = alerting - -# Default setting for how Grafana handles nodata or null values in alerting. (alerting, no_data, keep_state, ok) -;nodata_or_nullvalues = no_data - -# Alert notifications can include images, but rendering many images at the same time can overload the server -# This limit will protect the server from render overloading and make sure notifications are sent out quickly -;concurrent_render_limit = 5 - -#################################### Explore ############################# -[explore] -# Enable the Explore section -;enabled = false - -#################################### Internal Grafana Metrics ########################## -# Metrics available at HTTP API Url /metrics -[metrics] -# Disable / Enable internal metrics -;enabled = true - -# Publish interval -;interval_seconds = 10 - -# Send internal metrics to Graphite -[metrics.graphite] -# Enable by setting the address setting (ex localhost:2003) -;address = -;prefix = prod.grafana.%(instance_name)s. - -#################################### Distributed tracing ############ -[tracing.jaeger] -# Enable by setting the address sending traces to jaeger (ex localhost:6831) -;address = localhost:6831 -# Tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2) -;always_included_tag = tag1:value1 -# Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote -;sampler_type = const -# jaeger samplerconfig param -# for "const" sampler, 0 or 1 for always false/true respectively -# for "probabilistic" sampler, a probability between 0 and 1 -# for "rateLimiting" sampler, the number of spans per second -# for "remote" sampler, param is the same as for "probabilistic" -# and indicates the initial sampling rate before the actual one -# is received from the mothership -;sampler_param = 1 - -#################################### Grafana.com integration ########################## -# Url used to import dashboards directly from Grafana.com -[grafana_com] -;url = https://grafana.com - -#################################### External image storage ########################## -[external_image_storage] -# Used for uploading images to public servers so they can be included in slack/email messages. -# you can choose between (s3, webdav, gcs, azure_blob, local) -;provider = - -[external_image_storage.s3] -;bucket = -;region = -;path = -;access_key = -;secret_key = - -[external_image_storage.webdav] -;url = -;public_url = -;username = -;password = - -[external_image_storage.gcs] -;key_file = -;bucket = -;path = - -[external_image_storage.azure_blob] -;account_name = -;account_key = -;container_name = - -[external_image_storage.local] -# does not require any configuration - -[rendering] -# Options to configure external image rendering server like https://github.com/grafana/grafana-image-renderer -;server_url = -;callback_url = - -[enterprise] -# Path to a valid Grafana Enterprise license.jwt file -;license_path = diff --git a/salt/grafana/etc/grafana.ini.jinja b/salt/grafana/etc/grafana.ini.jinja new file mode 100644 index 000000000..f2309056d --- /dev/null +++ b/salt/grafana/etc/grafana.ini.jinja @@ -0,0 +1,12 @@ +{%- macro write_config_line(cfg) %} +{%- for k,v in cfg.items() -%} +{{ k }} = {{ v }} +{% endfor %} +{%- endmacro %} + +{{ write_config_line(config.get("default", {})) }} +{% for header, cfg in config.items() %} +{%- if header == "default" %}{% continue %}{% endif %} +[{{ header }}] +{{ write_config_line(cfg) }} +{% endfor %} \ No newline at end of file diff --git a/salt/grafana/init.sls b/salt/grafana/init.sls index 8fe88f354..9c596ca98 100644 --- a/salt/grafana/init.sls +++ b/salt/grafana/init.sls @@ -9,6 +9,10 @@ {% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %} {% set ADMINPASS = salt['pillar.get']('secrets:grafana_admin') %} +{% import_yaml 'grafana/defaults.yaml' as default_settings %} +{% set GRAFANA_SETTINGS = salt['grains.filter_by'](default_settings, default='grafana', merge=salt['pillar.get']('grafana', {})) %} + + {% if grains['role'] in ['so-manager', 'so-managersearch', 'so-eval', 'so-standalone'] and GRAFANA == 1 %} # Grafana all the things @@ -75,13 +79,44 @@ grafanadashsndir: - group: 939 - makedirs: True -grafanaconf: - file.recurse: - - name: /opt/so/conf/grafana/etc +grafana-dashboard-config: + file.managed: + - name: /opt/so/conf/grafana/etc/dashboards/dashboard.yml - user: 939 - group: 939 - template: jinja - - source: salt://grafana/etc + - source: salt://grafana/etc/dashboards/dashboard.yml + - makedirs: True + + +grafana-datasources-config: + file.managed: + - name: /opt/so/conf/grafana/etc/datasources/influxdb.yaml + - user: 939 + - group: 939 + - template: jinja + - source: salt://grafana/etc/datasources/influxdb.yaml + - makedirs: True + +grafana-config: + file.managed: + - name: /opt/so/conf/grafana/etc/grafana.ini + - user: 939 + - group: 939 + - template: jinja + - source: salt://grafana/etc/grafana.ini.jinja + - context: + config: {{ GRAFANA_SETTINGS.config|json }} + +# these are the files that are referenced inside the config such as smtp:cert_file, smtp:cert_key, auth.ldap:config_file, enterprise:license_path +grafana-config-files: + file.recurse: + - name: /opt/so/conf/grafana/etc/files + - user: 939 + - group: 939 + - source: salt://grafana/etc/files + - makedirs: True + {% if salt['pillar.get']('managertab', False) %} {% for SN, SNDATA in salt['pillar.get']('managertab', {}).items() %} @@ -229,6 +264,7 @@ so-grafana: - /opt/so/conf/grafana/etc/datasources:/etc/grafana/provisioning/datasources:rw - /opt/so/conf/grafana/etc/dashboards:/etc/grafana/provisioning/dashboards:rw - /opt/so/conf/grafana/grafana_dashboards:/etc/grafana/grafana_dashboards:rw + - /opt/so/conf/grafana/etc/files:/etc/grafana/config/files:ro - environment: - GF_SECURITY_ADMIN_PASSWORD={{ ADMINPASS }} - port_bindings: diff --git a/salt/manager/init.sls b/salt/manager/init.sls index b506d06bf..4136b276d 100644 --- a/salt/manager/init.sls +++ b/salt/manager/init.sls @@ -91,7 +91,7 @@ append_so-aptcacherng_so-status.conf: strelka_yara_update: cron.present: - user: root - - name: '/usr/sbin/so-yara-update > /dev/null 2>&1' + - name: '/usr/sbin/so-yara-update >> /nsm/strelka/log/yara-update.log 2>&1' - hour: '7' - minute: '1' {% else %} diff --git a/salt/playbook/files/playbook_db_init.sh b/salt/playbook/files/playbook_db_init.sh index bd4f7abae..94aef0a44 100644 --- a/salt/playbook/files/playbook_db_init.sh +++ b/salt/playbook/files/playbook_db_init.sh @@ -1,11 +1,12 @@ #!/bin/bash # {%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) -%} # {%- set admin_pass = salt['pillar.get']('secrets:playbook_admin', None) %} +. /usr/sbin/so-common default_salt_dir=/opt/so/saltstack/default # Generate salt + hash for admin user -admin_salt=$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 32 | head -n 1) +admin_salt=$(get_random_value 32) admin_stage1_hash=$(echo -n '{{ admin_pass }}' | sha1sum | awk '{print $1}') admin_hash=$(echo -n "${admin_salt}${admin_stage1_hash}" | sha1sum | awk '{print $1}') sed -i "s/ADMIN_HASH/${admin_hash}/g" $default_salt_dir/salt/playbook/files/playbook_db_init.sql diff --git a/salt/soc/files/soc/soc.json b/salt/soc/files/soc/soc.json index 5bb348309..bda2df431 100644 --- a/salt/soc/files/soc/soc.json +++ b/salt/soc/files/soc/soc.json @@ -43,6 +43,10 @@ "password": "", "verifyCert": false }, + "sostatus": { + "refreshIntervalMs": 30000, + "offlineThresholdMs": 60000 + }, {% if THEHIVEKEY != '' %} "thehive": { "hostUrl": "http://{{ MANAGERIP }}:9000/thehive", diff --git a/salt/utility/bin/crossthestreams b/salt/utility/bin/crossthestreams index 6998c7669..490c7b548 100644 --- a/salt/utility/bin/crossthestreams +++ b/salt/utility/bin/crossthestreams @@ -1,8 +1,8 @@ #!/bin/bash {% set ES = salt['pillar.get']('manager:mainip', '') %} -{%- set MANAGER = salt['grains.get']('master') %} +{% set MANAGER = salt['grains.get']('master') %} {% set FEATURES = salt['pillar.get']('elastic:features', False) %} - +{% set TRUECLUSTER = salt['pillar.get']('elasticsearch:true_cluster', False) %} # Wait for ElasticSearch to come up, so that we can query for version infromation echo -n "Waiting for ElasticSearch..." @@ -34,9 +34,10 @@ echo "Applying cross cluster search config..." -d "{\"persistent\": {\"search\": {\"remote\": {\"{{ MANAGER }}\": {\"seeds\": [\"127.0.0.1:9300\"]}}}}}" # Add all the search nodes to cross cluster searching. - -{%- if salt['pillar.get']('nodestab', {}) %} - {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} +{%- if TRUECLUSTER is sameas false %} + {%- if salt['pillar.get']('nodestab', {}) %} + {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} curl -XPUT -L http://{{ ES }}:9200/_cluster/settings -H'Content-Type: application/json' -d '{"persistent": {"search": {"remote": {"{{ SN }}": {"skip_unavailable": "true", "seeds": ["{{ SN.split('_')|first }}:9300"]}}}}}' - {%- endfor %} + {%- endfor %} + {%- endif %} {%- endif %} diff --git a/salt/zeek/policy/securityonion/file-extraction/extract.zeek b/salt/zeek/policy/securityonion/file-extraction/extract.zeek index 6f59ed447..e5b7db864 100644 --- a/salt/zeek/policy/securityonion/file-extraction/extract.zeek +++ b/salt/zeek/policy/securityonion/file-extraction/extract.zeek @@ -1,4 +1,5 @@ -{%- import_yaml "zeek/fileextraction_defaults.yaml" as zeek with context %} +{% import_yaml "zeek/fileextraction_defaults.yaml" as zeek_default -%} +{% set zeek = salt['grains.filter_by'](zeek_default, default='zeek', merge=salt['pillar.get']('zeek', {})) -%} # Directory to stage Zeek extracted files before processing redef FileExtract::prefix = "/nsm/zeek/extracted/"; # Set a limit to the file size @@ -6,7 +7,7 @@ redef FileExtract::default_limit = 9000000; # These are the mimetypes we want to rip off the networks export { global _mime_whitelist: table[string] of string = { - {%- for li in zeek.zeek.policy.file_extraction %} + {%- for li in zeek.policy.file_extraction %} {%- if not loop.last %} {%- for k,v in li.items() %} ["{{ k }}"] = "{{ v }}", diff --git a/setup/automation/aws_standalone_defaults b/setup/automation/aws_standalone_defaults index 25d3da0e0..8e34320e0 100644 --- a/setup/automation/aws_standalone_defaults +++ b/setup/automation/aws_standalone_defaults @@ -26,7 +26,7 @@ ALLOW_ROLE=a BASICZEEK=7 BASICSURI=7 # BLOGS= -BNICS=ens6 +BNICS=eth1 ZEEKVERSION=ZEEK # CURCLOSEDAYS= # EVALADVANCED=BASIC @@ -46,7 +46,7 @@ MANAGERUPDATES=1 # MGATEWAY= # MIP= # MMASK= -MNIC=ens5 +MNIC=eth0 # MSEARCH= # MSRV= # MTU= diff --git a/setup/so-common-functions b/setup/so-common-functions deleted file mode 100644 index 8bdf09374..000000000 --- a/setup/so-common-functions +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/bash - -source ./so-variables -source ../salt/common/tools/sbin/so-common -source ../salt/common/tools/sbin/so-image-common - -# Helper functions - -filter_unused_nics() { - - if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi - - # If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string - if [[ $BNICS ]]; then - grep_string="$grep_string" - for BONDNIC in "${BNICS[@]}"; do - grep_string="$grep_string\|$BONDNIC" - done - fi - - # Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use) - filtered_nics=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "$grep_string" | sed 's/ //g') - readarray -t filtered_nics <<< "$filtered_nics" - - nic_list=() - for nic in "${filtered_nics[@]}"; do - case $(cat "/sys/class/net/${nic}/carrier" 2>/dev/null) in - 1) - nic_list+=("$nic" "Link UP " "OFF") - ;; - 0) - nic_list+=("$nic" "Link DOWN " "OFF") - ;; - *) - nic_list+=("$nic" "Link UNKNOWN " "OFF") - ;; - esac - done - - export nic_list -} - -calculate_useable_cores() { - - # Calculate reasonable core usage - local cores_for_zeek=$(( (num_cpu_cores/2) - 1 )) - local lb_procs_round - lb_procs_round=$(printf "%.0f\n" $cores_for_zeek) - - if [ "$lb_procs_round" -lt 1 ]; then lb_procs=1; else lb_procs=$lb_procs_round; fi - export lb_procs -} diff --git a/setup/so-functions b/setup/so-functions index 9e35c5958..cfafacbbf 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -15,13 +15,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -source ./so-whiptail -source ./so-variables -source ./so-common-functions - -CONTAINER_REGISTRY=quay.io - -SOVERSION=$(cat ../VERSION) +# README - DO NOT DEFINE GLOBAL VARIABLES IN THIS FILE. Instead use so-variables. log() { msg=$1 @@ -48,6 +42,51 @@ logCmd() { $cmd >> "$setup_log" 2>&1 } +filter_unused_nics() { + + if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi + + # If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string + if [[ $BNICS ]]; then + grep_string="$grep_string" + for BONDNIC in "${BNICS[@]}"; do + grep_string="$grep_string\|$BONDNIC" + done + fi + + # Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use) + filtered_nics=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "$grep_string" | sed 's/ //g') + readarray -t filtered_nics <<< "$filtered_nics" + + nic_list=() + for nic in "${filtered_nics[@]}"; do + case $(cat "/sys/class/net/${nic}/carrier" 2>/dev/null) in + 1) + nic_list+=("$nic" "Link UP " "OFF") + ;; + 0) + nic_list+=("$nic" "Link DOWN " "OFF") + ;; + *) + nic_list+=("$nic" "Link UNKNOWN " "OFF") + ;; + esac + done + + export nic_list +} + +calculate_useable_cores() { + + # Calculate reasonable core usage + local cores_for_zeek=$(( (num_cpu_cores/2) - 1 )) + local lb_procs_round + lb_procs_round=$(printf "%.0f\n" $cores_for_zeek) + + if [ "$lb_procs_round" -lt 1 ]; then lb_procs=1; else lb_procs=$lb_procs_round; fi + export lb_procs +} + airgap_rules() { # Copy the rules for suricata if using Airgap mkdir -p /nsm/repo/rules @@ -834,9 +873,9 @@ docker_install() { yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo; fi if [[ ! $is_iso ]]; then - yum -y install docker-ce-19.03.12-3.el7 containerd.io-1.2.13-3.2.el7; + yum -y install docker-ce-19.03.14-3.el7 containerd.io-1.2.13-3.2.el7; fi - yum versionlock docker-ce-19.03.12-3.el7; + yum versionlock docker-ce-19.03.14-3.el7; yum versionlock containerd.io-1.2.13-3.2.el7 } >> "$setup_log" 2>&1 @@ -884,7 +923,7 @@ docker_registry() { " \"bip\": \"$DNETBIP\","\ " \"default-address-pools\": ["\ " {"\ - " \"base\" : \"$DOCKERNET\","\ + " \"base\" : \"$DOCKERNET/24\","\ " \"size\" : 24"\ " }"\ " ]"\ @@ -989,22 +1028,22 @@ fleet_pillar() { generate_passwords(){ # Generate Random Passwords for Things - MYSQLPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - PLAYBOOKDBPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - PLAYBOOKADMINPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - PLAYBOOKAUTOMATIONPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - FLEETPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - FLEETJWT=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - GRAFANAPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) + MYSQLPASS=$(get_random_value) + PLAYBOOKDBPASS=$(get_random_value) + PLAYBOOKADMINPASS=$(get_random_value) + PLAYBOOKAUTOMATIONPASS=$(get_random_value) + FLEETPASS=$(get_random_value) + FLEETJWT=$(get_random_value) + GRAFANAPASS=$(get_random_value) if [[ "$THEHIVE" == "1" ]]; then - HIVEKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - HIVEPLAYSECRET=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - CORTEXKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - CORTEXORGUSERKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - CORTEXPLAYSECRET=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) + HIVEKEY=$(get_random_value) + HIVEPLAYSECRET=$(get_random_value) + CORTEXKEY=$(get_random_value) + CORTEXORGUSERKEY=$(get_random_value) + CORTEXPLAYSECRET=$(get_random_value) fi - SENSORONIKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - KRATOSKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) + SENSORONIKEY=$(get_random_value) + KRATOSKEY=$(get_random_value) } generate_repo_tarball() { @@ -1221,15 +1260,23 @@ manager_global() { "elastic:"\ " features: False"\ "elasticsearch:"\ - " replicas: 0"\ - " true_cluster: False"\ - " true_cluster_name: 'so'"\ + " replicas: 0" >> "$global_pillar" + if [ -n "$ESCLUSTERNAME" ]; then + printf '%s\n'\ + " true_cluster: True"\ + " true_cluster_name: '$ESCLUSTERNAME'" >> "$global_pillar" + else + printf '%s\n'\ + " true_cluster: False"\ + " true_cluster_name: 'so'" >> "$global_pillar" + fi + printf '%s\n'\ " discovery_nodes: 1"\ " hot_warm_enabled: False"\ " cluster_routing_allocation_disk.threshold_enabled: true"\ - " cluster_routing_allocation_disk_watermark_low: '95%'"\ - " cluster_routing_allocation_disk_watermark_high: '98%'"\ - " cluster_routing_allocation_disk_watermark_flood_stage: '98%'"\ + " cluster_routing_allocation_disk_watermark_low: '95%'"\ + " cluster_routing_allocation_disk_watermark_high: '98%'"\ + " cluster_routing_allocation_disk_watermark_flood_stage: '98%'"\ " index_settings:"\ " so-beats:"\ " shards: 1"\ @@ -1308,8 +1355,8 @@ minio_generate_keys() { local charSet="[:graph:]" - ACCESS_KEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) - ACCESS_SECRET=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 40 | head -n 1) + ACCESS_KEY=$(get_random_value) + ACCESS_SECRET=$(get_random_value 40) } @@ -1343,8 +1390,15 @@ elasticsearch_pillar() { "elasticsearch:"\ " mainip: '$MAINIP'"\ " mainint: '$MNIC'"\ - " esheap: '$NODE_ES_HEAP_SIZE'"\ - " esclustername: {{ grains.host }}"\ + " esheap: '$NODE_ES_HEAP_SIZE'" >> "$pillar_file" + if [ -n "$ESCLUSTERNAME" ]; then + printf '%s\n'\ + " esclustername: $ESCLUSTERNAME" >> "$pillar_file" + else + printf '%s\n'\ + " esclustername: {{ grains.host }}" >> "$pillar_file" + fi + printf '%s\n'\ " node_type: '$NODETYPE'"\ " es_port: $node_es_port"\ " log_size_limit: $log_size_limit"\ diff --git a/setup/so-setup b/setup/so-setup index 2fad47e3e..25f5e4b79 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -27,9 +27,19 @@ readarray -t original_args <<< "$@" cd "$(dirname "$0")" || exit 255 +# Source the generic function libraries that are also used by the product after +# setup. These functions are intended to be reusable outside of the setup process. +source ../salt/common/tools/sbin/so-common +source ../salt/common/tools/sbin/so-image-common + +# Setup bash functionality is divided into functions and user-facing prompts. +# Do not attempt to re-use any of this functionality outside of setup. Instead, +# if needed, migrated generic functions into so-common. source ./so-functions -source ./so-common-functions source ./so-whiptail + +# Finally, source the default variable definitions, which require availability of +# functions sourced above. source ./so-variables # Parse command line arguments @@ -382,6 +392,11 @@ fi if [[ $is_manager && ! $is_eval ]]; then whiptail_manager_adv + if [ "$MANAGERADV" = 'ADVANCED' ]; then + if [ "$install_type" = 'MANAGER' ] || [ "$install_type" = 'MANAGERSEARCH' ]; then + whiptail_manager_adv_escluster + fi + fi whiptail_zeek_version # Don't run this function for now since Snort is not yet supported # whiptail_nids diff --git a/setup/so-variables b/setup/so-variables index 266dba11e..1f154a5c0 100644 --- a/setup/so-variables +++ b/setup/so-variables @@ -1,5 +1,7 @@ #!/bin/bash +SOVERSION=$(cat ../VERSION) + total_mem=$(grep MemTotal /proc/meminfo | awk '{print $2}' | sed -r 's/.{3}$//') export total_mem @@ -12,7 +14,7 @@ export num_cpu_cores readarray -t cpu_core_list <<< "$(grep "processor" /proc/cpuinfo | grep -v "KVM" | awk '{print $3}')" export cpu_core_list -random_uid=$(. -source ./so-variables -source ./so-common-functions - whiptail_airgap() { [ -n "$TESTING" ] && return @@ -31,24 +28,6 @@ whiptail_airgap() { whiptail_check_exitstatus $exitstatus } -whiptail_basic_zeek() { - - [ -n "$TESTING" ] && return - - if [[ $is_node && $is_sensor && ! $is_eval ]]; then - local PROCS=$(expr $lb_procs / 2) - if [ "$PROCS" -lt 1 ]; then PROCS=1; else PROCS=$PROCS; fi - else - local PROCS=$lb_procs - fi - - BASICZEEK=$(whiptail --title "Security Onion Setup" --inputbox \ - "Enter the number of zeek processes:" 10 75 "$PROCS" 3>&1 1>&2 2>&3) - - local exitstatus=$? - whiptail_check_exitstatus $exitstatus -} - whiptail_basic_suri() { [ -n "$TESTING" ] && return @@ -68,15 +47,10 @@ whiptail_basic_suri() { } -whiptail_zeek_pins() { +whiptail_basic_zeek() { [ -n "$TESTING" ] && return - local cpu_core_list_whiptail=() - for item in "${cpu_core_list[@]}"; do - cpu_core_list_whiptail+=("$item" "OFF") - done - if [[ $is_node && $is_sensor && ! $is_eval ]]; then local PROCS=$(expr $lb_procs / 2) if [ "$PROCS" -lt 1 ]; then PROCS=1; else PROCS=$PROCS; fi @@ -84,13 +58,11 @@ whiptail_zeek_pins() { local PROCS=$lb_procs fi - ZEEKPINS=$(whiptail --noitem --title "Pin Zeek CPUS" --checklist "Please select $PROCS cores to pin Zeek to:" 20 75 12 "${cpu_core_list_whiptail[@]}" 3>&1 1>&2 2>&3 ) + BASICZEEK=$(whiptail --title "Security Onion Setup" --inputbox \ + "Enter the number of zeek processes:" 10 75 "$PROCS" 3>&1 1>&2 2>&3) + local exitstatus=$? whiptail_check_exitstatus $exitstatus - - ZEEKPINS=$(echo "$ZEEKPINS" | tr -d '"') - - IFS=' ' read -ra ZEEKPINS <<< "$ZEEKPINS" } whiptail_zeek_version() { @@ -103,47 +75,6 @@ whiptail_zeek_version() { local exitstatus=$? whiptail_check_exitstatus $exitstatus - -} - -whiptail_sensor_nics() { - - [ -n "$TESTING" ] && return - - filter_unused_nics - - if [[ $is_ec2 ]]; then - local menu_text="Please select NIC for the Monitor Interface:" - local list_type="radiolist" - else - local menu_text="Please add NICs to the Monitor Interface:" - local list_type="checklist" - fi - - BNICS=$(whiptail --title "NIC Setup" --$list_type "$menu_text" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3) - local exitstatus=$? - whiptail_check_exitstatus $exitstatus - - while [ -z "$BNICS" ] - do - BNICS=$(whiptail --title "NIC Setup" --$list_type "$menu_text" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) - local exitstatus=$? - whiptail_check_exitstatus $exitstatus - done - - BNICS=$(echo "$BNICS" | tr -d '"') - - IFS=' ' read -ra BNICS <<< "$BNICS" - - for bond_nic in "${BNICS[@]}"; do - if [[ "${nmcli_dev_status_list}" =~ $bond_nic\:unmanaged ]]; then - whiptail \ - --title "Security Onion Setup" \ - --msgbox "$bond_nic is unmanaged by Network Manager. Please remove it from other network management tools then re-run setup." \ - 8 75 - exit - fi - done } whiptail_bond_nics_mtu() { @@ -187,6 +118,13 @@ whiptail_check_exitstatus() { esac } +whiptail_components_adv_warning() { + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" --msgbox "Please keep in mind the more services that you enable the more RAM that is required." 8 75 +} + whiptail_create_admin_user() { [ -n "$TESTING" ] && return @@ -294,13 +232,6 @@ whiptail_create_web_user() { whiptail_check_exitstatus $exitstatus } -whiptail_invalid_user_warning() { - - [ -n "$TESTING" ] && return - - whiptail --title "Security Onion Setup" --msgbox "Please enter a valid email address." 8 75 -} - whiptail_create_web_user_password1() { [ -n "$TESTING" ] && return @@ -546,11 +477,26 @@ whiptail_eval_adv() { whiptail_check_exitstatus $exitstatus } -whiptail_components_adv_warning() { +whiptail_fleet_custom_hostname() { [ -n "$TESTING" ] && return - whiptail --title "Security Onion Setup" --msgbox "Please keep in mind the more services that you enable the more RAM that is required." 8 75 + FLEETCUSTOMHOSTNAME=$(whiptail --title "Security Onion Install" --inputbox \ + "What FQDN should osquery clients use for connections to this Fleet node? Leave blank if the local system hostname will be used." 10 60 3>&1 1>&2 2>&3) + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus +} + +whiptail_gauge_post_setup() { + + if [ -n "$TESTING" ]; then + cat >> $setup_log 2>&1 + else + local msg=$1 + + whiptail --title "Security Onion Setup" --gauge "$msg" 6 60 96 + fi } whiptail_helix_apikey() { @@ -677,6 +623,27 @@ whiptail_install_type_other() { export install_type } +whiptail_invalid_pass_characters_warning() { + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" --msgbox "Password is invalid. Please exclude single quotes, double quotes and backslashes from the password." 8 75 +} + +whiptail_invalid_pass_warning() { + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" --msgbox "Please choose a more secure password." 8 75 +} + +whiptail_invalid_user_warning() { + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" --msgbox "Please enter a valid email address." 8 75 +} + whiptail_log_size_limit() { [ -n "$TESTING" ] && return @@ -691,6 +658,17 @@ whiptail_log_size_limit() { } +whiptail_make_changes() { + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" --yesno "We are going to set this machine up as a $install_type. Please press YES to make changes or NO to cancel." 8 75 + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + +} + whiptail_management_interface_dns() { [ -n "$TESTING" ] && return @@ -792,42 +770,7 @@ whiptail_management_interface_setup() { whiptail_check_exitstatus $exitstatus } -whiptail_nids() { - [ -n "$TESTING" ] && return - - NIDS=$(whiptail --title "Security Onion Setup" --radiolist \ - "Choose which IDS to run: \n\n(Snort 3.0 support will be added once it is out of beta.)" 25 75 4 \ - "Suricata" "Suricata" ON \ - "Snort" "Placeholder for Snort 3.0 " OFF 3>&1 1>&2 2>&3 ) - - local exitstatus=$? - whiptail_check_exitstatus $exitstatus - -} - -whiptail_oinkcode() { - - [ -n "$TESTING" ] && return - - OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \ - "Enter your ET Pro or oinkcode:" 10 75 XXXXXXX 3>&1 1>&2 2>&3) - - local exitstatus=$? - whiptail_check_exitstatus $exitstatus - -} - -whiptail_make_changes() { - - [ -n "$TESTING" ] && return - - whiptail --title "Security Onion Setup" --yesno "We are going to set this machine up as a $install_type. Please select YES to make changes or NO to cancel." 8 75 - - local exitstatus=$? - whiptail_check_exitstatus $exitstatus - -} whiptail_management_server() { @@ -878,6 +821,30 @@ whiptail_manager_adv() { } +# Ask if you want to do true clustering +whiptail_manager_adv_escluster(){ + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" --yesno \ + "Do you want to set up a traditional ES cluster?" 8 75 + + local exitstatus=$? + + if [[ $exitstatus == 0 ]]; then + whiptail_manager_adv_escluster_name + fi +} + +# Get a cluster name +whiptail_manager_adv_escluster_name(){ + + [ -n "$TESTING" ] && return + + ESCLUSTERNAME=$(whiptail --title "Security Onion Setup" --inputbox \ + "Enter a name for your ES cluster!" 10 75 securityonion 3>&1 1>&2 2>&3) +} + # Ask which additional components to install whiptail_manager_adv_service_zeeklogs() { @@ -932,6 +899,54 @@ whiptail_manager_adv_service_zeeklogs() { } +whiptail_manager_updates() { + + [ -n "$TESTING" ] && return + + local update_string + update_string=$(whiptail --title "Security Onion Setup" --radiolist \ + "How would you like to download OS package updates for your grid?" 20 75 4 \ + "MANAGER" "Manager node is proxy for updates" ON \ + "OPEN" "Each node connects to the Internet for updates" OFF 3>&1 1>&2 2>&3 ) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + + case "$update_string" in + 'MANAGER') + export MANAGERUPDATES='1' + ;; + *) + export MANAGERUPDATES='0' + ;; + esac + +} + +whiptail_manager_updates_warning() { + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup"\ + --msgbox "Updating through the manager node requires the manager to have internet access, press ENTER to continue."\ + 8 75 + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus +} + +whiptail_nids() { + + [ -n "$TESTING" ] && return + + NIDS=$(whiptail --title "Security Onion Setup" --radiolist \ + "Choose which IDS to run: \n\n(Snort 3.0 support will be added once it is out of beta.)" 25 75 4 \ + "Suricata" "Suricata" ON \ + "Snort" "Placeholder for Snort 3.0 " OFF 3>&1 1>&2 2>&3 ) + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + +} + whiptail_network_notice() { [ -n "$TESTING" ] && return @@ -1017,6 +1032,18 @@ whiptail_node_ls_input_threads() { } +whiptail_oinkcode() { + + [ -n "$TESTING" ] && return + + OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \ + "Enter your ET Pro or oinkcode:" 10 75 XXXXXXX 3>&1 1>&2 2>&3) + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + +} + #TODO: helper function to display error message or exit if batch mode # exit_if_batch <"Error string"> @@ -1171,6 +1198,21 @@ whiptail_patch_schedule_select_hours() { } +whiptail_requirements_error() { + + local requirement_needed=$1 + local current_val=$2 + local needed_val=$3 + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" \ + --yesno "This machine currently has $current_val $requirement_needed, but needs $needed_val to meet minimum requirements. Press YES to continue anyway, or press NO to cancel." 10 75 + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus +} + whiptail_rule_setup() { [ -n "$TESTING" ] && return @@ -1202,6 +1244,46 @@ whiptail_sensor_config() { } +whiptail_sensor_nics() { + + [ -n "$TESTING" ] && return + + filter_unused_nics + + if [[ $is_ec2 ]]; then + local menu_text="Please select NIC for the Monitor Interface:" + local list_type="radiolist" + else + local menu_text="Please add NICs to the Monitor Interface:" + local list_type="checklist" + fi + + BNICS=$(whiptail --title "NIC Setup" --$list_type "$menu_text" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + + while [ -z "$BNICS" ] + do + BNICS=$(whiptail --title "NIC Setup" --$list_type "$menu_text" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + done + + BNICS=$(echo "$BNICS" | tr -d '"') + + IFS=' ' read -ra BNICS <<< "$BNICS" + + for bond_nic in "${BNICS[@]}"; do + if [[ "${nmcli_dev_status_list}" =~ $bond_nic\:unmanaged ]]; then + whiptail \ + --title "Security Onion Setup" \ + --msgbox "$bond_nic is unmanaged by Network Manager. Please remove it from other network management tools then re-run setup." \ + 8 75 + exit + fi + done +} + whiptail_set_hostname() { [ -n "$TESTING" ] && return @@ -1335,15 +1417,30 @@ whiptail_so_allow() { fi } -whiptail_gauge_post_setup() { +whiptail_storage_requirements() { + local mount=$1 + local current_val=$2 + local needed_val=$3 - if [ -n "$TESTING" ]; then - cat >> $setup_log 2>&1 - else - local msg=$1 + [ -n "$TESTING" ] && return - whiptail --title "Security Onion Setup" --gauge "$msg" 6 60 96 - fi + read -r -d '' message <<- EOM + Free space on mount point '${mount}' is currently ${current_val}. + + You need ${needed_val} to meet minimum requirements. + + Visit https://docs.securityonion.net/en/2.1/hardware.html for more information. + + Press YES to continue anyway, or press NO to cancel. + EOM + + whiptail \ + --title "Security Onion Setup" \ + --yesno "$message" \ + 14 75 + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus } whiptail_strelka_rules() { @@ -1386,40 +1483,6 @@ whiptail_suricata_pins() { } -whiptail_manager_updates() { - - [ -n "$TESTING" ] && return - - local update_string - update_string=$(whiptail --title "Security Onion Setup" --radiolist \ - "How would you like to download OS package updates for your grid?" 20 75 4 \ - "MANAGER" "Manager node is proxy for updates" ON \ - "OPEN" "Each node connects to the Internet for updates" OFF 3>&1 1>&2 2>&3 ) - local exitstatus=$? - whiptail_check_exitstatus $exitstatus - - case "$update_string" in - 'MANAGER') - export MANAGERUPDATES='1' - ;; - *) - export MANAGERUPDATES='0' - ;; - esac - -} - -whiptail_manager_updates_warning() { - [ -n "$TESTING" ] && return - - whiptail --title "Security Onion Setup"\ - --msgbox "Updating through the manager node requires the manager to have internet access, press ENTER to continue."\ - 8 75 - - local exitstatus=$? - whiptail_check_exitstatus $exitstatus -} - whiptail_node_updates() { [ -n "$TESTING" ] && return @@ -1457,3 +1520,40 @@ whiptail_you_sure() { return $exitstatus } + +whiptail_zeek_pins() { + + [ -n "$TESTING" ] && return + + local cpu_core_list_whiptail=() + for item in "${cpu_core_list[@]}"; do + cpu_core_list_whiptail+=("$item" "OFF") + done + + if [[ $is_smooshed ]]; then + local PROCS=$(expr $lb_procs / 2) + if [ "$PROCS" -lt 1 ]; then PROCS=1; else PROCS=$PROCS; fi + else + local PROCS=$lb_procs + fi + + ZEEKPINS=$(whiptail --noitem --title "Pin Zeek CPUS" --checklist "Please select $PROCS cores to pin Zeek to:" 20 75 12 "${cpu_core_list_whiptail[@]}" 3>&1 1>&2 2>&3 ) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + + ZEEKPINS=$(echo "$ZEEKPINS" | tr -d '"') + + IFS=' ' read -ra ZEEKPINS <<< "$ZEEKPINS" +} + +whiptail_zeek_version() { + + [ -n "$TESTING" ] && return + + ZEEKVERSION=$(whiptail --title "Security Onion Setup" --radiolist "What tool would you like to use to generate metadata?" 20 75 4 "ZEEK" "Zeek (formerly known as Bro)" ON \ + "SURICATA" "Suricata" OFF 3>&1 1>&2 2>&3) + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + +}