CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

add network and tool packetloss panels to overview

Browse Source
This commit is contained in:
m0duspwnens
2021-07-22 13:16:39 -04:00
parent 1c460cc19c
commit 9ae84c8108
6 changed files with 499 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
salt/grafana/defaults.yaml
View File

@@ -100,74 +100,112 @@ grafana:
management_interface_traffic_outbound_graph:
gridPos:
x: 0
y: 58
y: 64
h: 8
w: 24
management_interface_drops_graph:
management_interface_drops_inbound_graph:
gridPos:
x: 0
y: 58
y: 72
h: 8
w: 24
management_interface_drops_outbound_graph:
gridPos:
x: 0
y: 80
h: 8
w: 24
monitor_interface_traffic_inbound_graph:
gridPos:
x: 0
y: 58
h: 8
w: 24
monitor_interface_drops_graph:
gridPos:
x: 0
y: 66
y: 88
h: 8
w: 24
monitor_interface_traffic_outbound_graph:
gridPos:
x: 0
y: 96
h: 8
w: 24
monitor_interface_drops_inbound_graph:
gridPos:
x: 0
y: 104
h: 8
w: 24
row_packetloss:
gridPos:
x: 0
y: 112
h: 1
w: 24
zeek_packet_loss_graph:
gridPos:
x: 0
y: 113
h: 8
w: 24
suricata_packetloss_graph:
gridPos:
x: 0
y: 121
h: 8
w: 12
stenographer_packetloss_graph:
gridPos:
x: 12
y: 129
h: 8
w: 12
row_cpu:
gridPos:
x: 0
y: 74
y: 999
h: 1
w: 24
cpu_usage_tasks_running_graph:
gridPos:
x: 0
y: 75
y: 1000
h: 8
w: 24
cpu_usage_tasks_zombies_graph:
gridPos:
x: 0
y: 83
y: 1008
h: 8
w: 12
cpu_usage_tasks_stopped_graph:
gridPos:
x: 12
y: 83
y: 1008
h: 8
w: 12
cpu_usage_tasks_sleeping_graph:
gridPos:
x: 0
y: 91
y: 1016
h: 8
w: 12
cpu_usage_tasks_blocked_graph:
gridPos:
x: 12
y: 91
y: 1016
h: 8
w: 12
cpu_usage_tasks_paging_graph:
gridPos:
x: 0
y: 99
y: 1024
h: 8
w: 12
cpu_usage_tasks_unknown_graph:
gridPos:
x: 12
y: 99
y: 1024
h: 8
w: 12

143
salt/grafana/panels/management_interface_drops_inbound_graph.json.jinja Normal file
View File

@@ -0,0 +1,143 @@
{
"aliasColors": {},
"dashLength": 10,
"datasource": "InfluxDB",
"fieldConfig": {
"defaults": {},
"overrides": []
},
"gridPos": {
"x": {{ PANELS.management_interface_drops_inbound_graph.gridPos.x }},
"y": {{ PANELS.management_interface_drops_inbound_graph.gridPos.y }},
"w": {{ PANELS.management_interface_drops_inbound_graph.gridPos.w }},
"h": {{ PANELS.management_interface_drops_inbound_graph.gridPos.h }}
},
"id": 61877,
"interval": "30s",
"legend": {
"alignAsTable": true,
"avg": true,
"current": true,
"max": false,
"min": false,
"rightSide": true,
"show": true,
"sort": "current",
"sortDesc": true,
"total": false,
"values": true
},
"lines": true,
"linewidth": 1,
"maxDataPoints": 750,
"nullPointMode": "connected",
"options": {
"alertThreshold": false
},
"pluginVersion": "7.5.4",
"pointradius": 2,
"renderer": "flot",
"seriesOverrides": [
{
"$$hashKey": "object:592",
"alias": "/veth/",
"hiddenSeries": true,
"legend": false
}
],
"spaceLength": 10,
"targets": [
{
"alias": "$tag_host: $tag_role",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"orderByTime": "ASC",
"policy": "default",
"query": "SELECT non_negative_derivative(mean(drop_in), 1s) as \"in\" FROM \"net\" WHERE host =~ /$servername/ AND interface =~ /$manint/ AND role =~ /$role/ AND $timeFilter GROUP BY time($__interval), host,role fill(none)",
"queryType": "randomWalk",
"rawQuery": true,
"refId": "A",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"value"
],
"type": "field"
},
{
"params": [],
"type": "mean"
}
]
],
"tags": []
}
],
"thresholds": [],
"timeRegions": [],
"title": "Management Interface Drops - Inbound",
"tooltip": {
"shared": true,
"sort": 2,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"$$hashKey": "object:500",
"format": "pps",
"label": "Drops per second",
"logBase": 1,
"max": null,
"min": 0,
"show": true
},
{
"$$hashKey": "object:501",
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true,
"decimals": 0
}
],
"yaxis": {
"align": false,
"alignLevel": null
},
"fill": 0,
"bars": false,
"dashes": false,
"decimals": 0,
"fillGradient": 0,
"hiddenSeries": false,
"percentage": false,
"points": false,
"stack": false,
"steppedLine": false,
"timeFrom": null,
"timeShift": null
}

143
salt/grafana/panels/management_interface_drops_outbound_graph.json.jinja Normal file
View File

@@ -0,0 +1,143 @@
{
"aliasColors": {},
"dashLength": 10,
"datasource": "InfluxDB",
"fieldConfig": {
"defaults": {},
"overrides": []
},
"gridPos": {
"x": {{ PANELS.management_interface_drops_outbound_graph.gridPos.x }},
"y": {{ PANELS.management_interface_drops_outbound_graph.gridPos.y }},
"w": {{ PANELS.management_interface_drops_outbound_graph.gridPos.w }},
"h": {{ PANELS.management_interface_drops_outbound_graph.gridPos.h }}
},
"id": 188189,
"interval": "30s",
"legend": {
"alignAsTable": true,
"avg": true,
"current": true,
"max": false,
"min": false,
"rightSide": true,
"show": true,
"sort": "current",
"sortDesc": true,
"total": false,
"values": true
},
"lines": true,
"linewidth": 1,
"maxDataPoints": 750,
"nullPointMode": "connected",
"options": {
"alertThreshold": false
},
"pluginVersion": "7.5.4",
"pointradius": 2,
"renderer": "flot",
"seriesOverrides": [
{
"$$hashKey": "object:592",
"alias": "/veth/",
"hiddenSeries": true,
"legend": false
}
],
"spaceLength": 10,
"targets": [
{
"alias": "$tag_host: $tag_role",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"hide": false,
"orderByTime": "ASC",
"policy": "default",
"query": "SELECT non_negative_derivative(mean(drop_out), 1s) as \"out\" FROM \"net\" WHERE host =~ /$servername/ AND interface =~ /$manint/ AND role =~ /$role/ AND $timeFilter GROUP BY time($__interval), host,role fill(none)",
"rawQuery": true,
"refId": "B",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"value"
],
"type": "field"
},
{
"params": [],
"type": "mean"
}
]
],
"tags": []
}
],
"thresholds": [],
"timeRegions": [],
"title": "Management Interface Drops - Outbound",
"tooltip": {
"shared": true,
"sort": 2,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"$$hashKey": "object:500",
"format": "pps",
"label": "Drops per second",
"logBase": 1,
"max": null,
"min": 0,
"show": true
},
{
"$$hashKey": "object:501",
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true,
"decimals": 0
}
],
"yaxis": {
"align": false,
"alignLevel": null
},
"fill": 0,
"bars": false,
"dashes": false,
"decimals": 0,
"fillGradient": 0,
"hiddenSeries": false,
"percentage": false,
"points": false,
"stack": false,
"steppedLine": false,
"timeFrom": null,
"timeShift": null
}

2
salt/grafana/panels/management_interface_traffic_inbound_graph.json.jinja
View File

@@ -24,7 +24,7 @@
"interval": "30s",
"legend": {
"alignAsTable": true,
"avg": false,
"avg": true,
"current": true,
"max": false,
"min": false,

141
salt/grafana/panels/monitor_interface_drops_inbound_graph.json.jinja Normal file
View File

@@ -0,0 +1,141 @@
{
"aliasColors": {},
"dashLength": 10,
"datasource": "InfluxDB",
"fieldConfig": {
"defaults": {},
"overrides": []
},
"gridPos": {
"x": {{ PANELS.monitor_interface_drops_inbound_graph.gridPos.x }},
"y": {{ PANELS.monitor_interface_drops_inbound_graph.gridPos.y }},
"w": {{ PANELS.monitor_interface_drops_inbound_graph.gridPos.w }},
"h": {{ PANELS.monitor_interface_drops_inbound_graph.gridPos.h }}
},
"id": 188190,
"interval": "30s",
"legend": {
"alignAsTable": true,
"avg": true,
"current": true,
"max": false,
"min": false,
"show": true,
"total": false,
"values": true,
"rightSide": true
},
"lines": true,
"linewidth": 1,
"maxDataPoints": 750,
"nullPointMode": "connected",
"options": {
"alertThreshold": false
},
"pluginVersion": "7.5.4",
"pointradius": 2,
"renderer": "flot",
"seriesOverrides": [
{
"$$hashKey": "object:592",
"alias": "/veth/",
"hiddenSeries": true,
"legend": false
}
],
"spaceLength": 10,
"targets": [
{
"alias": "$tag_host: $tag_role",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"null"
],
"type": "fill"
}
],
"orderByTime": "ASC",
"policy": "default",
"query": "SELECT non_negative_derivative(mean(drop_in), 1s) as \"in\" FROM \"net\" WHERE host =~ /$servername/ AND interface =~ /$monint/ AND role =~ /$role/ AND $timeFilter GROUP BY time($__interval), host,role fill(none)",
"queryType": "randomWalk",
"rawQuery": true,
"refId": "A",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"value"
],
"type": "field"
},
{
"params": [],
"type": "mean"
}
]
],
"tags": []
}
],
"thresholds": [],
"timeRegions": [],
"title": "Monitor Interface Drops - Inbound",
"tooltip": {
"shared": true,
"sort": 2,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"$$hashKey": "object:500",
"format": "pps",
"label": "Drops per second",
"logBase": 1,
"max": null,
"min": 0,
"show": true
},
{
"$$hashKey": "object:501",
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true,
"decimals": 0
}
],
"yaxis": {
"align": false,
"alignLevel": null
},
"fill": 0,
"bars": false,
"dashes": false,
"decimals": 0,
"fillGradient": 0,
"hiddenSeries": false,
"percentage": false,
"points": false,
"stack": false,
"steppedLine": false,
"timeFrom": null,
"timeShift": null
}

15
salt/grafana/panels/row_packetloss.json.jinja Normal file
View File

@@ -0,0 +1,15 @@
{
"collapsed": false,
"datasource": null,
"gridPos": {
"x": {{ PANELS.row_packetloss.gridPos.x }},
"y": {{ PANELS.row_packetloss.gridPos.y }},
"w": {{ PANELS.row_packetloss.gridPos.w }},
"h": {{ PANELS.row_packetloss.gridPos.h }}
},
"id": 816341,
"panels": [],
"repeat": null,
"title": "Packet Loss",
"type": "row"
}