CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 10:42:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

create and add mon traffic combined graph to sensor dash

Browse Source
This commit is contained in:
m0duspwnens
2021-11-02 07:55:39 -04:00
parent bf116d210e
commit a9be0a0409
2 changed files with 210 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
salt/grafana/defaults.yaml
View File

@@ -1498,166 +1498,172 @@ grafana:
y: 61
h: 8
w: 24
monitor_interface_packets_graph:
monitor_interface_traffic_inbound_combined_graph:
gridPos:
x: 0
y: 69
h: 8
w: 24
monitor_interface_packets_graph:
gridPos:
x: 0
y: 77
h: 8
w: 12
monitor_interface_drops_graph:
gridPos:
x: 12
y: 69
y: 77
h: 8
w: 12
row_disk_usage:
gridPos:
x: 0
y: 77
y: 85
h: 1
w: 24
disk_usage_root_graph:
gridPos:
x: 0
y: 78
y: 86
h: 8
w: 12
disk_usage_nsm_graph:
gridPos:
x: 12
y: 78
y: 86
h: 8
w: 12
row_disk_iops:
gridPos:
x: 0
y: 86
y: 94
h: 1
w: 24
disk_io_requests_graph:
gridPos:
x: 0
y: 87
y: 95
h: 8
w: 8
disk_io_bytes_graph:
gridPos:
x: 8
y: 87
y: 95
h: 8
w: 8
disk_io_time_graph:
gridPos:
x: 16
y: 87
y: 95
h: 8
w: 8
row_docker_details:
gridPos:
x: 0
y: 95
y: 103
h: 1
w: 24
cpu_docker_combined_current_graph:
gridPos:
x: 0
y: 96
y: 104
h: 8
w: 24
cpu_docker_combined_trend_graph:
gridPos:
x: 0
y: 104
y: 112
h: 8
w: 24
memory_used_docker_combined_current_graph:
gridPos:
x: 0
y: 112
y: 120
h: 8
w: 24
memory_used_docker_combined_trend_graph:
gridPos:
x: 0
y: 120
y: 128
h: 8
w: 24
network_usage_docker_combined_current_graph:
gridPos:
x: 0
y: 128
y: 136
h: 8
w: 24
network_usage_docker_combined_trend_graph:
gridPos:
x: 0
y: 136
y: 144
h: 8
w: 24
uptime_docker_combined_current_graph:
gridPos:
x: 0
y: 144
y: 152
h: 8
w: 12
uptime_docker_combined_trend_graph:
gridPos:
x: 12
y: 144
y: 152
h: 8
w: 12
row_zeek:
gridPos:
x: 0
y: 152
y: 160
h: 1
w: 24
zeek_packet_loss_graph:
gridPos:
x: 0
y: 153
y: 161
h: 8
w: 12
zeek_capture_loss_graph:
gridPos:
x: 12
y: 153
y: 161
h: 8
w: 12
row_suricata:
gridPos:
x: 0
y: 161
y: 169
h: 1
w: 24
suricata_packet_loss_graph:
gridPos:
x: 0
y: 162
y: 170
h: 8
w: 24
row_stenographer:
gridPos:
x: 0
y: 170
y: 178
h: 1
w: 24
stenographer_packet_loss_graph:
gridPos:
x: 0
y: 171
y: 179
h: 8
w: 16
stenographer_pcap_retention_graph:
gridPos:
x: 16
y: 171
y: 179
h: 8
w: 8

178
salt/grafana/panels/monitor_interface_traffic_inbound_combined_graph.json.jinja Normal file
View File

@@ -0,0 +1,178 @@
{
"id": 224244,
"gridPos": {
"x": {{ PANELS.monitor_interface_traffic_inbound_combined_graph.gridPos.x }},
"y": {{ PANELS.monitor_interface_traffic_inbound_combined_graph.gridPos.y }},
"w": {{ PANELS.monitor_interface_traffic_inbound_combined_graph.gridPos.w }},
"h": {{ PANELS.monitor_interface_traffic_inbound_combined_graph.gridPos.h }}
},
"type": "timeseries",
"title": "Monitor Traffic - Combined",
"transformations": [
{
"id": "calculateField",
"options": {
"alias": "Monitor Traffic",
"mode": "reduceRow",
"reduce": {
"reducer": "sum"
},
"replaceFields": true
}
}
],
"datasource": "InfluxDB",
"pluginVersion": "8.2.1",
"links": [],
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"lineInterpolation": "linear",
"barAlignment": 0,
"lineWidth": 1,
"fillOpacity": 0,
"gradientMode": "none",
"spanNulls": false,
"showPoints": "auto",
"pointSize": 5,
"stacking": {
"mode": "none",
"group": "A"
},
"axisPlacement": "auto",
"axisLabel": "",
"scaleDistribution": {
"type": "linear"
},
"hideFrom": {
"tooltip": false,
"viz": false,
"legend": false
},
"thresholdsStyle": {
"mode": "off"
}
},
"color": {
"mode": "palette-classic"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "rgba(245, 54, 54, 0.9)",
"value": null
},
{
"color": "rgba(50, 172, 45, 0.97)",
"value": 1
}
]
},
"mappings": [
{
"options": {
"match": "null",
"result": {
"text": "N/A"
}
},
"type": "special"
}
],
"decimals": 1,
"unit": "bps"
},
"overrides": []
},
"interval": "30s",
"options": {
"tooltip": {
"mode": "single"
},
"legend": {
"displayMode": "table",
"placement": "right",
"calcs": [
"max",
"mean",
"lastNotNull"
]
}
},
"targets": [
{
"dsType": "influxdb",
"groupBy": [
{
"params": [
"$__interval"
],
"type": "time"
},
{
"params": [
"host"
],
"type": "tag"
},
{
"params": [
"none"
],
"type": "fill"
}
],
"measurement": "net",
"orderByTime": "ASC",
"policy": "default",
"query": "SELECT non_negative_derivative(mean(\"bytes_recv\"), 1s) *8 FROM \"net\" WHERE (\"host\" =~ /^$servername$/ AND \"interface\" = '$monint') AND $timeFilter GROUP BY time($__interval) fill(null)",
"rawQuery": false,
"refId": "A",
"resultFormat": "time_series",
"select": [
[
{
"params": [
"bytes_recv"
],
"type": "field"
},
{
"params": [],
"type": "mean"
},
{
"params": [
"1s"
],
"type": "non_negative_derivative"
},
{
"params": [
"*8"
],
"type": "math"
}
]
],
"tags": [
{
"key": "host",
"operator": "=~",
"value": "/^$servername$/"
},
{
"condition": "AND",
"key": "interface",
"operator": "=~",
"value": "/^$monint$/"
}
]
}
],
"cacheTimeout": null,
"description": "",
"maxDataPoints": null
}