From 89c18adc2fda971787358ebe45d0654e48b5e364 Mon Sep 17 00:00:00 2001 From: beats-jenkins Date: Thu, 10 Jan 2019 16:50:05 +0100 Subject: [PATCH 1/6] Introduce migration script for data in Kibana files With 7.x the data structure of the modules was changed to ECS. This has an affect on all Kibana files as the fields changed. For the migration from 6.x to 7.x it is necessary that 6.x and 7.x dashboards can coexist. To not overwrite dashboards in 7.x all Kibana files must have a changed id and to differentiate them in the UI, a different title. This PR does the following changes: * Reads all changed files from ecs-migration.yml and replaces these fields in all Kibana files. It also replaces fields inside queries and filters * Reads all ids used in the Kibana files and postfixes these ids with `-7x`. It also replaces ids existing in links between dashboards. * Reads all titles in the Kibana files and appends ` 7.x` to the titles. The change is impemented so the script can be run multiple times. This is helpful if we make changes later on again to a few dashboards we can rerun the script without having double changes. improve script rerun for packetbeat manual fix for kafka fix wrong alias update script to accept rename: false checkout dashboards delete dashboards update migration script to use ECS checkout again Command to reset dashboards to master again to reapply. This should be run from inside the script directory. ``` git checkout master ../*/_meta/kibana/7/dashboard/*.json ../*/module/*/_meta/kibana/7/dashboard/*.json ../heartbeat/monitors/active/*/_meta/kibana/7/dashboard/*.json ../x-pack/*/module/*/_meta/kibana/7/dashboard/*.json ``` apply changes to all dashboards reset dashboards change all dashboards reset dashboards change dashboards reset fileset.name and metricset.name change remove heartbeat dashboards --- .../auditbeat-kernel-executions.json | 44 +-- .../dashboard/auditbeat-kernel-overview.json | 30 +- .../7/dashboard/auditbeat-kernel-sockets.json | 72 ++-- .../7/dashboard/auditbeat-file-integrity.json | 122 +++--- dev-tools/ecs-migration.yml | 14 +- .../kibana/7/dashboard/Filebeat-apache.json | 116 +++--- .../kibana/7/dashboard/Filebeat-auditd.json | 68 ++-- .../dashboard/Filebeat-haproxy-overview.json | 42 +- .../dashboard/Filebeat-icinga-debug-log.json | 44 +-- .../7/dashboard/Filebeat-icinga-main-log.json | 44 +-- .../Filebeat-icinga-startup-errors.json | 30 +- .../kibana/7/dashboard/Filebeat-iis.json | 62 +-- .../7/dashboard/Filebeat-Kafka-overview.json | 50 +-- .../7/dashboard/Filebeat-logstash-log.json | 46 +-- .../dashboard/Filebeat-logstash-slowlog.json | 66 ++-- .../dashboard/Filebeat-Mongodb-overview.json | 48 +-- .../kibana/7/dashboard/Filebeat-mysql.json | 86 ++--- .../7/dashboard/Filebeat-nginx-logs.json | 62 +-- .../7/dashboard/Filebeat-nginx-overview.json | 114 +++--- ...nginx-access-remote-ip-count-explorer.json | 64 ++-- .../ml-nginx-remote-ip-url-explorer.json | 66 ++-- .../7/dashboard/osquery-compliance.json | 64 ++-- .../kibana/7/dashboard/osquery-rootkit.json | 56 +-- .../Filebeat-Postgresql-overview.json | 50 +-- .../Filebeat-Postgresql-slowlogs.json | 48 +-- .../kibana/7/dashboard/Filebeat-redis.json | 66 ++-- .../filebeat-santa-log-overview.json | 4 + .../Filebeat-auth-sudo-commands.json | 46 +-- .../Filebeat-new-users-and-groups.json | 92 ++--- .../Filebeat-ssh-login-attempts.json | 74 ++-- .../kibana/7/dashboard/Filebeat-syslog.json | 58 +-- .../dashboard/Filebeat-traefik-overview.json | 76 ++-- ...aefik-access-remote-ip-count-explorer.json | 68 ++-- .../ml-traefik-remote-ip-url-explorer.json | 68 ++-- .../7/dashboard/Journalbeat-overview.json | 192 +++++++++- .../dashboard/Metricbeat-apache-overview.json | 80 ++-- .../dashboard/Metricbeat-docker-overview.json | 98 ++--- .../dashboard/Metricbeat-golang-overview.json | 52 +-- .../dashboard/Metricbeat-haproxy-backend.json | 16 +- .../Metricbeat-haproxy-frontend.json | 8 +- .../Metricbeat-haproxy-http-backend.json | 20 +- .../Metricbeat-haproxy-http-frontend.json | 10 +- .../Metricbeat-haproxy-http-server.json | 16 +- .../Metricbeat-haproxy-overview.json | 12 +- .../Metricbeat-haproxy-visualizations.json | 98 ++--- .../dashboard/Metricbeat-kafka-overview.json | 76 ++-- .../Metricbeat-kubernetes-apiserver.json | 28 +- .../Metricbeat-kubernetes-overview.json | 134 +++---- .../Metricbeat-mongodb-overview.json | 96 ++--- .../dashboard/Metricbeat-mysql-overview.json | 60 +-- .../7/dashboard/Metricbeat-nats-overview.json | 100 ++--- .../dashboard/metricbeat-nginx-overview.json | 44 +-- .../Metricbeat-rabbitmq-overview.json | 50 +-- .../7/dashboard/Metricbeat-redis-keys.json | 44 +-- .../dashboard/Metricbeat-redis-overview.json | 92 ++--- .../Metricbeat-containers-overview.json | 44 +-- .../7/dashboard/Metricbeat-host-overview.json | 200 +++++----- .../dashboard/Metricbeat-system-overview.json | 98 ++--- .../dashboard/Metricbeat-uwsgi-overview.json | 42 +- .../dashboard/metricbeat-windows-service.json | 66 ++-- .../Metricbeat-zookeeper-overview.json | 44 +-- .../7/dashboard/Packetbeat-cassandra.json | 114 +++--- .../kibana/7/dashboard/Packetbeat-dhcpv4.json | 68 ++-- .../7/dashboard/Packetbeat-dns-overview.json | 78 ++-- .../7/dashboard/Packetbeat-dns-tunneling.json | 46 +-- .../kibana/7/dashboard/Packetbeat-flows.json | 58 +-- .../kibana/7/dashboard/Packetbeat-http.json | 74 ++-- .../7/dashboard/Packetbeat-mongodb.json | 108 +++--- .../kibana/7/dashboard/Packetbeat-mysql.json | 106 ++--- .../kibana/7/dashboard/Packetbeat-nfs.json | 114 +++--- .../7/dashboard/Packetbeat-overview.json | 134 +++---- .../kibana/7/dashboard/Packetbeat-pgsql.json | 106 ++--- .../kibana/7/dashboard/Packetbeat-thrift.json | 94 ++--- .../kibana/7/dashboard/Packetbeat-tls.json | 156 ++++---- script/kibana-migration.py | 128 +++++++ .../7/dashboard/Winlogbeat-overview.json | 362 ++++++++++++++++++ .../dashboard/Filebeat-Iptables-Overview.json | 80 ++-- ...t-Iptables-Ubiquiti-Firewall-Overview.json | 78 ++-- .../Filebeat-Suricata-Alert-Overview.json | 70 ++-- .../dashboard/Filebeat-Suricata-Overview.json | 86 ++--- .../7/dashboard/Filebeat-Zeek-Overview.json | 68 ++-- .../Metricbeat-aws-ec2-overview.json | 62 +-- .../Metricbeat-mssql-performance.json | 44 +-- 83 files changed, 3393 insertions(+), 2721 deletions(-) create mode 100644 script/kibana-migration.py diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json index 9cb989fb0cea..6fe85f307d86 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16", - "title": "Error Codes [Auditbeat Auditd Executions]", + "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", + "title": "Error Codes [Auditbeat Auditd Executions] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -46,11 +46,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Error Codes [Auditbeat Auditd Executions]", + "title": "Error Codes [Auditbeat Auditd Executions] ECS", "type": "pie" } }, - "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16", + "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:10:23.921Z", "version": 4 @@ -68,7 +68,7 @@ } } }, - "title": "Primary Username Tag Cloud [Auditbeat Auditd]", + "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -99,11 +99,11 @@ "orientation": "single", "scale": "linear" }, - "title": "Primary Username Tag Cloud [Auditbeat Auditd]", + "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", "type": "tagcloud" } }, - "id": "f81a6de0-c1c1-11e7-8995-936807a28b16", + "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:12:18.730Z", "version": 3 @@ -120,8 +120,8 @@ } } }, - "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16", - "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions]", + "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", + "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -137,7 +137,7 @@ "enabled": true, "id": "2", "params": { - "field": "process.exe", + "field": "process.executable", "order": "desc", "orderBy": "1", "size": 10 @@ -152,11 +152,11 @@ "orientation": "single", "scale": "linear" }, - "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions]", + "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", "type": "tagcloud" } }, - "id": "2efac370-c1ca-11e7-8995-936807a28b16", + "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:57:41.411Z", "version": 4 @@ -164,11 +164,11 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "process.args", "auditd.summary.actor.primary", "auditd.summary.actor.secondary", - "process.exe" + "process.executable" ], "description": "", "hits": 0, @@ -241,10 +241,10 @@ "@timestamp", "desc" ], - "title": "Process Executions [Auditbeat Auditd]", + "title": "Process Executions [Auditbeat Auditd] ECS", "version": 1 }, - "id": "d382f5b0-c1c6-11e7-8995-936807a28b16", + "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", "type": "search", "updated_at": "2018-01-16T22:26:35.050Z", "version": 5 @@ -277,7 +277,7 @@ "x": 4, "y": 0 }, - "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16", + "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -290,7 +290,7 @@ "x": 8, "y": 0 }, - "id": "f81a6de0-c1c1-11e7-8995-936807a28b16", + "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -303,7 +303,7 @@ "x": 0, "y": 0 }, - "id": "2efac370-c1ca-11e7-8995-936807a28b16", + "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" @@ -316,17 +316,17 @@ "x": 0, "y": 3 }, - "id": "d382f5b0-c1c6-11e7-8995-936807a28b16", + "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", "panelIndex": "6", "type": "search", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Executions", + "title": "[Auditbeat Auditd] Executions ECS", "version": 1 }, - "id": "7de391b0-c1ca-11e7-8995-936807a28b16", + "id": "7de391b0-c1ca-11e7-8995-936807a28b16-ecs", "type": "dashboard", "updated_at": "2018-01-16T22:58:11.243Z", "version": 5 diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json index d487e8b8f9ab..fcad7083c3f2 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Event Actions [Auditbeat Auditd Overview]", + "title": "Event Actions [Auditbeat Auditd Overview] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -65,11 +65,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Event Actions [Auditbeat Auditd Overview]", + "title": "Event Actions [Auditbeat Auditd Overview] ECS", "type": "metrics" } }, - "id": "97680df0-c1c0-11e7-8995-936807a28b16", + "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:11:01.438Z", "version": 3 @@ -87,8 +87,8 @@ } } }, - "savedSearchId": "0f10c430-c1c3-11e7-8995-936807a28b16", - "title": "Event Categories [Auditbeat Auditd]", + "savedSearchId": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", + "title": "Event Categories [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -134,11 +134,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Event Categories [Auditbeat Auditd]", + "title": "Event Categories [Auditbeat Auditd] ECS", "type": "pie" } }, - "id": "08679220-c25a-11e7-8692-232bd1143e8a", + "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:54:10.330Z", "version": 4 @@ -146,7 +146,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.actor.primary", "auditd.summary.actor.secondary", "event.action", @@ -201,10 +201,10 @@ "@timestamp", "desc" ], - "title": "Audit Event Table [Auditbeat Auditd]", + "title": "Audit Event Table [Auditbeat Auditd] ECS", "version": 1 }, - "id": "0f10c430-c1c3-11e7-8995-936807a28b16", + "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", "type": "search", "updated_at": "2018-01-16T22:51:24.572Z", "version": 4 @@ -237,7 +237,7 @@ "x": 0, "y": 0 }, - "id": "97680df0-c1c0-11e7-8995-936807a28b16", + "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -250,7 +250,7 @@ "x": 7, "y": 0 }, - "id": "08679220-c25a-11e7-8692-232bd1143e8a", + "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -263,17 +263,17 @@ "x": 0, "y": 3 }, - "id": "0f10c430-c1c3-11e7-8995-936807a28b16", + "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", "panelIndex": "5", "type": "search", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Overview", + "title": "[Auditbeat Auditd] Overview ECS", "version": 1 }, - "id": "c0ac2c00-c1c0-11e7-8995-936807a28b16", + "id": "c0ac2c00-c1c0-11e7-8995-936807a28b16-ecs", "type": "dashboard", "updated_at": "2018-01-16T22:55:17.775Z", "version": 5 diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json index 7ef3d93453b3..5df146f04137 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json @@ -40,8 +40,8 @@ } } }, - "savedSearchId": "b4c93470-c240-11e7-8692-232bd1143e8a", - "title": "Bind (non-ephemeral) [Auditbeat Auditd]", + "savedSearchId": "b4c93470-c240-11e7-8692-232bd1143e8a-ecs", + "title": "Bind (non-ephemeral) [Auditbeat Auditd] ECS", "uiStateJSON": { "vis": { "params": { @@ -113,11 +113,11 @@ }, "totalFunc": "sum" }, - "title": "Bind (non-ephemeral) [Auditbeat Auditd]", + "title": "Bind (non-ephemeral) [Auditbeat Auditd] ECS", "type": "table" } }, - "id": "faf882f0-c242-11e7-8692-232bd1143e8a", + "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:08:02.522Z", "version": 3 @@ -134,8 +134,8 @@ } } }, - "savedSearchId": "5438b030-c246-11e7-8692-232bd1143e8a", - "title": "Connect [Auditbeat Auditd]", + "savedSearchId": "5438b030-c246-11e7-8692-232bd1143e8a-ecs", + "title": "Connect [Auditbeat Auditd] ECS", "uiStateJSON": { "vis": { "params": { @@ -161,7 +161,7 @@ "id": "2", "params": { "customLabel": "Exe", - "field": "process.exe", + "field": "process.executable", "order": "desc", "orderBy": "1", "size": 50 @@ -207,11 +207,11 @@ }, "totalFunc": "sum" }, - "title": "Connect [Auditbeat Auditd]", + "title": "Connect [Auditbeat Auditd] ECS", "type": "table" } }, - "id": "ea483730-c246-11e7-8692-232bd1143e8a", + "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T23:24:16.851Z", "version": 4 @@ -228,8 +228,8 @@ } } }, - "savedSearchId": "e8734160-c24c-11e7-8692-232bd1143e8a", - "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd]", + "savedSearchId": "e8734160-c24c-11e7-8692-232bd1143e8a-ecs", + "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd] ECS", "uiStateJSON": { "spy": { "mode": { @@ -264,7 +264,7 @@ "id": "2", "params": { "customLabel": "Exe", - "field": "process.exe", + "field": "process.executable", "order": "desc", "orderBy": "1", "size": 50 @@ -297,11 +297,11 @@ }, "totalFunc": "sum" }, - "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd]", + "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd] ECS", "type": "table" } }, - "id": "ceb91de0-c250-11e7-8692-232bd1143e8a", + "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:16:51.535Z", "version": 5 @@ -312,7 +312,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Socket Syscalls Time Series [Auditbeat Auditd]", + "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -371,11 +371,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Socket Syscalls Time Series [Auditbeat Auditd]", + "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", "type": "metrics" } }, - "id": "b21e0c70-c252-11e7-8692-232bd1143e8a", + "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:13:38.857Z", "version": 3 @@ -393,7 +393,7 @@ } } }, - "title": "Socket Families [Auditbeat Auditd]", + "title": "Socket Families [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -439,11 +439,11 @@ "legendPosition": "left", "type": "pie" }, - "title": "Socket Families [Auditbeat Auditd]", + "title": "Socket Families [Auditbeat Auditd] ECS", "type": "pie" } }, - "id": "a8e20450-c256-11e7-8692-232bd1143e8a", + "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:12:51.655Z", "version": 3 @@ -451,7 +451,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -555,10 +555,10 @@ "@timestamp", "desc" ], - "title": "Socket Binds [Auditbeat Auditd]", + "title": "Socket Binds [Auditbeat Auditd] ECS", "version": 1 }, - "id": "b4c93470-c240-11e7-8692-232bd1143e8a", + "id": "b4c93470-c240-11e7-8692-232bd1143e8a-ecs", "type": "search", "updated_at": "2018-01-16T23:05:58.935Z", "version": 5 @@ -566,7 +566,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -662,10 +662,10 @@ "@timestamp", "desc" ], - "title": "Socket Connects [Auditbeat Auditd]", + "title": "Socket Connects [Auditbeat Auditd] ECS", "version": 1 }, - "id": "5438b030-c246-11e7-8692-232bd1143e8a", + "id": "5438b030-c246-11e7-8692-232bd1143e8a-ecs", "type": "search", "updated_at": "2018-01-16T23:09:43.937Z", "version": 5 @@ -673,7 +673,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -792,10 +792,10 @@ "@timestamp", "desc" ], - "title": "Socket Accept / Recvfrom [Auditbeat Auditd]", + "title": "Socket Accept / Recvfrom [Auditbeat Auditd] ECS", "version": 1 }, - "id": "e8734160-c24c-11e7-8692-232bd1143e8a", + "id": "e8734160-c24c-11e7-8692-232bd1143e8a-ecs", "type": "search", "updated_at": "2018-01-16T23:20:51.403Z", "version": 4 @@ -838,7 +838,7 @@ "x": 6, "y": 3 }, - "id": "faf882f0-c242-11e7-8692-232bd1143e8a", + "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -861,7 +861,7 @@ "x": 0, "y": 7 }, - "id": "ea483730-c246-11e7-8692-232bd1143e8a", + "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -884,7 +884,7 @@ "x": 6, "y": 7 }, - "id": "ceb91de0-c250-11e7-8692-232bd1143e8a", + "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -897,7 +897,7 @@ "x": 0, "y": 0 }, - "id": "b21e0c70-c252-11e7-8692-232bd1143e8a", + "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -910,17 +910,17 @@ "x": 0, "y": 3 }, - "id": "a8e20450-c256-11e7-8692-232bd1143e8a", + "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Sockets", + "title": "[Auditbeat Auditd] Sockets ECS", "version": 1 }, - "id": "693a5f40-c243-11e7-8692-232bd1143e8a", + "id": "693a5f40-c243-11e7-8692-232bd1143e8a-ecs", "type": "dashboard", "updated_at": "2018-01-16T23:24:37.521Z", "version": 4 diff --git a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json index 3b98803d0573..3031ed319413 100644 --- a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json +++ b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json @@ -19,8 +19,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Actions [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Actions [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -97,11 +97,11 @@ }, "type": "gauge" }, - "title": "Actions [Auditbeat File Integrity]", + "title": "Actions [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tVcg6g1PYniApZa-v", + "id": "AV0tVcg6g1PYniApZa-v-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -125,8 +125,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Events Over Time [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Events Over Time [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -236,11 +236,11 @@ } ] }, - "title": "Events Over Time [Auditbeat File Integrity]", + "title": "Events Over Time [Auditbeat File Integrity] ECS", "type": "histogram" } }, - "id": "AV0tV05vg1PYniApZbA2", + "id": "AV0tV05vg1PYniApZbA2-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -264,8 +264,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top owners [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top owners [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -298,11 +298,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top owners [Auditbeat File Integrity]", + "title": "Top owners [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tWL-Yg1PYniApZbCs", + "id": "AV0tWL-Yg1PYniApZbCs-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -326,8 +326,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top groups [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top groups [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -360,11 +360,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top groups [Auditbeat File Integrity]", + "title": "Top groups [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tWSdXg1PYniApZbDU", + "id": "AV0tWSdXg1PYniApZbDU-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -388,8 +388,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top updated [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top updated [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -422,11 +422,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top updated [Auditbeat File Integrity]", + "title": "Top updated [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tW0djg1PYniApZbGL", + "id": "AV0tW0djg1PYniApZbGL-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -444,8 +444,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "World Writable File Count [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "World Writable File Count [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -496,11 +496,11 @@ }, "type": "metric" }, - "title": "World Writable File Count [Auditbeat File Integrity]", + "title": "World Writable File Count [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tY6jwg1PYniApZbRY", + "id": "AV0tY6jwg1PYniApZbRY-ecs", "type": "visualization", "updated_at": "2018-01-22T17:48:29.232Z", "version": 7 @@ -545,8 +545,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Most changed file by count [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Most changed file by count [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -622,11 +622,11 @@ }, "type": "gauge" }, - "title": "Most changed file by count [Auditbeat File Integrity]", + "title": "Most changed file by count [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tav8Ag1PYniApZbbK", + "id": "AV0tav8Ag1PYniApZbbK-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -650,8 +650,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Most common mode by count [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Most common mode by count [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -727,11 +727,11 @@ }, "type": "gauge" }, - "title": "Most common mode by count [Auditbeat File Integrity]", + "title": "Most common mode by count [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tbcUdg1PYniApZbe1", + "id": "AV0tbcUdg1PYniApZbe1-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -755,8 +755,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "File Event Summary By Host [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "File Event Summary By Host [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "params": { @@ -784,7 +784,7 @@ "id": "2", "params": { "customLabel": "Host", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "1", "size": 50 @@ -818,11 +818,11 @@ }, "totalFunc": "sum" }, - "title": "File Event Summary By Host [Auditbeat File Integrity]", + "title": "File Event Summary By Host [Auditbeat File Integrity] ECS", "type": "table" } }, - "id": "AV0tc_xZg1PYniApZbnL", + "id": "AV0tc_xZg1PYniApZbnL-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -846,8 +846,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top deleted [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top deleted [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -880,11 +880,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top deleted [Auditbeat File Integrity]", + "title": "Top deleted [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tes4Eg1PYniApZbwV", + "id": "AV0tes4Eg1PYniApZbwV-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -908,8 +908,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top created [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top created [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -942,11 +942,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top created [Auditbeat File Integrity]", + "title": "Top created [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0te0TCg1PYniApZbw9", + "id": "AV0te0TCg1PYniApZbw9-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -1002,10 +1002,10 @@ "@timestamp", "desc" ], - "title": "File Integrity Events [Auditbeat File Integrity]", + "title": "File Integrity Events [Auditbeat File Integrity] ECS", "version": 1 }, - "id": "a380a060-cb44-11e7-9835-2f31fe08873b", + "id": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "type": "search", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -1043,7 +1043,7 @@ "x": 0, "y": 0 }, - "id": "AV0tVcg6g1PYniApZa-v", + "id": "AV0tVcg6g1PYniApZa-v-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -1056,7 +1056,7 @@ "x": 2, "y": 0 }, - "id": "AV0tV05vg1PYniApZbA2", + "id": "AV0tV05vg1PYniApZbA2-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -1069,7 +1069,7 @@ "x": 9, "y": 0 }, - "id": "AV0tWL-Yg1PYniApZbCs", + "id": "AV0tWL-Yg1PYniApZbCs-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -1082,7 +1082,7 @@ "x": 9, "y": 3 }, - "id": "AV0tWSdXg1PYniApZbDU", + "id": "AV0tWSdXg1PYniApZbDU-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -1095,7 +1095,7 @@ "x": 4, "y": 8 }, - "id": "AV0tW0djg1PYniApZbGL", + "id": "AV0tW0djg1PYniApZbGL-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" @@ -1108,7 +1108,7 @@ "x": 0, "y": 6 }, - "id": "AV0tY6jwg1PYniApZbRY", + "id": "AV0tY6jwg1PYniApZbRY-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.4" @@ -1121,7 +1121,7 @@ "x": 4, "y": 6 }, - "id": "AV0tav8Ag1PYniApZbbK", + "id": "AV0tav8Ag1PYniApZbbK-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.4" @@ -1134,7 +1134,7 @@ "x": 8, "y": 6 }, - "id": "AV0tbcUdg1PYniApZbe1", + "id": "AV0tbcUdg1PYniApZbe1-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.4" @@ -1147,7 +1147,7 @@ "x": 0, "y": 11 }, - "id": "AV0tc_xZg1PYniApZbnL", + "id": "AV0tc_xZg1PYniApZbnL-ecs", "panelIndex": "9", "type": "visualization", "version": "6.2.4" @@ -1160,7 +1160,7 @@ "x": 8, "y": 8 }, - "id": "AV0tes4Eg1PYniApZbwV", + "id": "AV0tes4Eg1PYniApZbwV-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.4" @@ -1173,7 +1173,7 @@ "x": 0, "y": 8 }, - "id": "AV0te0TCg1PYniApZbw9", + "id": "AV0te0TCg1PYniApZbw9-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.4" @@ -1190,7 +1190,7 @@ "x": 6, "y": 11 }, - "id": "a380a060-cb44-11e7-9835-2f31fe08873b", + "id": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "panelIndex": "12", "sort": [ "@timestamp", @@ -1201,10 +1201,10 @@ } ], "timeRestore": false, - "title": "[Auditbeat File Integrity] Overview", + "title": "[Auditbeat File Integrity] Overview ECS", "version": 1 }, - "id": "AV0tXkjYg1PYniApZbKP", + "id": "AV0tXkjYg1PYniApZbKP-ecs", "type": "dashboard", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 diff --git a/dev-tools/ecs-migration.yml b/dev-tools/ecs-migration.yml index 29d43529553f..6ccf763ba38d 100644 --- a/dev-tools/ecs-migration.yml +++ b/dev-tools/ecs-migration.yml @@ -108,12 +108,6 @@ alias: true beat: filebeat -- from: fileset.name - to: event.dataset - alias6: true - alias: true - beat: filebeat - - from: fileset.module to: event.module alias6: true @@ -1633,13 +1627,6 @@ # Metricbeat ## Metricbeat base fields -- from: metricset.name - to: event.dataset - alias: false - comment: Data structure of field changed, old field will stay around - breaking: true - beat: metricbeat - - from: metricset.module to: event.module alias: true @@ -2087,6 +2074,7 @@ alias: false beat: journalbeat comment: This field should not be renamed as it would cause issue some Beats and Journalbeat does not have dashboards + # This field should not be renamed as it would cause issue some Beats and Journalbeat does not have dashboards rename: false - from: read_timestamp diff --git a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json index 5e7a927cf3d7..e4dc473a7981 100644 --- a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json +++ b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Unique IPs map [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Unique IPs map [Filebeat Apache] ECS", "uiStateJSON": { "mapCenter": [ 14.944784875088372, @@ -23,7 +23,7 @@ "enabled": true, "id": "1", "params": { - "field": "apache2.access.remote_ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -33,7 +33,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "apache2.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -68,11 +68,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Apache access unique IPs map", + "title": "Apache access unique IPs map ECS", "type": "tile_map" } }, - "id": "Apache-access-unique-IPs-map", + "id": "Apache-access-unique-IPs-map-ecs", "type": "visualization", "version": 1 }, @@ -84,8 +84,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Top URLs by response code [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Top URLs by response code [Filebeat Apache] ECS", "uiStateJSON": { "vis": { "colors": { @@ -109,7 +109,7 @@ "id": "3", "params": { "customLabel": "URL", - "field": "apache2.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "row": false, @@ -122,7 +122,7 @@ "enabled": true, "id": "2", "params": { - "field": "apache2.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -139,11 +139,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Apache response codes of top URLs", + "title": "Apache response codes of top URLs ECS", "type": "pie" } }, - "id": "Apache-response-codes-of-top-URLs", + "id": "Apache-response-codes-of-top-URLs-ecs", "type": "visualization", "version": 1 }, @@ -155,8 +155,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Browsers breakdown [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Browsers breakdown [Filebeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -165,7 +165,7 @@ "enabled": true, "id": "1", "params": { - "field": "apache2.access.remote_ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -174,7 +174,7 @@ "enabled": true, "id": "2", "params": { - "field": "apache2.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -186,7 +186,7 @@ "enabled": true, "id": "3", "params": { - "field": "apache2.access.user_agent.major", + "field": "user_agent.major", "order": "desc", "orderBy": "1", "size": 5 @@ -203,11 +203,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Apache browsers", + "title": "Apache browsers ECS", "type": "pie" } }, - "id": "Apache-browsers", + "id": "Apache-browsers-ecs", "type": "visualization", "version": 1 }, @@ -219,8 +219,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Operating systems breakdown [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Operating systems breakdown [Filebeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -229,7 +229,7 @@ "enabled": true, "id": "1", "params": { - "field": "apache2.access.remote_ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -238,7 +238,7 @@ "enabled": true, "id": "2", "params": { - "field": "apache2.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 @@ -267,11 +267,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Apache operating systems", + "title": "Apache operating systems ECS", "type": "pie" } }, - "id": "Apache-operating-systems", + "id": "Apache-operating-systems-ecs", "type": "visualization", "version": 1 }, @@ -283,8 +283,8 @@ "filter": [] } }, - "savedSearchId": "Apache-errors-log", - "title": "Error logs over time [Filebeat Apache]", + "savedSearchId": "Apache-errors-log-ecs", + "title": "Error logs over time [Filebeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -313,7 +313,7 @@ "enabled": true, "id": "3", "params": { - "field": "apache2.error.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -336,11 +336,11 @@ "times": [], "yAxis": {} }, - "title": "Apache error logs over time", + "title": "Apache error logs over time ECS", "type": "histogram" } }, - "id": "Apache-error-logs-over-time", + "id": "Apache-error-logs-over-time-ecs", "type": "visualization", "version": 1 }, @@ -352,8 +352,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Response codes over time [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Response codes over time [Filebeat Apache] ECS", "uiStateJSON": { "vis": { "colors": { @@ -389,7 +389,7 @@ "enabled": true, "id": "3", "params": { - "field": "apache2.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -412,21 +412,21 @@ "times": [], "yAxis": {} }, - "title": "Apache response codes over time", + "title": "Apache response codes over time ECS", "type": "histogram" } }, - "id": "Apache-response-codes-over-time", + "id": "Apache-response-codes-over-time-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "apache2.error.client", - "apache2.error.level", + "source.address", + "log.level", "apache2.error.module", - "apache2.error.message" + "message" ], "description": "", "hits": 0, @@ -459,20 +459,20 @@ "@timestamp", "desc" ], - "title": "Apache errors log [Filebeat Apache]", + "title": "Apache errors log [Filebeat Apache] ECS", "version": 1 }, - "id": "Apache-errors-log", + "id": "Apache-errors-log-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "apache2.access.remote_ip", - "apache2.access.method", - "apache2.access.url", - "apache2.access.response_code" + "source.address", + "http.request.method", + "url.original", + "http.response.status_code" ], "description": "", "hits": 0, @@ -505,10 +505,10 @@ "@timestamp", "desc" ], - "title": "Apache access logs [Filebeat Apache]", + "title": "Apache access logs [Filebeat Apache] ECS", "version": 1 }, - "id": "Apache-access-logs", + "id": "Apache-access-logs-ecs", "type": "search", "version": 1 }, @@ -538,7 +538,7 @@ "panelsJSON": [ { "col": 1, - "id": "Apache-access-unique-IPs-map", + "id": "Apache-access-unique-IPs-map-ecs", "panelIndex": 1, "row": 1, "size_x": 12, @@ -547,7 +547,7 @@ }, { "col": 1, - "id": "Apache-response-codes-of-top-URLs", + "id": "Apache-response-codes-of-top-URLs-ecs", "panelIndex": 2, "row": 6, "size_x": 8, @@ -556,7 +556,7 @@ }, { "col": 9, - "id": "Apache-browsers", + "id": "Apache-browsers-ecs", "panelIndex": 3, "row": 6, "size_x": 4, @@ -565,7 +565,7 @@ }, { "col": 11, - "id": "Apache-operating-systems", + "id": "Apache-operating-systems-ecs", "panelIndex": 4, "row": 4, "size_x": 2, @@ -574,7 +574,7 @@ }, { "col": 1, - "id": "Apache-error-logs-over-time", + "id": "Apache-error-logs-over-time-ecs", "panelIndex": 5, "row": 9, "size_x": 12, @@ -583,7 +583,7 @@ }, { "col": 1, - "id": "Apache-response-codes-over-time", + "id": "Apache-response-codes-over-time-ecs", "panelIndex": 6, "row": 4, "size_x": 10, @@ -593,12 +593,12 @@ { "col": 1, "columns": [ - "apache2.error.client", - "apache2.error.level", + "source.address", + "log.level", "apache2.error.module", - "apache2.error.message" + "message" ], - "id": "Apache-errors-log", + "id": "Apache-errors-log-ecs", "panelIndex": 7, "row": 11, "size_x": 12, @@ -611,7 +611,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Apache] Access and error logs", + "title": "[Filebeat Apache] Access and error logs ECS", "uiStateJSON": { "P-1": { "mapBounds": { @@ -644,7 +644,7 @@ }, "version": 1 }, - "id": "Filebeat-Apache-Dashboard", + "id": "Filebeat-Apache-Dashboard-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json index 3f9450803885..4c8e9d8111c3 100644 --- a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json +++ b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json @@ -15,7 +15,7 @@ } } }, - "title": "Event types breakdown [Filebeat Auditd]", + "title": "Event types breakdown [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -31,7 +31,7 @@ "enabled": true, "id": "2", "params": { - "field": "auditd.log.record_type", + "field": "event.action", "order": "desc", "orderBy": "1", "size": 50 @@ -47,11 +47,11 @@ "isDonut": true, "legendPosition": "right" }, - "title": "Audit Event Types", + "title": "Audit Event Types ECS", "type": "pie" } }, - "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858", + "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858-ecs", "type": "visualization", "version": 2 }, @@ -65,12 +65,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "auditd.log.record_type:EXECVE" + "query": "event.action:EXECVE" } } } }, - "title": "Top Exec Commands [Filebeat Auditd]", + "title": "Top Exec Commands [Filebeat Auditd] ECS", "uiStateJSON": { "vis": { "params": { @@ -117,11 +117,11 @@ }, "totalFunc": "sum" }, - "title": "Audit Top Exec Commands", + "title": "Audit Top Exec Commands ECS", "type": "table" } }, - "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858", + "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858-ecs", "type": "visualization", "version": 2 }, @@ -131,20 +131,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Event Results [Filebeat Auditd]", + "title": "Event Results [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { - "expression": ".es(q=\"event.dataset:auditd.log NOT auditd.log.res:failure\").label(\"Success\"), .es(q=\"auditd.log.res:failed\").label(\"Failure\").title(\"Audit Event Results\")", + "expression": ".es(q=\"event.dataset:auditd.log NOT event.outcome:failure\").label(\"Success\"), .es(q=\"event.outcome:failed\").label(\"Failure\").title(\"Audit Event Results\")", "interval": "auto" }, - "title": "Event Results [Filebeat Auditd]", + "title": "Event Results [Filebeat Auditd] ECS", "type": "timelion" } }, - "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7", + "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7-ecs", "type": "visualization", "version": 2 }, @@ -163,7 +163,7 @@ } } }, - "title": "Event Address Geo Location [Filebeat Auditd]", + "title": "Event Address Geo Location [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -180,7 +180,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "auditd.log.geoip.location", + "field": "source.geo.location", "precision": 2 }, "schema": "segment", @@ -216,11 +216,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Audit Event Address Geo Location", + "title": "Audit Event Address Geo Location ECS", "type": "tile_map" } }, - "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27", + "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27-ecs", "type": "visualization", "version": 2 }, @@ -239,7 +239,7 @@ } } }, - "title": "Event Account Tag Cloud [Filebeat Auditd]", + "title": "Event Account Tag Cloud [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -255,7 +255,7 @@ "enabled": true, "id": "2", "params": { - "field": "auditd.log.acct", + "field": "user.name", "order": "desc", "orderBy": "1", "size": 15 @@ -272,20 +272,20 @@ "orientation": "single", "scale": "linear" }, - "title": "Audit Event Account Tag Cloud", + "title": "Audit Event Account Tag Cloud ECS", "type": "tagcloud" } }, - "id": "c5411910-0a87-11e7-8b04-eb22a5669f27", + "id": "c5411910-0a87-11e7-8b04-eb22a5669f27-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "auditd.log.record_type", + "event.action", "auditd.log.sequence", - "auditd.log.acct" + "user.name" ], "description": "", "hits": 0, @@ -307,10 +307,10 @@ "@timestamp", "desc" ], - "title": "Audit Events [Filebeat Auditd]", + "title": "Audit Events [Filebeat Auditd] ECS", "version": 1 }, - "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27", + "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27-ecs", "type": "search", "version": 2 }, @@ -340,7 +340,7 @@ "panelsJSON": [ { "col": 1, - "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858", + "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858-ecs", "panelIndex": 1, "row": 1, "size_x": 4, @@ -349,7 +349,7 @@ }, { "col": 9, - "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858", + "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858-ecs", "panelIndex": 2, "row": 1, "size_x": 4, @@ -358,7 +358,7 @@ }, { "col": 1, - "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7", + "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7-ecs", "panelIndex": 3, "row": 5, "size_x": 6, @@ -367,7 +367,7 @@ }, { "col": 7, - "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27", + "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27-ecs", "panelIndex": 5, "row": 5, "size_x": 6, @@ -376,7 +376,7 @@ }, { "col": 5, - "id": "c5411910-0a87-11e7-8b04-eb22a5669f27", + "id": "c5411910-0a87-11e7-8b04-eb22a5669f27-ecs", "panelIndex": 6, "row": 1, "size_x": 4, @@ -386,11 +386,11 @@ { "col": 1, "columns": [ - "auditd.log.record_type", + "event.action", "auditd.log.sequence", - "auditd.log.acct" + "user.name" ], - "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27", + "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27-ecs", "panelIndex": 7, "row": 8, "size_x": 12, @@ -403,7 +403,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Auditd] Audit Events", + "title": "[Filebeat Auditd] Audit Events ECS", "uiStateJSON": { "P-2": { "vis": { @@ -442,7 +442,7 @@ }, "version": 1 }, - "id": "dfbb49f0-0a0f-11e7-8a62-2d05eaaac5cb", + "id": "dfbb49f0-0a0f-11e7-8a62-2d05eaaac5cb-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json index 03014c0e8cb8..bb605e9a680b 100644 --- a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json +++ b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Backend breakdown [Filebeat HAProxy]", + "title": "Backend breakdown [Filebeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -55,11 +55,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Backend breakdown [Filebeat HAProxy]", + "title": "Backend breakdown [Filebeat HAProxy] ECS", "type": "pie" } }, - "id": "55251360-aa32-11e8-9c06-877f0445e3e0", + "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -77,7 +77,7 @@ } } }, - "title": "Frontend breakdown [Filebeat HAProxy]", + "title": "Frontend breakdown [Filebeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -119,11 +119,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Frontend breakdown [Filebeat HAProxy]", + "title": "Frontend breakdown [Filebeat HAProxy] ECS", "type": "pie" } }, - "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0", + "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -141,7 +141,7 @@ } } }, - "title": "IP Geohashes [Filebeat HAProxy]", + "title": "IP Geohashes [Filebeat HAProxy] ECS", "uiStateJSON": { "mapCenter": [ 14.944784875088372, @@ -155,7 +155,7 @@ "enabled": true, "id": "1", "params": { - "field": "haproxy.client.ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -165,7 +165,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "haproxy.geoip.location", + "field": "source.geo.location", "isFilteredByCollar": true, "precision": 2, "useGeocentroid": true @@ -202,11 +202,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "IP Geohashes [Filebeat HAProxy]", + "title": "IP Geohashes [Filebeat HAProxy] ECS", "type": "tile_map" } }, - "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0", + "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -224,7 +224,7 @@ } } }, - "title": "Response codes over time [Filebeat HAProxy]", + "title": "Response codes over time [Filebeat HAProxy] ECS", "uiStateJSON": { "vis": { "colors": { @@ -263,7 +263,7 @@ "enabled": true, "id": "3", "params": { - "field": "haproxy.http.response.status_code", + "field": "http.response.status_code", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -344,11 +344,11 @@ } ] }, - "title": "Response codes over time [Filebeat HAProxy]", + "title": "Response codes over time [Filebeat HAProxy] ECS", "type": "histogram" } }, - "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0", + "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -381,7 +381,7 @@ "x": 0, "y": 0 }, - "id": "55251360-aa32-11e8-9c06-877f0445e3e0", + "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "1", "type": "visualization", "version": "6.5.2" @@ -395,7 +395,7 @@ "x": 24, "y": 0 }, - "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0", + "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "2", "type": "visualization", "version": "6.5.2" @@ -409,7 +409,7 @@ "x": 0, "y": 15 }, - "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0", + "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "3", "type": "visualization", "version": "6.5.2" @@ -423,17 +423,17 @@ "x": 24, "y": 15 }, - "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0", + "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "4", "type": "visualization", "version": "6.5.2" } ], "timeRestore": false, - "title": "[Filebeat HAProxy] Overview", + "title": "[Filebeat HAProxy] Overview ECS", "version": 1 }, - "id": "3560d580-aa34-11e8-9c06-877f0445e3e0", + "id": "3560d580-aa34-11e8-9c06-877f0445e3e0-ecs", "type": "dashboard", "updated_at": "2018-12-06T11:40:40.204Z", "version": 6 diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json index edfb29ec3e4d..cb05cb4f74ef 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", - "title": "Debuglog Facility [Filebeat Icinga]", + "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", + "title": "Debuglog Facility [Filebeat Icinga] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -59,11 +59,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Debuglog Facility", + "title": "Icinga Debuglog Facility ECS", "type": "histogram" } }, - "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff", + "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -75,8 +75,8 @@ "filter": [] } }, - "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", - "title": "Debuglog Severity [Filebeat Icinga]", + "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", + "title": "Debuglog Severity [Filebeat Icinga] ECS", "uiStateJSON": { "vis": { "colors": { @@ -114,7 +114,7 @@ "enabled": true, "id": "3", "params": { - "field": "icinga.debug.severity", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -135,11 +135,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Debuglog Severity", + "title": "Icinga Debuglog Severity ECS", "type": "histogram" } }, - "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff", + "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -147,8 +147,8 @@ "attributes": { "columns": [ "icinga.debug.facility", - "icinga.debug.severity", - "icinga.debug.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -163,7 +163,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "icinga", @@ -174,7 +174,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "icinga", "type": "phrase" } @@ -221,10 +221,10 @@ "@timestamp", "desc" ], - "title": "Debug Log [Filebeat Icinga]", + "title": "Debug Log [Filebeat Icinga] ECS", "version": 1 }, - "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", + "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", "type": "search", "version": 2 }, @@ -254,7 +254,7 @@ "panelsJSON": [ { "col": 1, - "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff", + "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -263,7 +263,7 @@ }, { "col": 7, - "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff", + "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -274,10 +274,10 @@ "col": 1, "columns": [ "icinga.debug.facility", - "icinga.debug.severity", - "icinga.debug.message" + "log.level", + "message" ], - "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", + "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -290,11 +290,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Icinga] Debug Log", + "title": "[Filebeat Icinga] Debug Log ECS", "uiStateJSON": {}, "version": 1 }, - "id": "26309570-2419-11e7-a83b-d5f4cebac9ff", + "id": "26309570-2419-11e7-a83b-d5f4cebac9ff-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json index 4587a45f4e51..835c015de580 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", - "title": "Mainlog Severity [Filebeat Icinga]", + "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", + "title": "Mainlog Severity [Filebeat Icinga] ECS", "uiStateJSON": { "vis": { "colors": { @@ -45,7 +45,7 @@ "enabled": true, "id": "3", "params": { - "field": "icinga.main.severity", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -66,11 +66,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Mainlog Severity", + "title": "Icinga Mainlog Severity ECS", "type": "histogram" } }, - "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff", + "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -78,8 +78,8 @@ "attributes": { "columns": [ "icinga.main.facility", - "icinga.main.severity", - "icinga.main.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -94,7 +94,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "icinga", @@ -105,7 +105,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "icinga", "type": "phrase" } @@ -152,10 +152,10 @@ "@timestamp", "desc" ], - "title": "Main Log [Filebeat Icinga]", + "title": "Main Log [Filebeat Icinga] ECS", "version": 1 }, - "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", + "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", "type": "search", "version": 2 }, @@ -167,8 +167,8 @@ "filter": [] } }, - "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", - "title": "Mainlog Facility [Filebeat Icinga]", + "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", + "title": "Mainlog Facility [Filebeat Icinga] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -218,11 +218,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Mainlog Facility", + "title": "Icinga Mainlog Facility ECS", "type": "histogram" } }, - "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff", + "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -252,7 +252,7 @@ "panelsJSON": [ { "col": 7, - "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff", + "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -263,10 +263,10 @@ "col": 1, "columns": [ "icinga.main.facility", - "icinga.main.severity", - "icinga.main.message" + "log.level", + "message" ], - "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", + "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", "panelIndex": 2, "row": 4, "size_x": 12, @@ -279,7 +279,7 @@ }, { "col": 1, - "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff", + "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -288,11 +288,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Icinga] Main Log", + "title": "[Filebeat Icinga] Main Log ECS", "uiStateJSON": {}, "version": 1 }, - "id": "f693d260-2417-11e7-a83b-d5f4cebac9ff", + "id": "f693d260-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json index 055946e7775e..5a4799e70374 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "710043e0-2417-11e7-a83b-d5f4cebac9ff", - "title": "Startup Errors [Filebeat Icinga]", + "savedSearchId": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", + "title": "Startup Errors [Filebeat Icinga] ECS", "uiStateJSON": { "vis": { "colors": { @@ -53,11 +53,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Startup Errors", + "title": "Icinga Startup Errors ECS", "type": "histogram" } }, - "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff", + "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -65,8 +65,8 @@ "attributes": { "columns": [ "icinga.startup.facility", - "icinga.startup.severity", - "icinga.startup.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -80,7 +80,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "icinga.startup.severity:critical" + "query": "log.level:critical" } } }, @@ -91,10 +91,10 @@ "@timestamp", "desc" ], - "title": "Startup Errors [Filebeat Icinga]", + "title": "Startup Errors [Filebeat Icinga] ECS", "version": 1 }, - "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff", + "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "search", "version": 2 }, @@ -124,7 +124,7 @@ "panelsJSON": [ { "col": 1, - "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff", + "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 1, "row": 1, "size_x": 12, @@ -135,10 +135,10 @@ "col": 1, "columns": [ "icinga.startup.facility", - "icinga.startup.severity", - "icinga.startup.message" + "log.level", + "message" ], - "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff", + "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 2, "row": 3, "size_x": 12, @@ -151,11 +151,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Icinga] Startup Errors", + "title": "[Filebeat Icinga] Startup Errors ECS", "uiStateJSON": {}, "version": 1 }, - "id": "b9163ea0-2417-11e7-a83b-d5f4cebac9ff", + "id": "b9163ea0-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json index 8dc20c5c266f..addc3b2e787c 100644 --- a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json +++ b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json @@ -13,7 +13,7 @@ } } }, - "title": "Access map [Filebeat IIS]", + "title": "Access map [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -30,7 +30,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "iis.access.geoip.location", + "field": "source.geo.location", "isFilteredByCollar": true, "precision": 2, "useGeocentroid": true @@ -58,11 +58,11 @@ } } }, - "title": "Access map [Filebeat IIS]", + "title": "Access map [Filebeat IIS] ECS", "type": "tile_map" } }, - "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f", + "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T18:44:17.162Z", "version": 1 @@ -80,7 +80,7 @@ } } }, - "title": "Response codes over time [Filebeat IIS]", + "title": "Response codes over time [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -109,7 +109,7 @@ "enabled": true, "id": "3", "params": { - "field": "iis.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -186,11 +186,11 @@ } ] }, - "title": "Response codes over time [Filebeat IIS]", + "title": "Response codes over time [Filebeat IIS] ECS", "type": "histogram" } }, - "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f", + "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T19:05:58.905Z", "version": 1 @@ -208,7 +208,7 @@ } } }, - "title": "Browsers breakdown [Filebeat IIS]", + "title": "Browsers breakdown [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -258,11 +258,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Browsers breakdown [Filebeat IIS]", + "title": "Browsers breakdown [Filebeat IIS] ECS", "type": "pie" } }, - "id": "63129c80-fe12-11e7-a3b0-d13028918f9f", + "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T18:47:38.312Z", "version": 1 @@ -280,7 +280,7 @@ } } }, - "title": "Operating systems breakdown [Filebeat IIS]", + "title": "Operating systems breakdown [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -330,11 +330,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Operating systems breakdown [Filebeat IIS]", + "title": "Operating systems breakdown [Filebeat IIS] ECS", "type": "pie" } }, - "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f", + "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T18:51:54.619Z", "version": 2 @@ -352,7 +352,7 @@ } } }, - "title": "Error logs over time [Filebeat IIS]", + "title": "Error logs over time [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -381,7 +381,7 @@ "enabled": true, "id": "3", "params": { - "field": "iis.error.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -458,11 +458,11 @@ } ] }, - "title": "Error logs over time [Filebeat IIS]", + "title": "Error logs over time [Filebeat IIS] ECS", "type": "histogram" } }, - "id": "41f38230-fe17-11e7-a3b0-d13028918f9f", + "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T19:22:30.227Z", "version": 1 @@ -480,7 +480,7 @@ } } }, - "title": "Top URLs by response code [Filebeat IIS]", + "title": "Top URLs by response code [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -497,7 +497,7 @@ "id": "2", "params": { "customLabel": "URL", - "field": "iis.access.url", + "field": "url.path", "order": "desc", "orderBy": "1", "row": false, @@ -510,7 +510,7 @@ "enabled": true, "id": "3", "params": { - "field": "iis.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -532,11 +532,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top URLs by response code [Filebeat IIS]", + "title": "Top URLs by response code [Filebeat IIS] ECS", "type": "pie" } }, - "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f", + "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T19:58:24.005Z", "version": 2 @@ -570,7 +570,7 @@ "x": 0, "y": 0 }, - "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f", + "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "1", "type": "visualization", "version": "6.1.2" @@ -583,7 +583,7 @@ "x": 0, "y": 3 }, - "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f", + "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "2", "type": "visualization", "version": "6.1.2" @@ -596,7 +596,7 @@ "x": 0, "y": 9 }, - "id": "63129c80-fe12-11e7-a3b0-d13028918f9f", + "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "4", "type": "visualization", "version": "6.1.2" @@ -609,7 +609,7 @@ "x": 6, "y": 9 }, - "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f", + "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "5", "type": "visualization", "version": "6.1.2" @@ -622,7 +622,7 @@ "x": 7, "y": 3 }, - "id": "41f38230-fe17-11e7-a3b0-d13028918f9f", + "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "6", "type": "visualization", "version": "6.1.2" @@ -635,18 +635,18 @@ "x": 0, "y": 6 }, - "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f", + "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "7", "type": "visualization", "version": "6.1.2" } ], "timeRestore": false, - "title": "[Filebeat IIS] Access and error logs", + "title": "[Filebeat IIS] Access and error logs ECS", "uiStateJSON": {}, "version": 1 }, - "id": "4278ad30-fe16-11e7-a3b0-d13028918f9f", + "id": "4278ad30-fe16-11e7-a3b0-d13028918f9f-ecs", "type": "dashboard", "updated_at": "2018-01-20T19:57:50.287Z", "version": 4 diff --git a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json index 2e0746ff9140..6abfc572c162 100644 --- a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json +++ b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Kafka stacktraces", - "title": "Number of stracktraces by class [Filebeat Kafka]", + "savedSearchId": "Kafka stacktraces-ecs", + "title": "Number of stracktraces by class [Filebeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -117,11 +117,11 @@ } ] }, - "title": "Number of Kafka stracktraces by class [Filebeat Kafka]", + "title": "Number of Kafka stracktraces by class [Filebeat Kafka] ECS", "type": "histogram" } }, - "id": "number-of-kafka-stracktraces-by-class", + "id": "number-of-kafka-stracktraces-by-class-ecs", "type": "visualization", "version": 2 }, @@ -150,19 +150,19 @@ "@timestamp", "desc" ], - "title": "Stacktraces [Filebeat Kafka]", + "title": "Stacktraces [Filebeat Kafka] ECS", "version": 1 }, - "id": "Kafka stacktraces", + "id": "Kafka stacktraces-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "kafka.log.level", + "log.level", "kafka.log.component", - "kafka.log.message" + "message" ], "description": "", "hits": 0, @@ -177,7 +177,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "kafka", @@ -188,7 +188,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "kafka", "type": "phrase" } @@ -235,10 +235,10 @@ "@timestamp", "desc" ], - "title": "All logs [Filebeat Kafka]", + "title": "All logs [Filebeat Kafka] ECS", "version": 1 }, - "id": "All Kafka logs", + "id": "All Kafka logs-ecs", "type": "search", "version": 1 }, @@ -250,8 +250,8 @@ "filter": [] } }, - "savedSearchId": "All Kafka logs", - "title": "Log levels over time [Filebeat Kafka]", + "savedSearchId": "All Kafka logs-ecs", + "title": "Log levels over time [Filebeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -281,7 +281,7 @@ "id": "3", "params": { "customLabel": "Log Level", - "field": "kafka.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -360,11 +360,11 @@ } ] }, - "title": "Log levels over time [Filebeat Kafka]", + "title": "Log levels over time [Filebeat Kafka] ECS", "type": "histogram" } }, - "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3", + "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3-ecs", "type": "visualization", "version": 1 }, @@ -389,7 +389,7 @@ "panelsJSON": [ { "col": 1, - "id": "number-of-kafka-stracktraces-by-class", + "id": "number-of-kafka-stracktraces-by-class-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -403,7 +403,7 @@ "kafka.log.trace.class", "kafka.log.trace.full" ], - "id": "Kafka stacktraces", + "id": "Kafka stacktraces-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -417,11 +417,11 @@ { "col": 1, "columns": [ - "kafka.log.level", + "log.level", "kafka.log.component", - "kafka.log.message" + "message" ], - "id": "All Kafka logs", + "id": "All Kafka logs-ecs", "panelIndex": 3, "row": 6, "size_x": 12, @@ -434,7 +434,7 @@ }, { "col": 1, - "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3", + "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3-ecs", "panelIndex": 4, "row": 4, "size_x": 12, @@ -443,11 +443,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Kafka] Overview", + "title": "[Filebeat Kafka] Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "943caca0-87ee-11e7-ad9c-db80de0bf8d3", + "id": "943caca0-87ee-11e7-ad9c-db80de0bf8d3-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json index a4d815391365..7bae7158ff2e 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "Logs Severity [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "Logs Severity [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -29,7 +29,7 @@ "enabled": true, "id": "2", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -45,11 +45,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Logs Severity [Filebeat Logstash]", + "title": "Logs Severity [Filebeat Logstash] ECS", "type": "pie" } }, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, @@ -65,8 +65,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "logs over time [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "logs over time [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -95,7 +95,7 @@ "enabled": true, "id": "3", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -172,20 +172,20 @@ } ] }, - "title": "logs over time [Filebeat Logstash]", + "title": "logs over time [Filebeat Logstash] ECS", "type": "histogram" } }, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "logstash.log.level", + "log.level", "logstash.log.module", - "logstash.log.message", + "message", "source" ], "description": "", @@ -201,7 +201,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "logstash", @@ -212,7 +212,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "logstash", "type": "phrase" } @@ -259,10 +259,10 @@ "@timestamp", "desc" ], - "title": "logs [Filebeat Logstash]", + "title": "logs [Filebeat Logstash] ECS", "version": 1 }, - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "search", "version": 1 }, @@ -287,7 +287,7 @@ "panelsJSON": [ { "col": 7, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -296,7 +296,7 @@ }, { "col": 1, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -306,12 +306,12 @@ { "col": 1, "columns": [ - "logstash.log.level", + "log.level", "logstash.log.module", - "logstash.log.message", + "message", "source" ], - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 4, "row": 4, "size_x": 12, @@ -324,11 +324,11 @@ } ], "timeRestore": false, - "title": "Logstash Logs [Filebeat Logstash]", + "title": "Logstash Logs [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1 }, - "id": "Filebeat-Logstash-Log-Dashboard", + "id": "Filebeat-Logstash-Log-Dashboard-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json index c1caa3422c6e..9311f33ad242 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json @@ -3,7 +3,7 @@ { "attributes": { "columns": [ - "logstash.slowlog.level", + "log.level", "logstash.slowlog.plugin_type", "logstash.slowlog.plugin_name", "logstash.slowlog.message", @@ -23,7 +23,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "logstash", @@ -34,7 +34,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "logstash", "type": "phrase" } @@ -78,13 +78,13 @@ } }, "sort": [ - "logstash.slowlog.level", + "log.level", "asc" ], - "title": "Slow logs [Filebeat Logstash]", + "title": "Slow logs [Filebeat Logstash] ECS", "version": 1 }, - "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", + "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", "type": "search", "version": 1 }, @@ -100,8 +100,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "Logs Severity [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "Logs Severity [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -117,7 +117,7 @@ "enabled": true, "id": "2", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -133,11 +133,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Logs Severity [Filebeat Logstash]", + "title": "Logs Severity [Filebeat Logstash] ECS", "type": "pie" } }, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, @@ -153,8 +153,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "logs over time [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "logs over time [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -183,7 +183,7 @@ "enabled": true, "id": "3", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -260,11 +260,11 @@ } ] }, - "title": "logs over time [Filebeat Logstash]", + "title": "logs over time [Filebeat Logstash] ECS", "type": "histogram" } }, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, @@ -280,8 +280,8 @@ } } }, - "savedSearchId": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", - "title": "Slowest plugins [Filebeat Logstash]", + "savedSearchId": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", + "title": "Slowest plugins [Filebeat Logstash] ECS", "uiStateJSON": { "vis": { "params": { @@ -363,20 +363,20 @@ }, "totalFunc": "sum" }, - "title": "Slowest plugins [Filebeat Logstash]", + "title": "Slowest plugins [Filebeat Logstash] ECS", "type": "table" } }, - "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6", + "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "logstash.log.level", + "log.level", "logstash.log.module", - "logstash.log.message", + "message", "source" ], "description": "", @@ -392,7 +392,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "logstash", @@ -403,7 +403,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "logstash", "type": "phrase" } @@ -450,10 +450,10 @@ "@timestamp", "desc" ], - "title": "logs [Filebeat Logstash]", + "title": "logs [Filebeat Logstash] ECS", "version": 1 }, - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "search", "version": 1 }, @@ -479,14 +479,14 @@ { "col": 1, "columns": [ - "logstash.slowlog.level", + "log.level", "logstash.slowlog.plugin_type", "logstash.slowlog.plugin_name", "logstash.slowlog.message", "logstash.slowlog.plugin_params", "logstash.slowlog.execution_time_ns" ], - "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", + "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 1, "row": 7, "size_x": 12, @@ -499,7 +499,7 @@ }, { "col": 7, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -508,7 +508,7 @@ }, { "col": 1, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -517,7 +517,7 @@ }, { "col": 1, - "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6", + "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 4, "row": 4, "size_x": 12, @@ -526,7 +526,7 @@ } ], "timeRestore": false, - "title": "Slowlogs [Filebeat Logstash]", + "title": "Slowlogs [Filebeat Logstash] ECS", "uiStateJSON": { "P-4": { "vis": { @@ -541,7 +541,7 @@ }, "version": 1 }, - "id": "Filebeat-Logstash-Slowlog-Dashboard", + "id": "Filebeat-Logstash-Slowlog-Dashboard-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json index 418d8576d5d1..bce38f2b3a7b 100644 --- a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json +++ b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", - "title": "Logs Severity [Filebeat MongoDB]", + "savedSearchId": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", + "title": "Logs Severity [Filebeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -30,7 +30,7 @@ "id": "2", "params": { "customLabel": "Log severity", - "field": "mongodb.log.severity", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -46,11 +46,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Logs Severity [Filebeat MongoDB]", + "title": "Logs Severity [Filebeat MongoDB] ECS", "type": "pie" } }, - "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94", + "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94-ecs", "type": "visualization", "version": 3 }, @@ -58,10 +58,10 @@ "attributes": { "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], "description": "", "hits": 0, @@ -72,7 +72,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "mongodb.log.severity: F or mongodb.log.severity: W" + "query": "log.level: F or log.level: W" }, "version": true } @@ -81,10 +81,10 @@ "@timestamp", "desc" ], - "title": "Error logs [Filebeat MongoDB]", + "title": "Error logs [Filebeat MongoDB] ECS", "version": 1 }, - "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94", + "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94-ecs", "type": "search", "version": 3 }, @@ -92,10 +92,10 @@ "attributes": { "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], "description": "", "hits": 0, @@ -106,7 +106,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "mongodb.log.severity: *" + "query": "log.level: *" }, "version": true } @@ -115,10 +115,10 @@ "mongodb.log.timestamp", "asc" ], - "title": "All logs [Filebeat MongoDB]", + "title": "All logs [Filebeat MongoDB] ECS", "version": 1 }, - "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", + "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", "type": "search", "version": 2 }, @@ -143,7 +143,7 @@ "panelsJSON": [ { "col": 1, - "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94", + "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94-ecs", "panelIndex": 1, "row": 1, "size_x": 4, @@ -154,12 +154,12 @@ "col": 5, "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], - "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94", + "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94-ecs", "panelIndex": 2, "row": 1, "size_x": 8, @@ -174,12 +174,12 @@ "col": 1, "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], - "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", + "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -192,11 +192,11 @@ } ], "timeRestore": false, - "title": "Overview [Filebeat MongoDB]", + "title": "Overview [Filebeat MongoDB] ECS", "uiStateJSON": {}, "version": 1 }, - "id": "abcf35b0-0a82-11e8-bffe-ff7d4f68cf94", + "id": "abcf35b0-0a82-11e8-bffe-ff7d4f68cf94-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json index fe4ce23a6045..fa83715a72d9 100644 --- a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json +++ b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log", - "title": "Top slowest queries [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", + "title": "Top slowest queries [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "params": { @@ -28,7 +28,7 @@ "id": "1", "params": { "customLabel": "Query time", - "field": "mysql.slowlog.query_time.sec" + "field": "event.duration" }, "schema": "metric", "type": "max" @@ -51,7 +51,7 @@ "id": "3", "params": { "customLabel": "User", - "field": "mysql.slowlog.user", + "field": "user.name", "order": "desc", "orderBy": "1", "size": 5 @@ -71,11 +71,11 @@ }, "totalFunc": "sum" }, - "title": "Top slowest queries [Filebeat MySQL]", + "title": "Top slowest queries [Filebeat MySQL] ECS", "type": "table" } }, - "id": "MySQL-slowest-queries", + "id": "MySQL-slowest-queries-ecs", "type": "visualization", "version": 1 }, @@ -87,8 +87,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log", - "title": "Slow queries over time [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", + "title": "Slow queries over time [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -198,11 +198,11 @@ ], "yAxis": {} }, - "title": "Slow queries over time [Filebeat MySQL]", + "title": "Slow queries over time [Filebeat MySQL] ECS", "type": "histogram" } }, - "id": "MySQL-Slow-queries-over-time", + "id": "MySQL-Slow-queries-over-time-ecs", "type": "visualization", "version": 1 }, @@ -214,8 +214,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-error-log", - "title": "Error logs over time [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-error-log-ecs", + "title": "Error logs over time [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -326,19 +326,19 @@ ], "yAxis": {} }, - "title": "Error logs over time [Filebeat MySQL]", + "title": "Error logs over time [Filebeat MySQL] ECS", "type": "histogram" } }, - "id": "MySQL-error-logs", + "id": "MySQL-error-logs-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "mysql.error.level", - "mysql.error.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -353,7 +353,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "mysql", @@ -364,7 +364,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "mysql", "type": "phrase" } @@ -424,10 +424,10 @@ "@timestamp", "desc" ], - "title": "Error logs [Filebeat MySQL]", + "title": "Error logs [Filebeat MySQL] ECS", "version": 1 }, - "id": "Filebeat-MySQL-error-log", + "id": "Filebeat-MySQL-error-log-ecs", "type": "search", "version": 1 }, @@ -439,8 +439,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-error-log", - "title": "Error logs levels breakdown [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-error-log-ecs", + "title": "Error logs levels breakdown [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -464,7 +464,7 @@ "enabled": true, "id": "2", "params": { - "field": "mysql.error.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -481,11 +481,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "Error logs levels breakdown [Filebeat MySQL]", + "title": "Error logs levels breakdown [Filebeat MySQL] ECS", "type": "pie" } }, - "id": "MySQL-Error-logs-levels", + "id": "MySQL-Error-logs-levels-ecs", "type": "visualization", "version": 1 }, @@ -497,8 +497,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log", - "title": "Slow logs breakdown [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", + "title": "Slow logs breakdown [Filebeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -531,11 +531,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "Slow logs breakdown [Filebeat MySQL]", + "title": "Slow logs breakdown [Filebeat MySQL] ECS", "type": "pie" } }, - "id": "MySQL-Slow-logs-by-count", + "id": "MySQL-Slow-logs-by-count-ecs", "type": "visualization", "version": 1 }, @@ -557,7 +557,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "mysql", @@ -568,7 +568,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "mysql", "type": "phrase" } @@ -628,10 +628,10 @@ "@timestamp", "desc" ], - "title": "Slow logs [Filebeat MySQL]", + "title": "Slow logs [Filebeat MySQL] ECS", "version": 1 }, - "id": "Filebeat-MySQL-Slow-log", + "id": "Filebeat-MySQL-Slow-log-ecs", "type": "search", "version": 1 }, @@ -661,7 +661,7 @@ "panelsJSON": [ { "col": 1, - "id": "MySQL-slowest-queries", + "id": "MySQL-slowest-queries-ecs", "panelIndex": 1, "row": 8, "size_x": 6, @@ -670,7 +670,7 @@ }, { "col": 1, - "id": "MySQL-Slow-queries-over-time", + "id": "MySQL-Slow-queries-over-time-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -679,7 +679,7 @@ }, { "col": 7, - "id": "MySQL-error-logs", + "id": "MySQL-error-logs-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -689,10 +689,10 @@ { "col": 7, "columns": [ - "mysql.error.level", - "mysql.error.message" + "log.level", + "message" ], - "id": "Filebeat-MySQL-error-log", + "id": "Filebeat-MySQL-error-log-ecs", "panelIndex": 4, "row": 8, "size_x": 6, @@ -705,7 +705,7 @@ }, { "col": 7, - "id": "MySQL-Error-logs-levels", + "id": "MySQL-Error-logs-levels-ecs", "panelIndex": 5, "row": 4, "size_x": 6, @@ -714,7 +714,7 @@ }, { "col": 1, - "id": "MySQL-Slow-logs-by-count", + "id": "MySQL-Slow-logs-by-count-ecs", "panelIndex": 6, "row": 4, "size_x": 6, @@ -723,7 +723,7 @@ } ], "timeRestore": false, - "title": "[Filebeat MySQL] Overview", + "title": "[Filebeat MySQL] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -738,7 +738,7 @@ }, "version": 1 }, - "id": "Filebeat-MySQL-Dashboard", + "id": "Filebeat-MySQL-Dashboard-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json index 5d6566a86f69..8c75d52dfc52 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json @@ -3,8 +3,8 @@ { "attributes": { "columns": [ - "nginx.error.level", - "nginx.error.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -37,20 +37,20 @@ "@timestamp", "desc" ], - "title": "Nginx error logs [Filebeat Nginx]", + "title": "Nginx error logs [Filebeat Nginx] ECS", "version": 1 }, - "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519", + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "nginx.access.url", - "nginx.access.method", - "nginx.access.response_code", - "nginx.access.body_sent.bytes" + "url.original", + "http.request.method", + "http.response.status_code", + "http.response.body.bytes" ], "description": "", "hits": 0, @@ -83,10 +83,10 @@ "@timestamp", "desc" ], - "title": "Nginx access logs [Filebeat Nginx]", + "title": "Nginx access logs [Filebeat Nginx] ECS", "version": 1 }, - "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519", + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", "type": "search", "version": 4 }, @@ -96,7 +96,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Access logs over time [Filebeat Nginx]", + "title": "Access logs over time [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -120,7 +120,7 @@ "id": "3189aa80-a1f3-11e7-a062-a1c3587f4874" } ], - "filter": "fileset.module:nginx AND fileset.name:access", + "filter": "event.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -151,7 +151,7 @@ ], "split_mode": "everything", "stacked": "none", - "terms_field": "nginx.access.url", + "terms_field": "url.original", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], @@ -160,11 +160,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Access logs over time [Filebeat Nginx]", + "title": "Access logs over time [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519", + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 2 }, @@ -174,20 +174,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519)" + "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "type": "markdown" } }, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 1 }, @@ -218,10 +218,10 @@ { "col": 1, "columns": [ - "nginx.error.level", - "nginx.error.message" + "log.level", + "message" ], - "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519", + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 11, "row": 5, "size_x": 12, @@ -235,12 +235,12 @@ { "col": 1, "columns": [ - "nginx.access.url", - "nginx.access.method", - "nginx.access.response_code", - "nginx.access.body_sent.bytes" + "url.original", + "http.request.method", + "http.response.status_code", + "http.response.body.bytes" ], - "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519", + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 16, "row": 8, "size_x": 12, @@ -253,7 +253,7 @@ }, { "col": 1, - "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519", + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 18, "row": 2, "size_x": 12, @@ -262,7 +262,7 @@ }, { "col": 1, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 19, "row": 1, "size_x": 12, @@ -271,11 +271,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] Access and error logs", + "title": "[Filebeat Nginx] Access and error logs ECS", "uiStateJSON": {}, "version": 1 }, - "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519", + "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json index e955762c6cea..ea04c8ec081c 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json @@ -15,7 +15,7 @@ } } }, - "title": "Browsers breakdown [Filebeat Nginx]", + "title": "Browsers breakdown [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -60,11 +60,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Nginx Access Browsers", + "title": "Nginx Access Browsers ECS", "type": "pie" } }, - "id": "Nginx-Access-Browsers", + "id": "Nginx-Access-Browsers-ecs", "type": "visualization", "version": 1 }, @@ -83,7 +83,7 @@ } } }, - "title": "Operating systems breakdown [Filebeat Nginx]", + "title": "Operating systems breakdown [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -128,11 +128,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Nginx Access OSes", + "title": "Nginx Access OSes ECS", "type": "pie" } }, - "id": "Nginx-Access-OSes", + "id": "Nginx-Access-OSes-ecs", "type": "visualization", "version": 1 }, @@ -144,8 +144,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Nginx-module", - "title": "Access Map [Filebeat Nginx]", + "savedSearchId": "Filebeat-Nginx-module-ecs", + "title": "Access Map [Filebeat Nginx] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -167,7 +167,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "nginx.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -202,11 +202,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Nginx Access Map", + "title": "Nginx Access Map ECS", "type": "tile_map" } }, - "id": "Nginx-Access-Map", + "id": "Nginx-Access-Map-ecs", "type": "visualization", "version": 1 }, @@ -216,7 +216,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Response codes over time [Filebeat Nginx]", + "title": "Response codes over time [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -224,7 +224,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "fileset.module:nginx AND fileset.name:access", + "filter": "event.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -250,32 +250,32 @@ "split_filters": [ { "color": "#68BC00", - "filter": "nginx.access.response_code:[200 TO 299]", + "filter": "http.response.status_code:[200 TO 299]", "id": "5acdc750-a29d-11e7-a062-a1c3587f4874", "label": "200s" }, { "color": "rgba(252,196,0,1)", - "filter": "nginx.access.response_code:[300 TO 399]", + "filter": "http.response.status_code:[300 TO 399]", "id": "6efd2ae0-a29d-11e7-a062-a1c3587f4874", "label": "300s" }, { "color": "rgba(211,49,21,1)", - "filter": "nginx.access.response_code:[400 TO 499]", + "filter": "http.response.status_code:[400 TO 499]", "id": "76089a90-a29d-11e7-a062-a1c3587f4874", "label": "400s" }, { "color": "rgba(171,20,158,1)", - "filter": "nginx.access.response_code:[500 TO 599]", + "filter": "http.response.status_code:[500 TO 599]", "id": "7c7929d0-a29d-11e7-a062-a1c3587f4874", "label": "500s" } ], "split_mode": "filters", "stacked": "stacked", - "terms_field": "nginx.access.response_code", + "terms_field": "http.response.status_code", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], @@ -284,11 +284,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Response codes over time [Filebeat Nginx]", + "title": "Response codes over time [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519", + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 7 }, @@ -298,7 +298,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Top pages [Filebeat Nginx]", + "title": "Top pages [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -311,7 +311,7 @@ "id": "6252c320-a1f5-11e7-92ba-5d0b8663aece" } ], - "filter": "fileset.module:nginx AND fileset.name:access", + "filter": "event.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -334,7 +334,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "nginx.access.url", + "terms_field": "url.original", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417", "value_template": "" } @@ -344,11 +344,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top pages [Filebeat Nginx]", + "title": "Top pages [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519", + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 3 }, @@ -358,7 +358,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Errors over time [Filebeat Nginx]", + "title": "Errors over time [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -366,7 +366,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "fileset.module:nginx AND fileset.name:error", + "filter": "event.module:nginx AND fileset.name:error", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -390,7 +390,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "nginx.error.level", + "terms_field": "log.level", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], @@ -399,11 +399,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Errors over time [Filebeat Nginx]", + "title": "Errors over time [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519", + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 5 }, @@ -413,7 +413,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Data Volume [Filebeat Nginx]", + "title": "Data Volume [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -421,7 +421,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "fileset.module: nginx AND fileset.name: access", + "filter": "event.module: nginx AND fileset.name: access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -438,7 +438,7 @@ "line_width": 1, "metrics": [ { - "field": "nginx.access.body_sent.bytes", + "field": "http.response.body.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", "type": "sum" } @@ -448,7 +448,7 @@ "split_filters": [ { "color": "#68BC00", - "filter": "nginx.access.response_code:[200 TO 299]", + "filter": "http.response.status_code:[200 TO 299]", "id": "7c343c20-a29e-11e7-a062-a1c3587f4874", "label": "200s" } @@ -463,11 +463,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Data Volume [Filebeat Nginx]", + "title": "Data Volume [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519", + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 2 }, @@ -477,31 +477,31 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519)" + "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "type": "markdown" } }, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "nginx.access.url", - "nginx.access.method", - "nginx.access.response_code", - "nginx.access.referrer", - "nginx.access.body_sent.bytes" + "url.original", + "http.request.method", + "http.response.status_code", + "http.request.referrer", + "http.response.body.bytes" ], "description": "", "hits": 0, @@ -539,10 +539,10 @@ "@timestamp", "desc" ], - "title": "Nginx logs [Filebeat Nginx]", + "title": "Nginx logs [Filebeat Nginx] ECS", "version": 1 }, - "id": "Filebeat-Nginx-module", + "id": "Filebeat-Nginx-module-ecs", "type": "search", "version": 2 }, @@ -572,7 +572,7 @@ "panelsJSON": [ { "col": 10, - "id": "Nginx-Access-Browsers", + "id": "Nginx-Access-Browsers-ecs", "panelIndex": 3, "row": 12, "size_x": 3, @@ -581,7 +581,7 @@ }, { "col": 7, - "id": "Nginx-Access-OSes", + "id": "Nginx-Access-OSes-ecs", "panelIndex": 4, "row": 12, "size_x": 3, @@ -590,7 +590,7 @@ }, { "col": 1, - "id": "Nginx-Access-Map", + "id": "Nginx-Access-Map-ecs", "panelIndex": 8, "row": 2, "size_x": 12, @@ -599,7 +599,7 @@ }, { "col": 1, - "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519", + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 13, "row": 6, "size_x": 12, @@ -608,7 +608,7 @@ }, { "col": 7, - "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519", + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 14, "row": 9, "size_x": 6, @@ -617,7 +617,7 @@ }, { "col": 1, - "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519", + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 15, "row": 9, "size_x": 6, @@ -626,7 +626,7 @@ }, { "col": 1, - "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519", + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 16, "row": 12, "size_x": 6, @@ -635,7 +635,7 @@ }, { "col": 1, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 17, "row": 1, "size_x": 12, @@ -644,7 +644,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] Overview", + "title": "[Filebeat Nginx] Overview ECS", "uiStateJSON": { "P-4": { "vis": { @@ -682,7 +682,7 @@ }, "version": 1 }, - "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519", + "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json index 0403ead98a50..9113043e29f6 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Remote IP Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Remote IP Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -125,11 +125,11 @@ } ] }, - "title": "ML Nginx Access Remote IP Timechart", + "title": "ML Nginx Access Remote IP Timechart ECS", "type": "area" } }, - "id": "ML-Nginx-Access-Remote-IP-Timechart", + "id": "ML-Nginx-Access-Remote-IP-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -141,8 +141,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Response Code Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Response Code Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -178,7 +178,7 @@ "enabled": true, "id": "3", "params": { - "field": "nginx.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -201,11 +201,11 @@ "times": [], "yAxis": {} }, - "title": "ML Nginx Access Response Code Timechart", + "title": "ML Nginx Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -215,8 +215,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top Remote IPs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top Remote IPs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -262,11 +262,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top Remote IPs Table", + "title": "ML Nginx Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -278,8 +278,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Access Map [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Access Map [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -301,7 +301,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "nginx.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -336,11 +336,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Nginx Access Map", + "title": "ML Nginx Access Map ECS", "type": "tile_map" } }, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -350,8 +350,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top URLs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top URLs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -376,7 +376,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -397,11 +397,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top URLs Table", + "title": "ML Nginx Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -441,10 +441,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Nginx]", + "title": "ML Access Data [Filebeat Nginx] ECS", "version": 1 }, - "id": "ML-Filebeat-Nginx-Access", + "id": "ML-Filebeat-Nginx-Access-ecs", "type": "search", "version": 3 }, @@ -474,7 +474,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Nginx-Access-Remote-IP-Timechart", + "id": "ML-Nginx-Access-Remote-IP-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -483,7 +483,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -492,7 +492,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -501,7 +501,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -510,7 +510,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -519,7 +519,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] [ML] Remote IP Count Explorer", + "title": "[Filebeat Nginx] [ML] Remote IP Count Explorer ECS", "uiStateJSON": { "P-3": { "vis": { @@ -544,7 +544,7 @@ }, "version": 1 }, - "id": "ML-Nginx-Access-Remote-IP-Count-Explorer", + "id": "ML-Nginx-Access-Remote-IP-Count-Explorer-ecs", "type": "dashboard", "version": 3 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json index e43ca0b671d0..96dbcefb6862 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Unique Count URL Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Unique Count URL Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -16,7 +16,7 @@ "enabled": true, "id": "1", "params": { - "field": "nginx.access.url" + "field": "url.original" }, "schema": "metric", "type": "cardinality" @@ -114,11 +114,11 @@ } ] }, - "title": "ML Nginx Access Unique Count URL Timechart", + "title": "ML Nginx Access Unique Count URL Timechart ECS", "type": "line" } }, - "id": "ML-Nginx-Access-Unique-Count-URL-Timechart", + "id": "ML-Nginx-Access-Unique-Count-URL-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -130,8 +130,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Response Code Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Response Code Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -167,7 +167,7 @@ "enabled": true, "id": "3", "params": { - "field": "nginx.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -190,11 +190,11 @@ "times": [], "yAxis": {} }, - "title": "ML Nginx Access Response Code Timechart", + "title": "ML Nginx Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -204,8 +204,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top Remote IPs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top Remote IPs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -251,11 +251,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top Remote IPs Table", + "title": "ML Nginx Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -267,8 +267,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Access Map [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Access Map [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -290,7 +290,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "nginx.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -325,11 +325,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Nginx Access Map", + "title": "ML Nginx Access Map ECS", "type": "tile_map" } }, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -339,8 +339,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top URLs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top URLs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -365,7 +365,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -386,11 +386,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top URLs Table", + "title": "ML Nginx Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -430,10 +430,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Nginx]", + "title": "ML Access Data [Filebeat Nginx] ECS", "version": 1 }, - "id": "ML-Filebeat-Nginx-Access", + "id": "ML-Filebeat-Nginx-Access-ecs", "type": "search", "version": 3 }, @@ -463,7 +463,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Nginx-Access-Unique-Count-URL-Timechart", + "id": "ML-Nginx-Access-Unique-Count-URL-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -472,7 +472,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -481,7 +481,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -490,7 +490,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -499,7 +499,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -508,7 +508,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] [ML] Remote IP URL Explorer", + "title": "[Filebeat Nginx] [ML] Remote IP URL Explorer ECS", "uiStateJSON": { "P-2": { "vis": { @@ -543,7 +543,7 @@ }, "version": 1 }, - "id": "ML-Nginx-Remote-IP-URL-Explorer", + "id": "ML-Nginx-Remote-IP-URL-Explorer-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json index e9b2f6c92687..0642a853b46d 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json @@ -52,10 +52,10 @@ "@timestamp", "desc" ], - "title": "Mounts [Osquery results]", + "title": "Mounts [Osquery results] ECS", "version": 1 }, - "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05", + "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -72,8 +72,8 @@ } } }, - "savedSearchId": "7a9482d0-eb00-11e7-8f04-51231daa5b05", - "title": "Mounts by type [Osquery Result]", + "savedSearchId": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", + "title": "Mounts by type [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -123,11 +123,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Mounts by type [Osquery Result]", + "title": "Mounts by type [Osquery Result] ECS", "type": "pie" } }, - "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05", + "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -184,10 +184,10 @@ "@timestamp", "desc" ], - "title": "DEB packages installed [Osquery results]", + "title": "DEB packages installed [Osquery results] ECS", "version": 1 }, - "id": "3824b080-eb02-11e7-8f04-51231daa5b05", + "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -204,8 +204,8 @@ } } }, - "savedSearchId": "b5d6baa0-eb02-11e7-8f04-51231daa5b05", - "title": "OS versions [Osquery result]", + "savedSearchId": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", + "title": "OS versions [Osquery result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -269,11 +269,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "OS versions [Osquery result]", + "title": "OS versions [Osquery result] ECS", "type": "pie" } }, - "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05", + "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -317,8 +317,8 @@ } } }, - "savedSearchId": "f59e21e0-eb03-11e7-8f04-51231daa5b05", - "title": "Number of Kernel modules [Osquery Result]", + "savedSearchId": "f59e21e0-eb03-11e7-8f04-51231daa5b05-ecs", + "title": "Number of Kernel modules [Osquery Result] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -386,11 +386,11 @@ "isDisplayWarning": false, "type": "gauge" }, - "title": "Number of Kernel modules [Osquery Result]", + "title": "Number of Kernel modules [Osquery Result] ECS", "type": "gauge" } }, - "id": "240f3630-eb05-11e7-8f04-51231daa5b05", + "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -401,20 +401,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040)" + "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "type": "markdown" } }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", "version": 3 @@ -469,10 +469,10 @@ "@timestamp", "desc" ], - "title": "OS versions [Osquery results]", + "title": "OS versions [Osquery results] ECS", "version": 1 }, - "id": "b5d6baa0-eb02-11e7-8f04-51231daa5b05", + "id": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -529,10 +529,10 @@ "@timestamp", "desc" ], - "title": "Kernel modules [Osquery results]", + "title": "Kernel modules [Osquery results] ECS", "version": 1 }, - "id": "f59e21e0-eb03-11e7-8f04-51231daa5b05", + "id": "f59e21e0-eb03-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -566,7 +566,7 @@ "x": 6, "y": 6 }, - "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05", + "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", "panelIndex": "1", "type": "search", "version": "6.2.4" @@ -579,7 +579,7 @@ "x": 5, "y": 1 }, - "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05", + "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -592,7 +592,7 @@ "x": 0, "y": 6 }, - "id": "3824b080-eb02-11e7-8f04-51231daa5b05", + "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", "panelIndex": "3", "type": "search", "version": "6.2.4" @@ -605,7 +605,7 @@ "x": 0, "y": 1 }, - "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05", + "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -626,7 +626,7 @@ "x": 0, "y": 4 }, - "id": "240f3630-eb05-11e7-8f04-51231daa5b05", + "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" @@ -639,14 +639,14 @@ "x": 0, "y": 0 }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "panelIndex": "6", "type": "visualization", "version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Osquery Result] Compliance pack", + "title": "[Osquery Result] Compliance pack ECS", "uiStateJSON": { "P-5": { "vis": { @@ -658,7 +658,7 @@ }, "version": 1 }, - "id": "69f5ae20-eb02-11e7-8f04-51231daa5b05", + "id": "69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs", "type": "dashboard", "updated_at": "2018-01-08T19:42:15.406Z", "version": 2 diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json index 38e897645b0a..17b5b234e559 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Info OSSEC rootkit [Osquery Result]", + "title": "Info OSSEC rootkit [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -15,11 +15,11 @@ "fontSize": 12, "markdown": "This dashboard shows data collected by the ossec-rootkit pack from osquery." }, - "title": "Info OSSEC rootkit [Osquery Result]", + "title": "Info OSSEC rootkit [Osquery Result] ECS", "type": "markdown" } }, - "id": "6ec10290-f4aa-11e7-8647-534bb4c21040", + "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:30:49.785Z", "version": 1 @@ -36,8 +36,8 @@ } } }, - "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040", - "title": "Number of rootkits found [Osquery Result]", + "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", + "title": "Number of rootkits found [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -81,11 +81,11 @@ }, "type": "metric" }, - "title": "Number of rootkits found [Osquery Result]", + "title": "Number of rootkits found [Osquery Result] ECS", "type": "metric" } }, - "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040", + "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:40:05.060Z", "version": 3 @@ -102,8 +102,8 @@ } } }, - "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040", - "title": "Number of hosts infected [Osquery Result]", + "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", + "title": "Number of hosts infected [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -113,7 +113,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "beat.hostname" + "field": "agent.hostname" }, "schema": "metric", "type": "cardinality" @@ -147,11 +147,11 @@ }, "type": "metric" }, - "title": "Number of hosts infected [Osquery Result]", + "title": "Number of hosts infected [Osquery Result] ECS", "type": "metric" } }, - "id": "ab587180-f4a9-11e7-8647-534bb4c21040", + "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:39:45.085Z", "version": 2 @@ -162,20 +162,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040)" + "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "type": "markdown" } }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", "version": 3 @@ -185,7 +185,7 @@ "columns": [ "osquery.result.name", "osquery.result.columns.path", - "beat.hostname" + "agent.hostname" ], "description": "", "hits": 0, @@ -219,7 +219,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "osquery", @@ -230,7 +230,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "osquery", "type": "phrase" } @@ -277,10 +277,10 @@ "@timestamp", "desc" ], - "title": "OSSEC Rootkits [Osquery Result]", + "title": "OSSEC Rootkits [Osquery Result] ECS", "version": 1 }, - "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040", + "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", "type": "search", "updated_at": "2018-01-08T19:38:24.483Z", "version": 2 @@ -314,7 +314,7 @@ "x": 8, "y": 1 }, - "id": "6ec10290-f4aa-11e7-8647-534bb4c21040", + "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", "panelIndex": "1", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -327,7 +327,7 @@ "x": 4, "y": 1 }, - "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040", + "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", "panelIndex": "2", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -340,7 +340,7 @@ "x": 0, "y": 1 }, - "id": "ab587180-f4a9-11e7-8647-534bb4c21040", + "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", "panelIndex": "3", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -353,7 +353,7 @@ "x": 0, "y": 0 }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "panelIndex": "4", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -366,18 +366,18 @@ "x": 0, "y": 3 }, - "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040", + "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", "panelIndex": "5", "type": "search", "version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Osquery Result] OSSEC rootkit pack", + "title": "[Osquery Result] OSSEC rootkit pack ECS", "uiStateJSON": {}, "version": 1 }, - "id": "c0a7ce90-f4aa-11e7-8647-534bb4c21040", + "id": "c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs", "type": "dashboard", "updated_at": "2018-01-08T19:40:16.304Z", "version": 6 diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json index 9978b509444f..375fc4d56d17 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "PostgreSQL All Logs", - "title": "Log Level Count [Filebeat PostgreSQL]", + "savedSearchId": "PostgreSQL All Logs-ecs", + "title": "Log Level Count [Filebeat PostgreSQL] ECS", "uiStateJSON": { "vis": { "params": { @@ -34,7 +34,7 @@ "enabled": true, "id": "2", "params": { - "field": "postgresql.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 12 @@ -54,21 +54,21 @@ }, "totalFunc": "sum" }, - "title": "Log Level Count [Filebeat PostgreSQL]", + "title": "Log Level Count [Filebeat PostgreSQL] ECS", "type": "table" } }, - "id": "PostgreSQL Log Level Count", + "id": "PostgreSQL Log Level Count-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.level", - "postgresql.log.message", + "log.level", + "message", "postgresql.log.query" ], "description": "", @@ -84,7 +84,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "postgresql", @@ -95,7 +95,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "postgresql", "type": "phrase" } @@ -116,10 +116,10 @@ "@timestamp", "desc" ], - "title": "All Logs [Filebeat PostgreSQL]", + "title": "All Logs [Filebeat PostgreSQL] ECS", "version": 1 }, - "id": "PostgreSQL All Logs", + "id": "PostgreSQL All Logs-ecs", "type": "search", "version": 1 }, @@ -131,8 +131,8 @@ "filter": [] } }, - "savedSearchId": "PostgreSQL All Logs", - "title": "Logs by level over time [Filebeat PostgreSQL]", + "savedSearchId": "PostgreSQL All Logs-ecs", + "title": "Logs by level over time [Filebeat PostgreSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -161,7 +161,7 @@ "enabled": true, "id": "3", "params": { - "field": "postgresql.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -240,11 +240,11 @@ } ] }, - "title": "Logs by level over time [Filebeat PostgreSQL]", + "title": "Logs by level over time [Filebeat PostgreSQL] ECS", "type": "histogram" } }, - "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3", + "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3-ecs", "type": "visualization", "version": 1 }, @@ -269,7 +269,7 @@ "panelsJSON": [ { "col": 1, - "id": "PostgreSQL Log Level Count", + "id": "PostgreSQL Log Level Count-ecs", "panelIndex": 1, "row": 1, "size_x": 3, @@ -279,13 +279,13 @@ { "col": 1, "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.level", - "postgresql.log.message", + "log.level", + "message", "postgresql.log.query" ], - "id": "PostgreSQL All Logs", + "id": "PostgreSQL All Logs-ecs", "panelIndex": 2, "row": 4, "size_x": 12, @@ -298,7 +298,7 @@ }, { "col": 4, - "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3", + "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3-ecs", "panelIndex": 3, "row": 1, "size_x": 9, @@ -307,7 +307,7 @@ } ], "timeRestore": false, - "title": "[Filebeat PostgreSQL] Overview", + "title": "[Filebeat PostgreSQL] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -322,7 +322,7 @@ }, "version": 1 }, - "id": "158be870-87f4-11e7-ad9c-db80de0bf8d3", + "id": "158be870-87f4-11e7-ad9c-db80de0bf8d3-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json index 653b071aa650..6eb09661aa45 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json @@ -11,8 +11,8 @@ } } }, - "savedSearchId": "PostgreSQL Query Durations", - "title": "Query count and cumulated duration [Filebeat PostgreSQL]", + "savedSearchId": "PostgreSQL Query Durations-ecs", + "title": "Query count and cumulated duration [Filebeat PostgreSQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -52,7 +52,7 @@ "id": "2", "params": { "customLabel": "Sum of query duration", - "field": "postgresql.log.duration" + "field": "event.duration" }, "schema": "metric", "type": "sum" @@ -144,20 +144,20 @@ } ] }, - "title": "Query count and cumulated duration [Filebeat PostgreSQL]", + "title": "Query count and cumulated duration [Filebeat PostgreSQL] ECS", "type": "histogram" } }, - "id": "PostgreSQL Query Count and Duration", + "id": "PostgreSQL Query Count and Duration-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.duration", + "event.duration", "postgresql.log.query" ], "description": "", @@ -169,7 +169,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "postgresql.log.duration:>30" + "query": "event.duration:>30" }, "version": true } @@ -178,19 +178,19 @@ "@timestamp", "desc" ], - "title": "Slow Queries [Filebeat PostgreSQL]", + "title": "Slow Queries [Filebeat PostgreSQL] ECS", "version": 1 }, - "id": "Slow PostgreSQL Queries", + "id": "Slow PostgreSQL Queries-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.duration", + "event.duration", "postgresql.log.query" ], "description": "", @@ -202,7 +202,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "postgresql.log.duration:*" + "query": "event.duration:*" }, "version": true } @@ -211,10 +211,10 @@ "@timestamp", "desc" ], - "title": "Query Durations [Filebeat PostgreSQL]", + "title": "Query Durations [Filebeat PostgreSQL] ECS", "version": 1 }, - "id": "PostgreSQL Query Durations", + "id": "PostgreSQL Query Durations-ecs", "type": "search", "version": 1 }, @@ -239,7 +239,7 @@ "panelsJSON": [ { "col": 1, - "id": "PostgreSQL Query Count and Duration", + "id": "PostgreSQL Query Count and Duration-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -249,12 +249,12 @@ { "col": 7, "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.duration", + "event.duration", "postgresql.log.query" ], - "id": "Slow PostgreSQL Queries", + "id": "Slow PostgreSQL Queries-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -268,12 +268,12 @@ { "col": 1, "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.duration", + "event.duration", "postgresql.log.query" ], - "id": "PostgreSQL Query Durations", + "id": "PostgreSQL Query Durations-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -286,11 +286,11 @@ } ], "timeRestore": false, - "title": "[Filebeat PostgreSQL] Query Duration Overview", + "title": "[Filebeat PostgreSQL] Query Duration Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "e4c5f230-87f3-11e7-ad9c-db80de0bf8d3", + "id": "e4c5f230-87f3-11e7-ad9c-db80de0bf8d3-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json index 91c000ad7ec1..4cd6acabd6e1 100644 --- a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json +++ b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json @@ -20,7 +20,7 @@ "version": true } }, - "title": "Log levels and roles breakdown [Filebeat Redis]", + "title": "Log levels and roles breakdown [Filebeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -49,7 +49,7 @@ "id": "2", "params": { "customLabel": "Log level", - "field": "redis.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -65,11 +65,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Log levels and roles breakdown [Filebeat Redis]", + "title": "Log levels and roles breakdown [Filebeat Redis] ECS", "type": "pie" } }, - "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b", + "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b-ecs", "type": "visualization", "version": 2 }, @@ -93,7 +93,7 @@ "version": true } }, - "title": "Logs over time [Filebeat Redis]", + "title": "Logs over time [Filebeat Redis] ECS", "uiStateJSON": { "vis": { "colors": { @@ -129,7 +129,7 @@ "enabled": true, "id": "3", "params": { - "field": "redis.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -215,21 +215,21 @@ } ] }, - "title": "Logs over time [Filebeat Redis]", + "title": "Logs over time [Filebeat Redis] ECS", "type": "histogram" } }, - "id": "d2864600-478f-11e7-be88-2ddb32f3df97", + "id": "d2864600-478f-11e7-be88-2ddb32f3df97-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "beat.name", - "redis.log.level", + "host.name", + "log.level", "redis.log.role", - "redis.log.message" + "message" ], "description": "", "hits": 0, @@ -244,7 +244,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "redis", @@ -255,7 +255,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "redis", "type": "phrase" } @@ -302,10 +302,10 @@ "@timestamp", "desc" ], - "title": "Logs [Filebeat Redis]", + "title": "Logs [Filebeat Redis] ECS", "version": 1 }, - "id": "73613570-4791-11e7-be88-2ddb32f3df97", + "id": "73613570-4791-11e7-be88-2ddb32f3df97-ecs", "type": "search", "version": 2 }, @@ -317,8 +317,8 @@ "filter": [] } }, - "savedSearchId": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", - "title": "Top slowest commands [Filebeat Redis]", + "savedSearchId": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", + "title": "Top slowest commands [Filebeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -426,18 +426,18 @@ } ] }, - "title": "Top slowest commands [Filebeat Redis]", + "title": "Top slowest commands [Filebeat Redis] ECS", "type": "histogram" } }, - "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97", + "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "beat.name", + "host.name", "message", "redis.slowlog.duration.us", "redis.slowlog.key" @@ -465,10 +465,10 @@ "@timestamp", "desc" ], - "title": "Slow logs [Filebeat Redis]", + "title": "Slow logs [Filebeat Redis] ECS", "version": 1 }, - "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", + "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", "type": "search", "version": 2 }, @@ -498,7 +498,7 @@ "panelsJSON": [ { "col": 1, - "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b", + "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b-ecs", "panelIndex": 2, "row": 5, "size_x": 3, @@ -507,7 +507,7 @@ }, { "col": 4, - "id": "d2864600-478f-11e7-be88-2ddb32f3df97", + "id": "d2864600-478f-11e7-be88-2ddb32f3df97-ecs", "panelIndex": 3, "row": 5, "size_x": 9, @@ -517,12 +517,12 @@ { "col": 1, "columns": [ - "beat.name", - "redis.log.level", + "host.name", + "log.level", "redis.log.role", - "redis.log.message" + "message" ], - "id": "73613570-4791-11e7-be88-2ddb32f3df97", + "id": "73613570-4791-11e7-be88-2ddb32f3df97-ecs", "panelIndex": 4, "row": 8, "size_x": 12, @@ -535,7 +535,7 @@ }, { "col": 7, - "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97", + "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97-ecs", "panelIndex": 5, "row": 1, "size_x": 6, @@ -545,12 +545,12 @@ { "col": 1, "columns": [ - "beat.name", + "host.name", "message", "redis.slowlog.duration.us", "redis.slowlog.key" ], - "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", + "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", "panelIndex": 6, "row": 1, "size_x": 6, @@ -563,7 +563,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Redis] Overview", + "title": "[Filebeat Redis] Overview ECS", "uiStateJSON": { "P-5": { "vis": { @@ -573,7 +573,7 @@ }, "version": 1 }, - "id": "7fea2930-478e-11e7-b1f0-cb29bac6bf8b", + "id": "7fea2930-478e-11e7-b1f0-cb29bac6bf8b-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json index 71245b0e755a..aa2f1c29c37e 100644 --- a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json +++ b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json @@ -1,3 +1,4 @@ +<<<<<<< HEAD { "objects": [ { @@ -587,3 +588,6 @@ ], "version": "7.0.0-alpha1-SNAPSHOT" } +======= +{"objects":[{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"title":"Description [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[],"params":{"fontSize":12,"markdown":"![Santa Icon](https://raw.githubusercontent.com/google/santa/master/Source/SantaGUI/Resources/Images.xcassets/AppIcon.appiconset/santa-hat-icon-128.png)\n\nGoogle Santa is a binary whitelisting/blacklisting system for macOS that monitors process executions.","openLinksInNewTab":false},"title":"Description [Filebeat Santa] ECS","type":"markdown"}},"id":"dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:31:14.285Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"title":"Decisions [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[],"params":{"axis_formatter":"number","axis_position":"left","axis_scale":"normal","filter":"event.module:santa AND event.dataset:log","id":"61ca57f0-469d-11e7-af02-69e470af7417","index_pattern":"filebeat-*","interval":"auto","series":[{"axis_position":"right","chart_type":"line","color":"#68BC00","fill":0.5,"formatter":"number","id":"61ca57f1-469d-11e7-af02-69e470af7417","label":"Decision","line_width":1,"metrics":[{"id":"61ca57f2-469d-11e7-af02-69e470af7417","type":"count"}],"point_size":1,"separate_axis":0,"split_mode":"terms","stacked":"none","terms_field":"santa.decision"}],"show_grid":1,"show_legend":1,"time_field":"@timestamp","type":"timeseries"},"title":"Decisions [Filebeat Santa] ECS","type":"metrics"}},"id":"1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:40:02.169Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Total Events [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{"customLabel":"Total Events"},"schema":"metric","type":"count"}],"params":{"addLegend":false,"addTooltip":true,"metric":{"colorSchema":"Green to Red","colorsRange":[{"from":0,"to":10000}],"invertColors":false,"labels":{"show":true},"metricColorMode":"None","percentageMode":false,"style":{"bgColor":false,"bgFill":"#000","fontSize":60,"labelColor":false,"subText":""},"useRanges":false},"type":"metric"},"title":"Total Events [Filebeat Santa] ECS","type":"metric"}},"id":"51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:41:42.712Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Decision and Reason [Filebeat Santa] ECS","uiStateJSON":{"vis":{"colors":{"ALLOW":"#7EB26D"}}},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{},"schema":"metric","type":"count"},{"enabled":true,"id":"2","params":{"customLabel":"Decision","field":"santa.decision","missingBucket":false,"missingBucketLabel":"Missing","order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","size":5},"schema":"segment","type":"terms"},{"enabled":true,"id":"3","params":{"customLabel":"Reason","field":"santa.reason","missingBucket":false,"missingBucketLabel":"Missing","order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","size":5},"schema":"segment","type":"terms"}],"params":{"addLegend":true,"addTooltip":true,"isDonut":true,"labels":{"last_level":true,"show":false,"truncate":100,"values":true},"legendPosition":"right","type":"pie"},"title":"Decision and Reason [Filebeat Santa] ECS","type":"pie"}},"id":"30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:47:57.150Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Num of Hosts Reporting [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{"customLabel":"Hosts Reporting","field":"agent.hostname"},"schema":"metric","type":"cardinality"}],"params":{"addLegend":false,"addTooltip":true,"metric":{"colorSchema":"Green to Red","colorsRange":[{"from":0,"to":10000}],"invertColors":false,"labels":{"show":true},"metricColorMode":"None","percentageMode":false,"style":{"bgColor":false,"bgFill":"#000","fontSize":60,"labelColor":false,"subText":""},"useRanges":false},"type":"metric"},"title":"Num of Hosts Reporting [Filebeat Santa] ECS","type":"metric"}},"id":"b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:51:31.622Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Code Signers [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{},"schema":"metric","type":"count"},{"enabled":true,"id":"2","params":{"field":"certificate.common_name","missingBucket":false,"missingBucketLabel":"Missing","order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","size":5},"schema":"segment","type":"terms"}],"params":{"maxFontSize":39,"minFontSize":12,"orientation":"single","scale":"linear","showLabel":true},"title":"Code Signers [Filebeat Santa] ECS","type":"tagcloud"}},"id":"11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:57:58.885Z","version":2},{"attributes":{"columns":["agent.hostname","process.executable","user.name","certificate.common_name"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"filebeat-*","key":"event.module","negate":false,"params":{"query":"santa","type":"phrase"},"type":"phrase","value":"santa"},"query":{"match":{"event.module":{"query":"santa","type":"phrase"}}}},{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"filebeat-*","key":"event.dataset","negate":false,"params":{"query":"log","type":"phrase"},"type":"phrase","value":"log"},"query":{"match":{"event.dataset":{"query":"log","type":"phrase"}}}}],"highlightAll":true,"index":"filebeat-*","query":{"language":"kuery","query":""},"version":true}},"sort":["@timestamp","desc"],"title":"Santa Logs Search [Filebeat Santa] ECS","version":1},"id":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","type":"search","updated_at":"2018-12-14T06:57:11.037Z","version":2},{"attributes":{"description":"Process executions on macOS monitored by Google Santa.","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"optionsJSON":{"darkTheme":false,"hidePanelTitles":false,"useMargins":true},"panelsJSON":[{"embeddableConfig":{},"gridData":{"h":12,"i":"1","w":10,"x":0,"y":0},"id":"dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"1","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":12,"i":"2","w":38,"x":10,"y":0},"id":"1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"2","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"3","w":10,"x":8,"y":12},"id":"51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"3","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"4","w":12,"x":36,"y":12},"id":"30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"4","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"5","w":8,"x":0,"y":12},"id":"b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"5","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"6","w":18,"x":18,"y":12},"id":"11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"6","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"7","w":48,"x":0,"y":22},"id":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"7","type":"search","version":"7.0.0-alpha1-SNAPSHOT"}],"timeRestore":false,"title":"[Filebeat Santa] Overview ECS","version":1},"id":"161855f0-ff6a-11e8-93c5-d5ecd1b3e307-ecs","type":"dashboard","updated_at":"2018-12-14T06:58:23.367Z","version":5}],"version":"7.0.0-alpha1-SNAPSHOT"} +>>>>>>> Introduce migration script for data in Kibana files diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json index 80e62f40e874..d17f7526b2e3 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", - "title": "Sudo commands by user [Filebeat System]", + "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", + "title": "Sudo commands by user [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -59,11 +59,11 @@ "setYExtents": false, "times": [] }, - "title": "Sudo commands by user", + "title": "Sudo commands by user ECS", "type": "histogram" } }, - "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a", + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", "type": "visualization", "version": 2 }, @@ -83,7 +83,7 @@ } } }, - "title": "Sudo errors [Filebeat System]", + "title": "Sudo errors [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -133,11 +133,11 @@ "setYExtents": false, "times": [] }, - "title": "Sudo errors", + "title": "Sudo errors ECS", "type": "histogram" } }, - "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a", + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", "type": "visualization", "version": 2 }, @@ -149,8 +149,8 @@ "filter": [] } }, - "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", - "title": "Top sudo commands [Filebeat System]", + "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", + "title": "Top sudo commands [Filebeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -208,11 +208,11 @@ }, "totalFunc": "sum" }, - "title": "Top sudo commands", + "title": "Top sudo commands ECS", "type": "table" } }, - "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a", + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", "type": "visualization", "version": 2 }, @@ -222,20 +222,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -266,10 +266,10 @@ "@timestamp", "desc" ], - "title": "Sudo commands [Filebeat System]", + "title": "Sudo commands [Filebeat System] ECS", "version": 1 }, - "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", + "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", "type": "search", "version": 2 }, @@ -299,7 +299,7 @@ "panelsJSON": [ { "col": 1, - "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a", + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", "panelIndex": 1, "row": 6, "size_x": 12, @@ -308,7 +308,7 @@ }, { "col": 1, - "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a", + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", "panelIndex": 2, "row": 10, "size_x": 12, @@ -317,7 +317,7 @@ }, { "col": 1, - "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a", + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", "panelIndex": 3, "row": 2, "size_x": 12, @@ -326,7 +326,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 4, "row": 1, "size_x": 12, @@ -335,7 +335,7 @@ } ], "timeRestore": false, - "title": "[Filebeat System] Sudo commands", + "title": "[Filebeat System] Sudo commands ECS", "uiStateJSON": { "P-3": { "vis": { @@ -350,7 +350,7 @@ }, "version": 1 }, - "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a", + "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json index 2e7e7fd6f9ba..327a4e3c093e 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users [Filebeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -35,7 +35,7 @@ "id": "2", "params": { "customLabel": "Host", - "field": "system.auth.hostname", + "field": "host.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -61,7 +61,7 @@ "id": "4", "params": { "customLabel": "UID", - "field": "system.auth.useradd.uid", + "field": "user.id", "order": "desc", "orderBy": "1", "size": 5 @@ -121,11 +121,11 @@ }, "totalFunc": "sum" }, - "title": "New users", + "title": "New users ECS", "type": "table" } }, - "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab", + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", "type": "visualization", "version": 2 }, @@ -137,8 +137,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users over time [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users over time [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -188,11 +188,11 @@ "setYExtents": false, "times": [] }, - "title": "New users over time", + "title": "New users over time ECS", "type": "histogram" } }, - "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab", + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", "type": "visualization", "version": 2 }, @@ -204,8 +204,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users by shell [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users by shell [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -258,11 +258,11 @@ "isDonut": false, "legendPosition": "right" }, - "title": "New users by shell", + "title": "New users by shell ECS", "type": "pie" } }, - "id": "e121b140-fa78-11e6-a1df-a78bd7504d38", + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -274,8 +274,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users by home directory [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users by home directory [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -329,11 +329,11 @@ "isDonut": false, "legendPosition": "right" }, - "title": "New users by home directory", + "title": "New users by home directory ECS", "type": "pie" } }, - "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38", + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -345,8 +345,8 @@ "filter": [] } }, - "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", - "title": "New groups [Filebeat System]", + "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", + "title": "New groups [Filebeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -383,7 +383,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.auth.groupadd.gid", + "field": "group.id", "order": "desc", "orderBy": "1", "size": 5 @@ -404,11 +404,11 @@ }, "totalFunc": "sum" }, - "title": "New groups", + "title": "New groups ECS", "type": "table" } }, - "id": "12667040-fa80-11e6-a1df-a78bd7504d38", + "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -420,8 +420,8 @@ "filter": [] } }, - "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", - "title": "New groups over time [Filebeat System]", + "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", + "title": "New groups over time [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -471,11 +471,11 @@ "setYExtents": false, "times": [] }, - "title": "New groups over time", + "title": "New groups over time ECS", "type": "histogram" } }, - "id": "346bb290-fa80-11e6-a1df-a78bd7504d38", + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -485,20 +485,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -506,7 +506,7 @@ "attributes": { "columns": [ "system.auth.useradd.name", - "system.auth.useradd.uid", + "user.id", "system.auth.useradd.gid", "system.auth.useradd.home", "system.auth.useradd.shell" @@ -530,10 +530,10 @@ "@timestamp", "desc" ], - "title": "useradd logs [Filebeat System]", + "title": "useradd logs [Filebeat System] ECS", "version": 1 }, - "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", "type": "search", "version": 2 }, @@ -541,7 +541,7 @@ "attributes": { "columns": [ "system.auth.groupadd.name", - "system.auth.groupadd.gid" + "group.id" ], "description": "", "hits": 0, @@ -562,10 +562,10 @@ "@timestamp", "desc" ], - "title": "groupadd logs [Filebeat System]", + "title": "groupadd logs [Filebeat System] ECS", "version": 1 }, - "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", + "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", "type": "search", "version": 2 }, @@ -595,7 +595,7 @@ "panelsJSON": [ { "col": 1, - "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab", + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", "panelIndex": 1, "row": 2, "size_x": 6, @@ -604,7 +604,7 @@ }, { "col": 7, - "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab", + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", "panelIndex": 2, "row": 2, "size_x": 6, @@ -613,7 +613,7 @@ }, { "col": 1, - "id": "e121b140-fa78-11e6-a1df-a78bd7504d38", + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 3, "row": 5, "size_x": 6, @@ -622,7 +622,7 @@ }, { "col": 7, - "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38", + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 4, "row": 5, "size_x": 6, @@ -631,7 +631,7 @@ }, { "col": 1, - "id": "12667040-fa80-11e6-a1df-a78bd7504d38", + "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 5, "row": 8, "size_x": 6, @@ -640,7 +640,7 @@ }, { "col": 7, - "id": "346bb290-fa80-11e6-a1df-a78bd7504d38", + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 6, "row": 8, "size_x": 6, @@ -649,7 +649,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 7, "row": 1, "size_x": 12, @@ -658,7 +658,7 @@ } ], "timeRestore": false, - "title": "[Filebeat System] New users and groups", + "title": "[Filebeat System] New users and groups ECS", "uiStateJSON": { "P-1": { "vis": { @@ -683,7 +683,7 @@ }, "version": 1 }, - "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab", + "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json index c310967d41c5..0a7b456771ce 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json @@ -11,12 +11,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "system.auth.ssh.event:Accepted" + "query": "event.action:Accepted" } } } }, - "title": "Successful SSH logins [Filebeat System]", + "title": "Successful SSH logins [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -76,11 +76,11 @@ "setYExtents": false, "times": [] }, - "title": "Successful SSH logins", + "title": "Successful SSH logins ECS", "type": "histogram" } }, - "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a", + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", "type": "visualization", "version": 2 }, @@ -94,7 +94,7 @@ "index": "filebeat-*" } }, - "title": "SSH login attempts [Filebeat System]", + "title": "SSH login attempts [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -131,7 +131,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.auth.ssh.event", + "field": "event.action", "order": "desc", "orderBy": "1", "size": 5 @@ -152,11 +152,11 @@ "setYExtents": false, "times": [] }, - "title": "SSH login attempts", + "title": "SSH login attempts ECS", "type": "histogram" } }, - "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a", + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", "type": "visualization", "version": 2 }, @@ -171,12 +171,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid" + "query": "event.action:Failed OR event.action:Invalid" } } } }, - "title": "SSH users of failed login attempts [Filebeat System]", + "title": "SSH users of failed login attempts [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -208,11 +208,11 @@ "orientation": "single", "scale": "linear" }, - "title": "SSH users of failed login attempts", + "title": "SSH users of failed login attempts ECS", "type": "tagcloud" } }, - "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a", + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", "type": "visualization", "version": 2 }, @@ -227,12 +227,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid" + "query": "event.action:Failed OR event.action:Invalid" } } } }, - "title": "SSH failed login attempts source locations [Filebeat System]", + "title": "SSH failed login attempts source locations [Filebeat System] ECS", "uiStateJSON": { "mapCenter": [ 17.602139123350838, @@ -255,7 +255,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "system.auth.ssh.geoip.location", + "field": "source.geo.location", "precision": 2 }, "schema": "segment", @@ -291,22 +291,22 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "SSH failed login attempts source locations", + "title": "SSH failed login attempts source locations ECS", "type": "tile_map" } }, - "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d", + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "system.auth.ssh.event", + "event.action", "system.auth.ssh.method", "system.auth.user", - "system.auth.ssh.ip", - "system.auth.ssh.geoip.country_iso_code" + "source.ip", + "source.geo.country_iso_code" ], "description": "", "hits": 0, @@ -327,10 +327,10 @@ "@timestamp", "desc" ], - "title": "SSH login attempts [Filebeat System]", + "title": "SSH login attempts [Filebeat System] ECS", "version": 1 }, - "id": "62439dc0-f9c9-11e6-a747-6121780e0414", + "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", "type": "search", "version": 2 }, @@ -340,20 +340,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -383,7 +383,7 @@ "panelsJSON": [ { "col": 1, - "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a", + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", "panelIndex": 1, "row": 5, "size_x": 12, @@ -392,7 +392,7 @@ }, { "col": 1, - "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a", + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", "panelIndex": 2, "row": 2, "size_x": 12, @@ -401,7 +401,7 @@ }, { "col": 1, - "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a", + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", "panelIndex": 3, "row": 8, "size_x": 6, @@ -410,7 +410,7 @@ }, { "col": 7, - "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d", + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", "panelIndex": 4, "row": 8, "size_x": 6, @@ -420,13 +420,13 @@ { "col": 1, "columns": [ - "system.auth.ssh.event", + "event.action", "system.auth.ssh.method", "system.auth.user", - "system.auth.ssh.ip", - "system.auth.ssh.geoip.country_iso_code" + "source.ip", + "source.geo.country_iso_code" ], - "id": "62439dc0-f9c9-11e6-a747-6121780e0414", + "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", "panelIndex": 5, "row": 12, "size_x": 12, @@ -439,7 +439,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 6, "row": 1, "size_x": 12, @@ -448,7 +448,7 @@ } ], "timeRestore": false, - "title": "[Filebeat System] SSH login attempts", + "title": "[Filebeat System] SSH login attempts ECS", "uiStateJSON": { "P-4": { "mapBounds": { @@ -481,7 +481,7 @@ }, "version": 1 }, - "id": "5517a150-f9ce-11e6-8115-a7c18106d86a", + "id": "5517a150-f9ce-11e6-8115-a7c18106d86a-ecs", "type": "dashboard", "version": 7 } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json index 24d995932df3..cd137b4c4102 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Syslog-system-logs", - "title": "Syslog events by hostname [Filebeat System]", + "savedSearchId": "Syslog-system-logs-ecs", + "title": "Syslog events by hostname [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -38,7 +38,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.syslog.hostname", + "field": "host.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -61,11 +61,11 @@ "times": [], "yAxis": {} }, - "title": "Syslog events by hostname", + "title": "Syslog events by hostname ECS", "type": "histogram" } }, - "id": "Syslog-events-by-hostname", + "id": "Syslog-events-by-hostname-ecs", "type": "visualization", "version": 2 }, @@ -77,8 +77,8 @@ "filter": [] } }, - "savedSearchId": "Syslog-system-logs", - "title": "Syslog hostnames and processes [Filebeat System]", + "savedSearchId": "Syslog-system-logs-ecs", + "title": "Syslog hostnames and processes [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -94,7 +94,7 @@ "enabled": true, "id": "2", "params": { - "field": "system.syslog.hostname", + "field": "host.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -106,7 +106,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.syslog.program", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -123,20 +123,20 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Syslog hostnames and processes", + "title": "Syslog hostnames and processes ECS", "type": "pie" } }, - "id": "Syslog-hostnames-and-processes", + "id": "Syslog-hostnames-and-processes-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "system.syslog.hostname", - "system.syslog.program", - "system.syslog.message" + "host.hostname", + "process.name", + "message" ], "description": "", "hits": 0, @@ -170,10 +170,10 @@ "@timestamp", "desc" ], - "title": "Syslog logs [Filebeat System]", + "title": "Syslog logs [Filebeat System] ECS", "version": 1 }, - "id": "Syslog-system-logs", + "id": "Syslog-system-logs-ecs", "type": "search", "version": 2 }, @@ -183,20 +183,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -226,7 +226,7 @@ "panelsJSON": [ { "col": 1, - "id": "Syslog-events-by-hostname", + "id": "Syslog-events-by-hostname-ecs", "panelIndex": 1, "row": 2, "size_x": 8, @@ -235,7 +235,7 @@ }, { "col": 9, - "id": "Syslog-hostnames-and-processes", + "id": "Syslog-hostnames-and-processes-ecs", "panelIndex": 2, "row": 2, "size_x": 4, @@ -245,11 +245,11 @@ { "col": 1, "columns": [ - "system.syslog.hostname", - "system.syslog.program", - "system.syslog.message" + "host.hostname", + "process.name", + "message" ], - "id": "Syslog-system-logs", + "id": "Syslog-system-logs-ecs", "panelIndex": 3, "row": 6, "size_x": 12, @@ -262,7 +262,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 4, "row": 1, "size_x": 12, @@ -271,11 +271,11 @@ } ], "timeRestore": false, - "title": "[Filebeat System] Syslog dashboard", + "title": "[Filebeat System] Syslog dashboard ECS", "uiStateJSON": {}, "version": 1 }, - "id": "Filebeat-syslog-dashboard", + "id": "Filebeat-syslog-dashboard-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json index 720432226601..3458afcc0861 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json @@ -15,7 +15,7 @@ } } }, - "title": "Browsers breakdown [Filebeat Traefik]", + "title": "Browsers breakdown [Filebeat Traefik] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -31,7 +31,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -43,7 +43,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.user_agent.major", + "field": "user_agent.major", "order": "desc", "orderBy": "1", "size": 5 @@ -60,11 +60,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Traefik Access Browsers", + "title": "Traefik Access Browsers ECS", "type": "pie" } }, - "id": "Traefik-Access-Browsers", + "id": "Traefik-Access-Browsers-ecs", "type": "visualization", "version": 2 }, @@ -83,7 +83,7 @@ } } }, - "title": "Operating systems breakdown [Filebeat Traefik]", + "title": "Operating systems breakdown [Filebeat Traefik] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -99,7 +99,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 @@ -128,11 +128,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Traefik Access OSes", + "title": "Traefik Access OSes ECS", "type": "pie" } }, - "id": "Traefik-Access-OSes", + "id": "Traefik-Access-OSes-ecs", "type": "visualization", "version": 2 }, @@ -144,8 +144,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Traefik-module", - "title": "Response codes over time [Filebeat Traefik]", + "savedSearchId": "Filebeat-Traefik-module-ecs", + "title": "Response codes over time [Filebeat Traefik] ECS", "uiStateJSON": { "vis": { "colors": { @@ -181,7 +181,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -204,11 +204,11 @@ "times": [], "yAxis": {} }, - "title": "New Visualization", + "title": "New Visualization ECS", "type": "histogram" } }, - "id": "New-Visualization", + "id": "New-Visualization-ecs", "type": "visualization", "version": 2 }, @@ -227,7 +227,7 @@ } } }, - "title": "Response codes by top URLs [Filebeat Traefik]", + "title": "Response codes by top URLs [Filebeat Traefik] ECS", "uiStateJSON": { "vis": { "colors": { @@ -250,7 +250,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "row": false, @@ -263,7 +263,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -280,11 +280,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Traefik Access Response codes by top URLs", + "title": "Traefik Access Response codes by top URLs ECS", "type": "pie" } }, - "id": "Traefik-Access-Response-codes-by-top-URLs", + "id": "Traefik-Access-Response-codes-by-top-URLs-ecs", "type": "visualization", "version": 2 }, @@ -316,7 +316,7 @@ } } }, - "title": "Sent Byte Size [Filebeat Traefik]", + "title": "Sent Byte Size [Filebeat Traefik] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -326,7 +326,7 @@ "id": "1", "params": { "customLabel": "Data sent", - "field": "traefik.access.body_sent.bytes" + "field": "http.response.body.bytes" }, "schema": "metric", "type": "sum" @@ -370,11 +370,11 @@ "times": [], "yAxis": {} }, - "title": "Sent sizes", + "title": "Sent sizes ECS", "type": "line" } }, - "id": "Sent-sizes", + "id": "Sent-sizes-ecs", "type": "visualization", "version": 2 }, @@ -386,8 +386,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Traefik-module", - "title": "Access Map [Filebeat Traefik]", + "savedSearchId": "Filebeat-Traefik-module-ecs", + "title": "Access Map [Filebeat Traefik] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -409,7 +409,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "traefik.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -444,11 +444,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Traefik Access Map", + "title": "Traefik Access Map ECS", "type": "tile_map" } }, - "id": "Traefik-Access-Map", + "id": "Traefik-Access-Map-ecs", "type": "visualization", "version": 2 }, @@ -488,10 +488,10 @@ "@timestamp", "desc" ], - "title": "Traefik logs [Filebeat Traefik]", + "title": "Traefik logs [Filebeat Traefik] ECS", "version": 1 }, - "id": "Filebeat-Traefik-module", + "id": "Filebeat-Traefik-module-ecs", "type": "search", "version": 2 }, @@ -519,7 +519,7 @@ "panelsJSON": [ { "col": 1, - "id": "Traefik-Access-Browsers", + "id": "Traefik-Access-Browsers-ecs", "panelIndex": 3, "row": 10, "size_x": 4, @@ -528,7 +528,7 @@ }, { "col": 5, - "id": "Traefik-Access-OSes", + "id": "Traefik-Access-OSes-ecs", "panelIndex": 4, "row": 10, "size_x": 4, @@ -537,7 +537,7 @@ }, { "col": 1, - "id": "New-Visualization", + "id": "New-Visualization-ecs", "panelIndex": 5, "row": 4, "size_x": 12, @@ -546,7 +546,7 @@ }, { "col": 1, - "id": "Traefik-Access-Response-codes-by-top-URLs", + "id": "Traefik-Access-Response-codes-by-top-URLs-ecs", "panelIndex": 6, "row": 7, "size_x": 12, @@ -555,7 +555,7 @@ }, { "col": 9, - "id": "Sent-sizes", + "id": "Sent-sizes-ecs", "panelIndex": 7, "row": 10, "size_x": 4, @@ -564,7 +564,7 @@ }, { "col": 1, - "id": "Traefik-Access-Map", + "id": "Traefik-Access-Map-ecs", "panelIndex": 8, "row": 1, "size_x": 12, @@ -573,7 +573,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Traefik] Access logs", + "title": "[Filebeat Traefik] Access logs ECS", "uiStateJSON": { "P-4": { "vis": { @@ -589,7 +589,7 @@ }, "version": 1 }, - "id": "Filebeat-Traefik-Dashboard", + "id": "Filebeat-Traefik-Dashboard-ecs", "type": "dashboard", "version": 3 } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json index 89ab54f3918a..51cbb1a2312e 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Remote IP Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Remote IP Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -40,7 +40,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.remote_ip", + "field": "source.address", "order": "desc", "orderBy": "1", "size": 5 @@ -125,11 +125,11 @@ } ] }, - "title": "ML Traefik Access Remote IP Timechart", + "title": "ML Traefik Access Remote IP Timechart ECS", "type": "area" } }, - "id": "ML-Traefik-Access-Remote-IP-Timechart", + "id": "ML-Traefik-Access-Remote-IP-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -141,8 +141,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Response Code Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Response Code Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -178,7 +178,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -201,11 +201,11 @@ "times": [], "yAxis": {} }, - "title": "ML Traefik Access Response Code Timechart", + "title": "ML Traefik Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -215,8 +215,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top Remote IPs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top Remote IPs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -241,7 +241,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.remote_ip", + "field": "source.address", "order": "desc", "orderBy": "1", "size": 5 @@ -262,11 +262,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top Remote IPs Table", + "title": "ML Traefik Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -278,8 +278,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Access Map [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Access Map [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -301,7 +301,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "traefik.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -336,11 +336,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Traefik Access Map", + "title": "ML Traefik Access Map ECS", "type": "tile_map" } }, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -350,8 +350,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top URLs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top URLs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -376,7 +376,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -397,11 +397,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top URLs Table", + "title": "ML Traefik Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -441,10 +441,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Traefik]", + "title": "ML Access Data [Filebeat Traefik] ECS", "version": 1 }, - "id": "ML-Filebeat-Traefik-Access", + "id": "ML-Filebeat-Traefik-Access-ecs", "type": "search", "version": 3 }, @@ -474,7 +474,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Traefik-Access-Remote-IP-Timechart", + "id": "ML-Traefik-Access-Remote-IP-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -483,7 +483,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -492,7 +492,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -501,7 +501,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -510,7 +510,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -519,7 +519,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Traefik] [ML] Remote IP Count Explorer", + "title": "[Filebeat Traefik] [ML] Remote IP Count Explorer ECS", "uiStateJSON": { "P-3": { "vis": { @@ -544,7 +544,7 @@ }, "version": 1 }, - "id": "ML-Traefik-Access-Remote-IP-Count-Explorer", + "id": "ML-Traefik-Access-Remote-IP-Count-Explorer-ecs", "type": "dashboard", "version": 3 } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json index b09a006d89d9..d406a5c90f14 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Unique Count URL Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Unique Count URL Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -16,7 +16,7 @@ "enabled": true, "id": "1", "params": { - "field": "traefik.access.url" + "field": "url.original" }, "schema": "metric", "type": "cardinality" @@ -114,11 +114,11 @@ } ] }, - "title": "ML Traefik Access Unique Count URL Timechart", + "title": "ML Traefik Access Unique Count URL Timechart ECS", "type": "line" } }, - "id": "ML-Traefik-Access-Unique-Count-URL-Timechart", + "id": "ML-Traefik-Access-Unique-Count-URL-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -130,8 +130,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Response Code Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Response Code Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -167,7 +167,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -190,11 +190,11 @@ "times": [], "yAxis": {} }, - "title": "ML Traefik Access Response Code Timechart", + "title": "ML Traefik Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -204,8 +204,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top Remote IPs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top Remote IPs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -230,7 +230,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.remote_ip", + "field": "source.address", "order": "desc", "orderBy": "1", "size": 5 @@ -251,11 +251,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top Remote IPs Table", + "title": "ML Traefik Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -267,8 +267,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Access Map [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Access Map [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -290,7 +290,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "traefik.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -325,11 +325,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Traefik Access Map", + "title": "ML Traefik Access Map ECS", "type": "tile_map" } }, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -339,8 +339,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top URLs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top URLs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -365,7 +365,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -386,11 +386,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top URLs Table", + "title": "ML Traefik Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -430,10 +430,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Traefik]", + "title": "ML Access Data [Filebeat Traefik] ECS", "version": 1 }, - "id": "ML-Filebeat-Traefik-Access", + "id": "ML-Filebeat-Traefik-Access-ecs", "type": "search", "version": 3 }, @@ -463,7 +463,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Traefik-Access-Unique-Count-URL-Timechart", + "id": "ML-Traefik-Access-Unique-Count-URL-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -472,7 +472,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -481,7 +481,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -490,7 +490,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -499,7 +499,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -508,7 +508,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Traefik] [ML] Remote IP URL Explorer", + "title": "[Filebeat Traefik] [ML] Remote IP URL Explorer ECS", "uiStateJSON": { "P-2": { "vis": { @@ -543,7 +543,7 @@ }, "version": 1 }, - "id": "ML-Traefik-Remote-IP-URL-Explorer", + "id": "ML-Traefik-Remote-IP-URL-Explorer-ecs", "type": "dashboard", "version": 4 } diff --git a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json index e25338f9b982..5a07adf9b5a2 100644 --- a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json +++ b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json @@ -58,6 +58,13 @@ "version": "7.0.0" } ], +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD "timeRestore": false, "title": "[Journalbeat] Overview", "version": 1 @@ -85,6 +92,32 @@ ], "type": "dashboard", "updated_at": "2019-02-04T12:25:20.413Z", +======= + "title": "[Journalbeat] Systemd messages 7.x", +======= + "title": "[Journalbeat] Systemd messages", +>>>>>>> checkout again +======= + "title": "[Journalbeat] Systemd messages ECS", +>>>>>>> apply changes to all dashboards +======= + "title": "[Journalbeat] Systemd messages", +>>>>>>> reset dashboards +======= + "title": "[Journalbeat] Systemd messages ECS", +>>>>>>> change all dashboards +======= + "title": "[Journalbeat] Systemd messages", +>>>>>>> reset dashboards +======= + "title": "[Journalbeat] Systemd messages ECS", +>>>>>>> change dashboards + "version": 1 + }, + "id": "aa003e90-e2b9-11e8-9f52-734e93de180d-ecs", + "type": "search", + "updated_at": "2018-11-07T18:19:28.377Z", +>>>>>>> Introduce migration script for data in Kibana files "version": 1 }, { @@ -113,9 +146,16 @@ "@timestamp", "desc" ], - "title": "[Journalbeat] Kernel errors", + "title": "[Journalbeat] Kernel errors ECS", "version": 1 }, +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd", "migrationVersion": { "search": "7.0.0" @@ -127,6 +167,27 @@ "type": "index-pattern" } ], +======= + "id": "5db75310-e2ba-11e8-9f52-734e93de180d-7x", +>>>>>>> Introduce migration script for data in Kibana files +======= + "id": "5db75310-e2ba-11e8-9f52-734e93de180d", +>>>>>>> checkout again +======= + "id": "5db75310-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> apply changes to all dashboards +======= + "id": "5db75310-e2ba-11e8-9f52-734e93de180d", +>>>>>>> reset dashboards +======= + "id": "5db75310-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> change all dashboards +======= + "id": "5db75310-e2ba-11e8-9f52-734e93de180d", +>>>>>>> reset dashboards +======= + "id": "5db75310-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> change dashboards "type": "search", "updated_at": "2019-02-04T12:19:40.092Z", "version": 1 @@ -157,6 +218,13 @@ "@timestamp", "desc" ], +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD "title": "[Journalbeat] Authorization", "version": 1 }, @@ -171,6 +239,48 @@ "type": "index-pattern" } ], +======= + "title": "[Journalbeat] Login authorization 7.x", + "version": 1 + }, + "id": "82408120-e2ba-11e8-9f52-734e93de180d-7x", +>>>>>>> Introduce migration script for data in Kibana files +======= + "title": "[Journalbeat] Login authorization", + "version": 1 + }, + "id": "82408120-e2ba-11e8-9f52-734e93de180d", +>>>>>>> checkout again +======= + "title": "[Journalbeat] Login authorization ECS", + "version": 1 + }, + "id": "82408120-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> apply changes to all dashboards +======= + "title": "[Journalbeat] Login authorization", + "version": 1 + }, + "id": "82408120-e2ba-11e8-9f52-734e93de180d", +>>>>>>> reset dashboards +======= + "title": "[Journalbeat] Login authorization ECS", + "version": 1 + }, + "id": "82408120-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> change all dashboards +======= + "title": "[Journalbeat] Login authorization", + "version": 1 + }, + "id": "82408120-e2ba-11e8-9f52-734e93de180d", +>>>>>>> reset dashboards +======= + "title": "[Journalbeat] Login authorization ECS", + "version": 1 + }, + "id": "82408120-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> change dashboards "type": "search", "updated_at": "2019-02-04T12:20:56.412Z", "version": 1 @@ -200,6 +310,13 @@ "@timestamp", "desc" ], +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD +<<<<<<< HEAD "title": "[Journalbeat] Systemd messages", "version": 1 }, @@ -214,9 +331,82 @@ "type": "index-pattern" } ], +======= + "title": "[Journalbeat] USB and HID messages 7.x", + "version": 1 + }, + "id": "f0232670-e2ba-11e8-9f52-734e93de180d-7x", +>>>>>>> Introduce migration script for data in Kibana files +======= + "title": "[Journalbeat] USB and HID messages", + "version": 1 + }, + "id": "f0232670-e2ba-11e8-9f52-734e93de180d", +>>>>>>> checkout again +======= + "title": "[Journalbeat] USB and HID messages ECS", + "version": 1 + }, + "id": "f0232670-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> apply changes to all dashboards +======= + "title": "[Journalbeat] USB and HID messages", + "version": 1 + }, + "id": "f0232670-e2ba-11e8-9f52-734e93de180d", +>>>>>>> reset dashboards +======= + "title": "[Journalbeat] USB and HID messages ECS", + "version": 1 + }, + "id": "f0232670-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> change all dashboards +======= + "title": "[Journalbeat] USB and HID messages", + "version": 1 + }, + "id": "f0232670-e2ba-11e8-9f52-734e93de180d", +>>>>>>> reset dashboards +======= + "title": "[Journalbeat] USB and HID messages ECS", + "version": 1 + }, + "id": "f0232670-e2ba-11e8-9f52-734e93de180d-ecs", +>>>>>>> change dashboards "type": "search", "updated_at": "2019-02-04T12:22:19.508Z", "version": 1 +<<<<<<< HEAD +======= + }, + { + "attributes": { + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "query": { + "language": "lucene", + "query": "" + } + } + }, + "optionsJSON": { + "darkTheme": false, + "hidePanelTitles": false, + "useMargins": true + }, + "panelsJSON": null, + "timeRestore": false, + "title": "[Journalbeat] Overview ECS", + "version": 1 + }, + "id": "f2de4440-e2b9-11e8-9f52-734e93de180d-ecs", + "type": "dashboard", + "updated_at": "2018-11-07T18:30:18.083Z", + "version": 2 +>>>>>>> Introduce migration script for data in Kibana files } ], "version": "7.0.0" diff --git a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json index c8eecb62d93e..05fd491afe0e 100644 --- a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json +++ b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "CPU usage [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "CPU usage [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -101,11 +101,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - CPU", + "title": "Apache HTTPD - CPU ECS", "type": "line" } }, - "id": "Apache-HTTPD-CPU", + "id": "Apache-HTTPD-CPU-ecs", "type": "visualization", "version": 2 }, @@ -117,8 +117,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Hostname list [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Hostname list [Metricbeat Apache] ECS", "uiStateJSON": { "vis": { "params": { @@ -163,11 +163,11 @@ "direction": null } }, - "title": "Apache HTTPD - Hostname list", + "title": "Apache HTTPD - Hostname list ECS", "type": "table" } }, - "id": "Apache-HTTPD-Hostname-list", + "id": "Apache-HTTPD-Hostname-list-ecs", "type": "visualization", "version": 2 }, @@ -179,8 +179,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Load1/5/15 [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Load1/5/15 [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -255,11 +255,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Load1/5/15", + "title": "Apache HTTPD - Load1/5/15 ECS", "type": "line" } }, - "id": "Apache-HTTPD-Load1-slash-5-slash-15", + "id": "Apache-HTTPD-Load1-slash-5-slash-15-ecs", "type": "visualization", "version": 2 }, @@ -271,8 +271,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Scoreboard [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Scoreboard [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -428,11 +428,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Scoreboard", + "title": "Apache HTTPD - Scoreboard ECS", "type": "line" } }, - "id": "Apache-HTTPD-Scoreboard", + "id": "Apache-HTTPD-Scoreboard-ecs", "type": "visualization", "version": 2 }, @@ -444,8 +444,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Total accesses and kbytes [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Total accesses and kbytes [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -474,11 +474,11 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Apache HTTPD - Total accesses and kbytes", + "title": "Apache HTTPD - Total accesses and kbytes ECS", "type": "metric" } }, - "id": "Apache-HTTPD-Total-accesses-and-kbytes", + "id": "Apache-HTTPD-Total-accesses-and-kbytes-ecs", "type": "visualization", "version": 2 }, @@ -490,8 +490,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Uptime [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Uptime [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -520,11 +520,11 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Apache HTTPD - Uptime", + "title": "Apache HTTPD - Uptime ECS", "type": "metric" } }, - "id": "Apache-HTTPD-Uptime", + "id": "Apache-HTTPD-Uptime-ecs", "type": "visualization", "version": 2 }, @@ -536,8 +536,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Workers [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Workers [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -603,11 +603,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Workers", + "title": "Apache HTTPD - Workers ECS", "type": "line" } }, - "id": "Apache-HTTPD-Workers", + "id": "Apache-HTTPD-Workers-ecs", "type": "visualization", "version": 2 }, @@ -638,7 +638,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module: apache" + "query": "event.module: apache" } } } @@ -647,10 +647,10 @@ "@timestamp", "desc" ], - "title": "Apache HTTPD", + "title": "Apache HTTPD ECS", "version": 1 }, - "id": "Apache-HTTPD", + "id": "Apache-HTTPD-ecs", "type": "search", "version": 1 }, @@ -680,7 +680,7 @@ "panelsJSON": [ { "col": 7, - "id": "Apache-HTTPD-CPU", + "id": "Apache-HTTPD-CPU-ecs", "panelIndex": 1, "row": 10, "size_x": 6, @@ -689,7 +689,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Hostname-list", + "id": "Apache-HTTPD-Hostname-list-ecs", "panelIndex": 2, "row": 1, "size_x": 3, @@ -698,7 +698,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Load1-slash-5-slash-15", + "id": "Apache-HTTPD-Load1-slash-5-slash-15-ecs", "panelIndex": 3, "row": 10, "size_x": 6, @@ -707,7 +707,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Scoreboard", + "id": "Apache-HTTPD-Scoreboard-ecs", "panelIndex": 4, "row": 7, "size_x": 12, @@ -716,7 +716,7 @@ }, { "col": 7, - "id": "Apache-HTTPD-Total-accesses-and-kbytes", + "id": "Apache-HTTPD-Total-accesses-and-kbytes-ecs", "panelIndex": 5, "row": 1, "size_x": 6, @@ -725,7 +725,7 @@ }, { "col": 4, - "id": "Apache-HTTPD-Uptime", + "id": "Apache-HTTPD-Uptime-ecs", "panelIndex": 6, "row": 1, "size_x": 3, @@ -734,7 +734,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Workers", + "id": "Apache-HTTPD-Workers-ecs", "panelIndex": 7, "row": 4, "size_x": 12, @@ -743,7 +743,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Apache] Overview", + "title": "[Metricbeat Apache] Overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -772,7 +772,7 @@ }, "version": 1 }, - "id": "Metricbeat-Apache-HTTPD-server-status", + "id": "Metricbeat-Apache-HTTPD-server-status-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json index 81eddab34221..1d8faa43ed75 100644 --- a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json +++ b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Docker containers [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Docker containers [Metricbeat Docker] ECS", "uiStateJSON": { "vis": { "params": { @@ -28,7 +28,7 @@ "id": "2", "params": { "customLabel": "Name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -81,7 +81,7 @@ "id": "1", "params": { "customLabel": "Number of Containers", - "field": "docker.container.id" + "field": "container.id" }, "schema": "metric", "type": "cardinality" @@ -99,12 +99,12 @@ }, "totalFunc": "sum" }, - "title": "Docker containers [Metricbeat Docker]", + "title": "Docker containers [Metricbeat Docker] ECS", "type": "table" } }, "col": 1, - "id": "Docker-containers", + "id": "Docker-containers-ecs", "panelIndex": 1, "row": 1, "size_x": 7, @@ -120,8 +120,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Number of Containers [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Number of Containers [Metricbeat Docker] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -207,12 +207,12 @@ "handleNoResults": true, "type": "gauge" }, - "title": "Number of Containers [Metricbeat Docker]", + "title": "Number of Containers [Metricbeat Docker] ECS", "type": "metric" } }, "col": 8, - "id": "Docker-Number-of-Containers", + "id": "Docker-Number-of-Containers-ecs", "panelIndex": 2, "row": 1, "size_x": 5, @@ -228,8 +228,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Docker containers per host [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Docker containers per host [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -239,7 +239,7 @@ "id": "1", "params": { "customLabel": "Number of containers", - "field": "docker.container.id" + "field": "container.id" }, "schema": "metric", "type": "cardinality" @@ -249,7 +249,7 @@ "id": "2", "params": { "customLabel": "Hosts", - "field": "beat.hostname", + "field": "agent.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -266,12 +266,12 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Docker containers per host [Metricbeat Docker]", + "title": "Docker containers per host [Metricbeat Docker] ECS", "type": "pie" } }, "col": 8, - "id": "Docker-containers-per-host", + "id": "Docker-containers-per-host-ecs", "panelIndex": 3, "row": 3, "size_x": 2, @@ -287,8 +287,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Docker images and names [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Docker images and names [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -304,7 +304,7 @@ "enabled": true, "id": "2", "params": { - "field": "docker.container.image", + "field": "container.image.name", "order": "desc", "orderBy": "1", "size": 5 @@ -316,7 +316,7 @@ "enabled": true, "id": "3", "params": { - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -333,12 +333,12 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Docker images and names [Metricbeat Docker]", + "title": "Docker images and names [Metricbeat Docker] ECS", "type": "pie" } }, "col": 10, - "id": "Docker-images-and-names", + "id": "Docker-images-and-names-ecs", "panelIndex": 7, "row": 3, "size_x": 3, @@ -369,12 +369,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker AND metricset.name:cpu" + "query": "event.module:docker AND metricset.name:cpu" } } } }, - "title": "CPU usage [Metricbeat Docker]", + "title": "CPU usage [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -410,7 +410,7 @@ "id": "3", "params": { "customLabel": "Container name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1.75", "size": 5 @@ -496,12 +496,12 @@ ], "yAxis": {} }, - "title": "CPU usage [Metricbeat Docker]", + "title": "CPU usage [Metricbeat Docker] ECS", "type": "area" } }, "col": 1, - "id": "Docker-CPU-usage", + "id": "Docker-CPU-usage-ecs", "panelIndex": 4, "row": 6, "size_x": 6, @@ -532,12 +532,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker AND metricset.name:memory" + "query": "event.module:docker AND metricset.name:memory" } } } }, - "title": "Memory usage [Metricbeat Docker]", + "title": "Memory usage [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -570,7 +570,7 @@ "id": "3", "params": { "customLabel": "Container name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -656,12 +656,12 @@ ], "yAxis": {} }, - "title": "Memory usage [Metricbeat Docker]", + "title": "Memory usage [Metricbeat Docker] ECS", "type": "area" } }, "col": 7, - "id": "Docker-memory-usage", + "id": "Docker-memory-usage-ecs", "panelIndex": 5, "row": 6, "size_x": 6, @@ -692,12 +692,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker AND metricset.name:network" + "query": "event.module:docker AND metricset.name:network" } } } }, - "title": "Network IO [Metricbeat Docker]", + "title": "Network IO [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -730,7 +730,7 @@ "id": "3", "params": { "customLabel": "Container name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -826,12 +826,12 @@ ], "yAxis": {} }, - "title": "Network IO [Metricbeat Docker]", + "title": "Network IO [Metricbeat Docker] ECS", "type": "area" } }, "col": 1, - "id": "Docker-Network-IO", + "id": "Docker-Network-IO-ecs", "panelIndex": 6, "row": 9, "size_x": 12, @@ -866,7 +866,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker" + "query": "event.module:docker" } } } @@ -875,10 +875,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat Docker", + "title": "Metricbeat Docker ECS", "version": 1 }, - "id": "Metricbeat-Docker", + "id": "Metricbeat-Docker-ecs", "type": "search", "version": 4 }, @@ -908,7 +908,7 @@ "panelsJSON": [ { "col": 1, - "id": "Docker-containers", + "id": "Docker-containers-ecs", "panelIndex": 1, "row": 1, "size_x": 7, @@ -917,7 +917,7 @@ }, { "col": 8, - "id": "Docker-Number-of-Containers", + "id": "Docker-Number-of-Containers-ecs", "panelIndex": 2, "row": 1, "size_x": 5, @@ -926,7 +926,7 @@ }, { "col": 8, - "id": "Docker-containers-per-host", + "id": "Docker-containers-per-host-ecs", "panelIndex": 3, "row": 3, "size_x": 2, @@ -935,7 +935,7 @@ }, { "col": 10, - "id": "Docker-images-and-names", + "id": "Docker-images-and-names-ecs", "panelIndex": 7, "row": 3, "size_x": 3, @@ -944,7 +944,7 @@ }, { "col": 1, - "id": "Docker-CPU-usage", + "id": "Docker-CPU-usage-ecs", "panelIndex": 4, "row": 6, "size_x": 6, @@ -953,7 +953,7 @@ }, { "col": 7, - "id": "Docker-memory-usage", + "id": "Docker-memory-usage-ecs", "panelIndex": 5, "row": 6, "size_x": 6, @@ -962,7 +962,7 @@ }, { "col": 1, - "id": "Docker-Network-IO", + "id": "Docker-Network-IO-ecs", "panelIndex": 6, "row": 9, "size_x": 12, @@ -971,7 +971,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Docker] Overview", + "title": "[Metricbeat Docker] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -1008,7 +1008,7 @@ }, "version": 1 }, - "id": "AV4REOpp5NkDleZmzKkE", + "id": "AV4REOpp5NkDleZmzKkE-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json index b308511303dd..8761996a3266 100644 --- a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json +++ b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json @@ -17,7 +17,7 @@ } } }, - "title": "Heap Summary [Metricbeat Golang]", + "title": "Heap Summary [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -26,11 +26,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.total\").label(\"System Total Memory\").yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"min:golang.heap.allocations.allocated\").label(\"Bytes Allocated(min)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.allocated\").label(\"Bytes Allocated(max)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.next_gc_limit\").label(\"GC Limit\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.pause.count\").condition(lt,1, null).points().label(\"GC Cycles(count)\").yaxis(2,label=\"Count\")", "interval": "10s" }, - "title": "Heap Summary [Metricbeat Golang]", + "title": "Heap Summary [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "58000780-f529-11e6-844d-b170e2f0a07e", + "id": "58000780-f529-11e6-844d-b170e2f0a07e-ecs", "type": "visualization", "version": 2 }, @@ -51,7 +51,7 @@ } } }, - "title": "Heap [Metricbeat Golang]", + "title": "Heap [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -60,11 +60,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.total\").label(\"Heap Total\").derivative().movingaverage(30).yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.active\").label(\"Heap Inuse\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.allocated\").label(\"Heap Allocated\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.idle\").label(\"Heap Idle\").movingaverage(30)", "interval": "10s" }, - "title": "Heap [Metricbeat Golang]", + "title": "Heap [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "95388680-f52a-11e6-969c-518c48c913e4", + "id": "95388680-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -85,7 +85,7 @@ } } }, - "title": "Objects [Metricbeat Golang]", + "title": "Objects [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -94,11 +94,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.objects\").label(\"Object Count(avg)\").yaxis(1,label=\"Count\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.total\").derivative().label(\"Allocation Rate\").yaxis(2,label=\"Rate\").movingaverage(30)", "interval": "10s" }, - "title": "Objects [Metricbeat Golang]", + "title": "Objects [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "b59a5200-f52a-11e6-969c-518c48c913e4", + "id": "b59a5200-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -119,7 +119,7 @@ } } }, - "title": "System [Metricbeat Golang]", + "title": "System [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -128,11 +128,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.total\").label(\"System Total\").yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.obtained\").label(\"System Obtained\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.stack\").label(\"System Stack\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.released\").label(\"System Released\")", "interval": "10s" }, - "title": "System [Metricbeat Golang]", + "title": "System [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4", + "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -153,7 +153,7 @@ } } }, - "title": "GC count [Metricbeat Golang]", + "title": "GC count [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -162,11 +162,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.count\").label(\"GC Count\").bars().yaxis(label=\"Count\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.total_count\").label(\"GC Rate\").derivative().movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.cpu_fraction\").label(\"CPU Fraction\").yaxis(2,label=\"Fraction\")", "interval": "10s" }, - "title": "GC count [Metricbeat Golang]", + "title": "GC count [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "b046cb80-f52a-11e6-969c-518c48c913e4", + "id": "b046cb80-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -187,7 +187,7 @@ } } }, - "title": "GC durations [Metricbeat Golang]", + "title": "GC durations [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -196,11 +196,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.sum.ns\").bars().label(\"sum of GC Pause durations(ns)\").yaxis(label=\"Durations(ns)\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.total_pause.ns\").derivative().movingaverage(30).label(\"Total GC Pause(ns) Rate\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.max.ns\").label(\"Max GC Pause(ns)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.pause.avg.ns\").label(\"Avg GC Pause(ns)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.count\").condition(lt,1, null).label(\"GC Pause count\").points().yaxis(2,label=\"Count\")", "interval": "10s" }, - "title": "GC durations [Metricbeat Golang]", + "title": "GC durations [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "ab226b50-f52a-11e6-969c-518c48c913e4", + "id": "ab226b50-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -230,7 +230,7 @@ "panelsJSON": [ { "col": 1, - "id": "58000780-f529-11e6-844d-b170e2f0a07e", + "id": "58000780-f529-11e6-844d-b170e2f0a07e-ecs", "panelIndex": 8, "row": 1, "size_x": 12, @@ -239,7 +239,7 @@ }, { "col": 1, - "id": "95388680-f52a-11e6-969c-518c48c913e4", + "id": "95388680-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 9, "row": 4, "size_x": 4, @@ -248,7 +248,7 @@ }, { "col": 9, - "id": "b59a5200-f52a-11e6-969c-518c48c913e4", + "id": "b59a5200-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 10, "row": 4, "size_x": 4, @@ -257,7 +257,7 @@ }, { "col": 5, - "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4", + "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 11, "row": 4, "size_x": 4, @@ -266,7 +266,7 @@ }, { "col": 7, - "id": "b046cb80-f52a-11e6-969c-518c48c913e4", + "id": "b046cb80-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 12, "row": 8, "size_x": 6, @@ -275,7 +275,7 @@ }, { "col": 1, - "id": "ab226b50-f52a-11e6-969c-518c48c913e4", + "id": "ab226b50-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 13, "row": 8, "size_x": 6, @@ -284,11 +284,11 @@ } ], "timeRestore": false, - "title": "[Metricbeat Golang] Overview", + "title": "[Metricbeat Golang] Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "f2dc7320-f519-11e6-a3c9-9d1f7c42b045", + "id": "f2dc7320-f519-11e6-a3c9-9d1f7c42b045-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json index 0f69e3e35b02..8e63c868b7be 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json @@ -29,7 +29,7 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 6, "y": 0 }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -55,7 +55,7 @@ "x": 6, "y": 2 }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" @@ -68,7 +68,7 @@ "x": 9, "y": 0 }, - "id": "40bed190-473b-11e8-bc13-1397384faad3", + "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.2" @@ -81,7 +81,7 @@ "x": 0, "y": 2 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -94,17 +94,17 @@ "x": 0, "y": 4 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Backend", + "title": "[Metricbeat HAProxy] Backend ECS", "version": 1 }, - "id": "9151c900-471d-11e8-bc13-1397384faad3", + "id": "9151c900-471d-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:31:25.838Z", "version": 15 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json index cf576d4d13a4..83f91be2ecd2 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json @@ -29,7 +29,7 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -42,17 +42,17 @@ "x": 6, "y": 0 }, - "id": "86159190-47c5-11e8-bc13-1397384faad3", + "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Frontend", + "title": "[Metricbeat HAProxy] Frontend ECS", "version": 1 }, - "id": "d5878d00-47c5-11e8-bc13-1397384faad3", + "id": "d5878d00-47c5-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:32:51.945Z", "version": 5 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json index d848cca02b85..24a8cd5f4488 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json @@ -29,7 +29,7 @@ "x": 0, "y": 5 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 9, "y": 0 }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -55,7 +55,7 @@ "x": 6, "y": 2 }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" @@ -68,7 +68,7 @@ "x": 6, "y": 0 }, - "id": "40bed190-473b-11e8-bc13-1397384faad3", + "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.2" @@ -81,7 +81,7 @@ "x": 4, "y": 5 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -94,7 +94,7 @@ "x": 8, "y": 5 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" @@ -107,7 +107,7 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.2" @@ -120,17 +120,17 @@ "x": 0, "y": 3 }, - "id": "981d1040-47be-11e8-bc13-1397384faad3", + "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP backend", + "title": "[Metricbeat HAProxy] HTTP backend ECS", "version": 1 }, - "id": "0836a4b0-47bd-11e8-bc13-1397384faad3", + "id": "0836a4b0-47bd-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:33:28.791Z", "version": 6 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json index 3b97ef38e38b..8be2d4cced9d 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json @@ -29,7 +29,7 @@ "x": 6, "y": 3 }, - "id": "86159190-47c5-11e8-bc13-1397384faad3", + "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.2" @@ -55,17 +55,17 @@ "x": 0, "y": 3 }, - "id": "30956d00-47d7-11e8-bc13-1397384faad3", + "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP frontend", + "title": "[Metricbeat HAProxy] HTTP frontend ECS", "version": 1 }, - "id": "e9057ae0-47c5-11e8-bc13-1397384faad3", + "id": "e9057ae0-47c5-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:34:15.954Z", "version": 5 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json index 3e3720581bcc..5d59ab730990 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json @@ -29,7 +29,7 @@ "x": 0, "y": 5 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 6, "y": 3 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" @@ -55,7 +55,7 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.2" @@ -68,7 +68,7 @@ "x": 0, "y": 3 }, - "id": "981d1040-47be-11e8-bc13-1397384faad3", + "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.2" @@ -81,7 +81,7 @@ "x": 6, "y": 0 }, - "id": "72e84b00-47e1-11e8-bc13-1397384faad3", + "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.2" @@ -94,17 +94,17 @@ "x": 6, "y": 5 }, - "id": "976b0910-47e4-11e8-bc13-1397384faad3", + "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP server", + "title": "[Metricbeat HAProxy] HTTP server ECS", "version": 1 }, - "id": "8cc50a50-47e0-11e8-bc13-1397384faad3", + "id": "8cc50a50-47e0-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:34:50.803Z", "version": 9 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json index 4260414b2d13..3a0af4d69f22 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json @@ -29,7 +29,7 @@ "x": 8, "y": 2 }, - "id": "79350d50-47db-11e8-bc13-1397384faad3", + "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "title": "Servers", "type": "visualization", @@ -43,7 +43,7 @@ "x": 4, "y": 2 }, - "id": "8c8f0300-47dc-11e8-bc13-1397384faad3", + "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "title": "Backends", "type": "visualization", @@ -57,7 +57,7 @@ "x": 0, "y": 2 }, - "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3", + "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "title": "Frontends", "type": "visualization", @@ -71,17 +71,17 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Overview", + "title": "[Metricbeat HAProxy] Overview ECS", "version": 1 }, - "id": "4b555c30-47dd-11e8-bc13-1397384faad3", + "id": "4b555c30-47dd-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:31:56.356Z", "version": 3 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json index 11d7504d3e71..0c89814c26ac 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections [Metricbeat HAProxy]", + "title": "Connections [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -86,11 +86,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy connections", + "title": "HAProxy connections ECS", "type": "metrics" } }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-23T20:54:01.082Z", "version": 3 @@ -101,7 +101,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Active servers in backend [Metricbeat HAProxy]", + "title": "Active servers in backend [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -212,11 +212,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "HAProxy active servers in backend", + "title": "HAProxy active servers in backend ECS", "type": "metrics" } }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-23T21:36:57.634Z", "version": 8 @@ -227,7 +227,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections per server [Metricbeat HAProxy]", + "title": "Connections per server [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -240,7 +240,7 @@ "id": "978f2660-4735-11e8-b619-8f82b8185e96" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", "filter": "haproxy.stat.component_type:(2 OR 3)", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", @@ -280,11 +280,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy connections per server", + "title": "HAProxy connections per server ECS", "type": "metrics" } }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:12:35.298Z", "version": 3 @@ -295,7 +295,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Downtime seconds [Metricbeat HAProxy]", + "title": "Downtime seconds [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -354,11 +354,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "HAProxy downtime seconds", + "title": "HAProxy downtime seconds ECS", "type": "metrics" } }, - "id": "40bed190-473b-11e8-bc13-1397384faad3", + "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-23T21:29:04.708Z", "version": 3 @@ -369,7 +369,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average time in queue [Metricbeat HAProxy]", + "title": "Average time in queue [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -408,11 +408,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy average time in queue", + "title": "HAProxy average time in queue ECS", "type": "metrics" } }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T09:27:25.783Z", "version": 1 @@ -423,7 +423,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Traffic volume [Metricbeat HAProxy]", + "title": "Traffic volume [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -496,11 +496,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy traffic volume", + "title": "HAProxy traffic volume ECS", "type": "metrics" } }, - "id": "86159190-47c5-11e8-bc13-1397384faad3", + "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T14:43:27.616Z", "version": 3 @@ -511,7 +511,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "HTTP response codes [Metricbeat HAProxy]", + "title": "HTTP response codes [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -697,11 +697,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy HTTP response codes", + "title": "HAProxy HTTP response codes ECS", "type": "metrics" } }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:31:30.169Z", "version": 4 @@ -712,7 +712,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average response time [Metricbeat HAProxy]", + "title": "Average response time [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -752,11 +752,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy average response time", + "title": "HAProxy average response time ECS", "type": "metrics" } }, - "id": "981d1040-47be-11e8-bc13-1397384faad3", + "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T13:01:49.811Z", "version": 2 @@ -767,7 +767,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Requests [Metricbeat HAProxy]", + "title": "Requests [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -884,11 +884,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy requests", + "title": "HAProxy requests ECS", "type": "metrics" } }, - "id": "30956d00-47d7-11e8-bc13-1397384faad3", + "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T15:50:19.344Z", "version": 1 @@ -899,7 +899,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average connection time [Metricbeat HAProxy]", + "title": "Average connection time [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -963,11 +963,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy average connection time", + "title": "HAProxy average connection time ECS", "type": "metrics" } }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T08:51:34.252Z", "version": 4 @@ -978,7 +978,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Number of server connections [Metricbeat HAProxy]", + "title": "Number of server connections [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1031,11 +1031,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy number of server connections", + "title": "HAProxy number of server connections ECS", "type": "metrics" } }, - "id": "72e84b00-47e1-11e8-bc13-1397384faad3", + "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:05:00.128Z", "version": 2 @@ -1046,7 +1046,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Healthcheck [Metricbeat HAProxy]", + "title": "Healthcheck [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1131,11 +1131,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy healthcheck", + "title": "HAProxy healthcheck ECS", "type": "metrics" } }, - "id": "976b0910-47e4-11e8-bc13-1397384faad3", + "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:49:15.393Z", "version": 5 @@ -1146,7 +1146,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Servers per connection [Metricbeat HAProxy]", + "title": "Servers per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1159,7 +1159,7 @@ "id": "50830800-47d9-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", "filter": "", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "ignore_global_filter": 0, @@ -1199,11 +1199,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy servers per connection", + "title": "HAProxy servers per connection ECS", "type": "metrics" } }, - "id": "79350d50-47db-11e8-bc13-1397384faad3", + "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:11:53.619Z", "version": 7 @@ -1214,7 +1214,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Backends per connection [Metricbeat HAProxy]", + "title": "Backends per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1227,7 +1227,7 @@ "id": "4aeddd40-47dc-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/0836a4b0-47bd-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/0836a4b0-47bd-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1263,11 +1263,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy backends per connection", + "title": "HAProxy backends per connection ECS", "type": "metrics" } }, - "id": "8c8f0300-47dc-11e8-bc13-1397384faad3", + "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T16:46:24.802Z", "version": 2 @@ -1278,7 +1278,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Frontends per connection [Metricbeat HAProxy]", + "title": "Frontends per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1291,7 +1291,7 @@ "id": "b81d8640-47dc-11e8-9a25-99b107967d82" } ], - "drilldown_url": "../app/kibana#/dashboard/e9057ae0-47c5-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/e9057ae0-47c5-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1327,11 +1327,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy frontends per connection", + "title": "HAProxy frontends per connection ECS", "type": "metrics" } }, - "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3", + "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T16:54:16.639Z", "version": 3 diff --git a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json index 26d9a778a348..c86935cd7a43 100644 --- a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json +++ b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka]", + "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -88,11 +88,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka]", + "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f", + "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 9 @@ -103,7 +103,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Controls [Metricbeat Kafka]", + "title": "Kafka Controls [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -143,11 +143,11 @@ "updateFiltersOnChange": true, "useTimeFilter": false }, - "title": "Kafka Controls [Metricbeat Kafka]", + "title": "Kafka Controls [Metricbeat Kafka] ECS", "type": "input_control_vis" } }, - "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f", + "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 10 @@ -158,7 +158,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka]", + "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -222,11 +222,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka]", + "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f", + "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 8 @@ -297,7 +297,7 @@ } } }, - "title": "Kafka Metrics [Metricbeat Kafka]", + "title": "Kafka Metrics [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -371,11 +371,11 @@ }, "type": "metric" }, - "title": "Kafka Metrics [Metricbeat Kafka]", + "title": "Kafka Metrics [Metricbeat Kafka] ECS", "type": "metric" } }, - "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f", + "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 12 @@ -386,7 +386,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Consumer Partition Reassignments [Metricbeat Kafka]", + "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -450,11 +450,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Consumer Partition Reassignments [Metricbeat Kafka]", + "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f", + "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 8 @@ -499,7 +499,7 @@ } } }, - "title": "Consumer Metrics [Metricbeat Kafka]", + "title": "Consumer Metrics [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -543,11 +543,11 @@ }, "type": "metric" }, - "title": "Consumer Metrics [Metricbeat Kafka]", + "title": "Consumer Metrics [Metricbeat Kafka] ECS", "type": "metric" } }, - "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f", + "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 8 @@ -565,7 +565,7 @@ } } }, - "title": "Kafka Consumer Group Clients [Metricbeat Kafka]", + "title": "Kafka Consumer Group Clients [Metricbeat Kafka] ECS", "uiStateJSON": { "vis": { "params": { @@ -652,11 +652,11 @@ }, "totalFunc": "sum" }, - "title": "Kafka Consumer Group Clients [Metricbeat Kafka]", + "title": "Kafka Consumer Group Clients [Metricbeat Kafka] ECS", "type": "table" } }, - "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9", + "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 2 @@ -667,7 +667,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Broker Details [Metricbeat Kafka]", + "title": "Kafka Broker Details [Metricbeat Kafka] ECS", "uiStateJSON": { "table": { "sort": { @@ -778,11 +778,11 @@ "time_field": "@timestamp", "type": "table" }, - "title": "Kafka Broker Details [Metricbeat Kafka]", + "title": "Kafka Broker Details [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9", + "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", "type": "visualization", "updated_at": "2018-10-18T16:28:30.809Z", "version": 6 @@ -793,7 +793,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Topic Details [Metricbeat Kafka]", + "title": "Kafka Topic Details [Metricbeat Kafka] ECS", "uiStateJSON": { "table": { "sort": { @@ -988,11 +988,11 @@ "time_field": "@timestamp", "type": "table" }, - "title": "Kafka Topic Details [Metricbeat Kafka]", + "title": "Kafka Topic Details [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9", + "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", "type": "visualization", "updated_at": "2018-10-18T16:51:33.352Z", "version": 3 @@ -1026,7 +1026,7 @@ "x": 0, "y": 20 }, - "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f", + "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "1", "title": "Kafka Topic & Consumer Offsets", "type": "visualization", @@ -1040,7 +1040,7 @@ "x": 0, "y": 0 }, - "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f", + "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "3", "title": "Kafka Controls", "type": "visualization", @@ -1054,7 +1054,7 @@ "x": 0, "y": 6 }, - "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f", + "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "6", "title": "Consumer Group Lag by Topic", "type": "visualization", @@ -1071,7 +1071,7 @@ "x": 16, "y": 0 }, - "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f", + "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "10", "title": "Kafka Metrics", "type": "visualization", @@ -1086,7 +1086,7 @@ "x": 0, "y": 33 }, - "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f", + "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "12", "title": "Consumer Partition Reassignments", "type": "visualization", @@ -1101,7 +1101,7 @@ "x": 41, "y": 0 }, - "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f", + "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "13", "title": "Consumer Metrics", "type": "visualization", @@ -1126,7 +1126,7 @@ "x": 24, "y": 27 }, - "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9", + "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "14", "title": "Kafka Consumer Group Clients", "type": "visualization", @@ -1141,7 +1141,7 @@ "x": 24, "y": 6 }, - "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9", + "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "15", "title": "Kafka Brokers", "type": "visualization", @@ -1163,7 +1163,7 @@ "x": 24, "y": 16 }, - "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9", + "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "16", "title": "Kafka Topic Details", "type": "visualization", @@ -1171,10 +1171,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat Kafka] Overview", + "title": "[Metricbeat Kafka] Overview ECS", "version": 1 }, - "id": "ea488d90-8e63-11e8-8fa2-3d5f811fbd0f", + "id": "ea488d90-8e63-11e8-8fa2-3d5f811fbd0f-ecs", "type": "dashboard", "updated_at": "2018-10-18T17:11:35.895Z", "version": 23 diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json index 8a1a788513e3..ae02bfe3ea95 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Top clients by number of requests", + "title": "Kubernetes API Server: Top clients by number of requests ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -66,11 +66,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Kubernetes API Server: Top clients by number of requests", + "title": "Kubernetes API Server: Top clients by number of requests ECS", "type": "metrics" } }, - "id": "7cbeb750-5794-11e8-afa2-e9067ea62228", + "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", "type": "visualization", "updated_at": "2018-05-14T18:23:10.501Z", "version": 5 @@ -81,7 +81,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Requests", + "title": "Kubernetes API Server: Requests ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -171,11 +171,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Kubernetes API Server: Requests", + "title": "Kubernetes API Server: Requests ECS", "type": "metrics" } }, - "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228", + "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", "type": "visualization", "updated_at": "2018-05-14T18:21:27.515Z", "version": 4 @@ -186,7 +186,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Top clients by resource", + "title": "Kubernetes API Server: Top clients by resource ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -248,11 +248,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Kubernetes API Server: Top clients by resource", + "title": "Kubernetes API Server: Top clients by resource ECS", "type": "metrics" } }, - "id": "95a7f110-57a2-11e8-afa2-e9067ea62228", + "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", "type": "visualization", "updated_at": "2018-05-14T18:23:50.093Z", "version": 4 @@ -287,7 +287,7 @@ "x": 0, "y": 22 }, - "id": "7cbeb750-5794-11e8-afa2-e9067ea62228", + "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -301,7 +301,7 @@ "x": 0, "y": 0 }, - "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228", + "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", "panelIndex": "3", "type": "visualization", "version": "6.3.0" @@ -315,17 +315,17 @@ "x": 24, "y": 22 }, - "id": "95a7f110-57a2-11e8-afa2-e9067ea62228", + "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", "panelIndex": "4", "type": "visualization", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Metricbeat Kubernetes] API server", + "title": "[Metricbeat Kubernetes] API server ECS", "version": 1 }, - "id": "af7225b0-5794-11e8-afa2-e9067ea62228", + "id": "af7225b0-5794-11e8-afa2-e9067ea62228-ecs", "type": "dashboard", "updated_at": "2018-05-14T18:23:55.202Z", "version": 5 diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json index f4191b01a092..788394b8111c 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json @@ -16,7 +16,7 @@ } } }, - "title": "Available pods per deployment [Metricbeat Kubernetes]", + "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -24,7 +24,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "id": "117fadf0-30df-11e7-8df8-6d3604a72912", "index_pattern": "metricbeat-*", "interval": "auto", @@ -64,11 +64,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Available pods per deployment [Metricbeat Kubernetes]", + "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "022a54c0-2bf5-11e7-859b-f78b612cde28", + "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-11T20:59:01.845Z", "version": 4 @@ -86,7 +86,7 @@ } } }, - "title": "CPU usage by node [Metricbeat Kubernetes]", + "title": "CPU usage by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -105,7 +105,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", + "filter": "event.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -191,11 +191,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "CPU usage by node [Metricbeat Kubernetes]", + "title": "CPU usage by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "44f12b40-2bf4-11e7-859b-f78b612cde28", + "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -213,7 +213,7 @@ } } }, - "title": "Kubernetes - Deployments", + "title": "Kubernetes - Deployments ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -232,7 +232,7 @@ "id": "68cdba10-30e0-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "69765620-30e0-11e7-8df8-6d3604a72912" @@ -272,11 +272,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Deployments", + "title": "Kubernetes - Deployments ECS", "type": "metrics" } }, - "id": "cd059410-2bfb-11e7-859b-f78b612cde28", + "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -294,7 +294,7 @@ } } }, - "title": "Kubernetes - Desired pods", + "title": "Kubernetes - Desired pods ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -313,7 +313,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -356,11 +356,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Desired pods", + "title": "Kubernetes - Desired pods ECS", "type": "metrics" } }, - "id": "e1018b90-2bfb-11e7-859b-f78b612cde28", + "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -381,7 +381,7 @@ } } }, - "title": "Memory usage by node [Metricbeat Kubernetes]", + "title": "Memory usage by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -399,7 +399,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", + "filter": "event.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -488,11 +488,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Memory usage by node [Metricbeat Kubernetes]", + "title": "Memory usage by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "d6564360-2bfc-11e7-859b-f78b612cde28", + "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-04T23:15:29.035Z", "version": 4 @@ -510,7 +510,7 @@ } } }, - "title": "Network in by node [Metricbeat Kubernetes]", + "title": "Network in by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -529,7 +529,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:pod", + "filter": "event.module:kubernetes AND metricset.name:pod", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -583,11 +583,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Network in by node [Metricbeat Kubernetes]", + "title": "Network in by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "16fa4470-2bfd-11e7-859b-f78b612cde28", + "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -605,7 +605,7 @@ } } }, - "title": "Network out by node [Metricbeat Kubernetes]", + "title": "Network out by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -624,7 +624,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:pod", + "filter": "event.module:kubernetes AND metricset.name:pod", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -678,11 +678,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Network out by node [Metricbeat Kubernetes]", + "title": "Network out by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "294546b0-30d6-11e7-8df8-6d3604a72912", + "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -700,7 +700,7 @@ } } }, - "title": "Kubernetes - Nodes", + "title": "Kubernetes - Nodes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -719,7 +719,7 @@ "id": "68cdba10-30e0-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_node", + "filter": "event.module:kubernetes AND metricset.name:state_node", "gauge_color_rules": [ { "id": "69765620-30e0-11e7-8df8-6d3604a72912" @@ -759,11 +759,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Nodes", + "title": "Kubernetes - Nodes ECS", "type": "metrics" } }, - "id": "408fccf0-30d6-11e7-8df8-6d3604a72912", + "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -781,7 +781,7 @@ } } }, - "title": "Top CPU intensive pods [Metricbeat Kubernetes]", + "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -795,7 +795,7 @@ "id": "802104d0-2bfc-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:container", + "filter": "event.module:kubernetes AND metricset.name:container", "id": "5d3692a0-2bfc-11e7-859b-f78b612cde28", "index_pattern": "metricbeat-*", "interval": "auto", @@ -842,11 +842,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top CPU intensive pods [Metricbeat Kubernetes]", + "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "58e644f0-30d6-11e7-8df8-6d3604a72912", + "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -867,7 +867,7 @@ } } }, - "title": "Top memory intensive pods [Metricbeat Kubernetes]", + "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -880,7 +880,7 @@ "id": "802104d0-2bfc-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:container", + "filter": "event.module:kubernetes AND metricset.name:container", "id": "5d3692a0-2bfc-11e7-859b-f78b612cde28", "index_pattern": "metricbeat-*", "interval": "auto", @@ -928,11 +928,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top memory intensive pods [Metricbeat Kubernetes]", + "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "a4c9d360-30df-11e7-8df8-6d3604a72912", + "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-11T21:00:49.028Z", "version": 4 @@ -950,7 +950,7 @@ } } }, - "title": "Kubernetes - Unavailable pods", + "title": "Kubernetes - Unavailable pods ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -969,7 +969,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -1011,11 +1011,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Unavailable pods", + "title": "Kubernetes - Unavailable pods ECS", "type": "metrics" } }, - "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912", + "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -1036,7 +1036,7 @@ } } }, - "title": "Unavailable pods per deployment [Metricbeat Kubernetes]", + "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1044,7 +1044,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "id": "117fadf0-30df-11e7-8df8-6d3604a72912", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1084,11 +1084,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Unavailable pods per deployment [Metricbeat Kubernetes]", + "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912", + "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-11T20:59:18.668Z", "version": 4 @@ -1106,7 +1106,7 @@ } } }, - "title": "Kubernetes - Available pods", + "title": "Kubernetes - Available pods ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1125,7 +1125,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -1169,11 +1169,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Available pods", + "title": "Kubernetes - Available pods ECS", "type": "metrics" } }, - "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3", + "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -1211,7 +1211,7 @@ "x": 6, "y": 0 }, - "id": "022a54c0-2bf5-11e7-859b-f78b612cde28", + "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.2" @@ -1224,7 +1224,7 @@ "x": 0, "y": 6 }, - "id": "44f12b40-2bf4-11e7-859b-f78b612cde28", + "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -1237,7 +1237,7 @@ "x": 3, "y": 0 }, - "id": "cd059410-2bfb-11e7-859b-f78b612cde28", + "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -1250,7 +1250,7 @@ "x": 0, "y": 3 }, - "id": "e1018b90-2bfb-11e7-859b-f78b612cde28", + "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" @@ -1263,7 +1263,7 @@ "x": 6, "y": 6 }, - "id": "d6564360-2bfc-11e7-859b-f78b612cde28", + "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.2" @@ -1276,7 +1276,7 @@ "x": 6, "y": 9 }, - "id": "16fa4470-2bfd-11e7-859b-f78b612cde28", + "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.2" @@ -1289,7 +1289,7 @@ "x": 0, "y": 9 }, - "id": "294546b0-30d6-11e7-8df8-6d3604a72912", + "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "9", "type": "visualization", "version": "6.2.2" @@ -1302,7 +1302,7 @@ "x": 0, "y": 0 }, - "id": "408fccf0-30d6-11e7-8df8-6d3604a72912", + "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.2" @@ -1315,7 +1315,7 @@ "x": 0, "y": 12 }, - "id": "58e644f0-30d6-11e7-8df8-6d3604a72912", + "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.2" @@ -1328,7 +1328,7 @@ "x": 6, "y": 12 }, - "id": "a4c9d360-30df-11e7-8df8-6d3604a72912", + "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", "panelIndex": "12", "type": "visualization", "version": "6.2.2" @@ -1341,7 +1341,7 @@ "x": 4, "y": 3 }, - "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912", + "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", "panelIndex": "13", "type": "visualization", "version": "6.2.2" @@ -1354,7 +1354,7 @@ "x": 6, "y": 3 }, - "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912", + "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", "panelIndex": "14", "type": "visualization", "version": "6.2.2" @@ -1367,17 +1367,17 @@ "x": 2, "y": 3 }, - "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3", + "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", "panelIndex": "15", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat Kubernetes] Overview", + "title": "[Metricbeat Kubernetes] Overview ECS", "version": 1 }, - "id": "AV4RGUqo5NkDleZmzKuZ", + "id": "AV4RGUqo5NkDleZmzKuZ-ecs", "type": "dashboard", "updated_at": "2018-03-11T21:00:58.354Z", "version": 4 diff --git a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json index 3916d588c72e..c7e78a012219 100644 --- a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json +++ b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Hosts [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Hosts [Metricbeat MongoDB] ECS", "uiStateJSON": { "vis": { "params": { @@ -37,7 +37,7 @@ "enabled": true, "id": "2", "params": { - "field": "metricset.host", + "field": "service.address", "order": "desc", "orderBy": "1", "size": 5 @@ -87,11 +87,11 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat MongoDB]", + "title": "Hosts [Metricbeat MongoDB] ECS", "type": "table" } }, - "id": "MongoDB-hosts", + "id": "MongoDB-hosts-ecs", "type": "visualization", "version": 2 }, @@ -103,8 +103,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Engine & Version [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Engine & Version [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -113,7 +113,7 @@ "enabled": true, "id": "1", "params": { - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -136,7 +136,7 @@ "id": "3", "params": { "customLabel": "Version", - "field": "mongodb.status.version", + "field": "service.version", "order": "desc", "orderBy": "1", "size": 5 @@ -153,11 +153,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "Engine & Version [Metricbeat MongoDB]", + "title": "Engine & Version [Metricbeat MongoDB] ECS", "type": "pie" } }, - "id": "MongoDB-Engine-ampersand-Version", + "id": "MongoDB-Engine-ampersand-Version-ecs", "type": "visualization", "version": 2 }, @@ -169,8 +169,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Operation counters [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Operation counters [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -326,11 +326,11 @@ ], "yAxis": {} }, - "title": "Operation counters [Metricbeat MongoDB]", + "title": "Operation counters [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-operation-counters", + "id": "MongoDB-operation-counters-ecs", "type": "visualization", "version": 2 }, @@ -342,8 +342,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Concurrent transactions Read [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Concurrent transactions Read [Metricbeat MongoDB] ECS", "uiStateJSON": { "vis": { "colors": { @@ -466,11 +466,11 @@ ], "yAxis": {} }, - "title": "Concurrent transactions Read [Metricbeat MongoDB]", + "title": "Concurrent transactions Read [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-Concurrent-transactions-Read", + "id": "MongoDB-Concurrent-transactions-Read-ecs", "type": "visualization", "version": 2 }, @@ -482,8 +482,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Concurrent transactions Write [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Concurrent transactions Write [Metricbeat MongoDB] ECS", "uiStateJSON": { "vis": { "colors": { @@ -606,11 +606,11 @@ ], "yAxis": {} }, - "title": "Concurrent transactions Write [Metricbeat MongoDB]", + "title": "Concurrent transactions Write [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-Concurrent-transactions-Write", + "id": "MongoDB-Concurrent-transactions-Write-ecs", "type": "visualization", "version": 2 }, @@ -622,8 +622,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Memory stats [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Memory stats [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -760,11 +760,11 @@ ], "yAxis": {} }, - "title": "Memory stats [Metricbeat MongoDB]", + "title": "Memory stats [Metricbeat MongoDB] ECS", "type": "line" } }, - "id": "MongoDB-memory-stats", + "id": "MongoDB-memory-stats-ecs", "type": "visualization", "version": 2 }, @@ -776,8 +776,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Asserts [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Asserts [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -923,11 +923,11 @@ ], "yAxis": {} }, - "title": "Asserts [Metricbeat MongoDB]", + "title": "Asserts [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-asserts", + "id": "MongoDB-asserts-ecs", "type": "visualization", "version": 2 }, @@ -939,8 +939,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "WiredTiger Cache [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1066,11 +1066,11 @@ ], "yAxis": {} }, - "title": "WiredTiger Cache [Metricbeat MongoDB]", + "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-WiredTiger-Cache", + "id": "MongoDB-WiredTiger-Cache-ecs", "type": "visualization", "version": 2 }, @@ -1101,7 +1101,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:mongodb" + "query": "event.module:mongodb" } } } @@ -1110,10 +1110,10 @@ "@timestamp", "desc" ], - "title": "MongoDB search", + "title": "MongoDB search ECS", "version": 1 }, - "id": "MongoDB-search", + "id": "MongoDB-search-ecs", "type": "search", "version": 1 }, @@ -1143,7 +1143,7 @@ "panelsJSON": [ { "col": 1, - "id": "MongoDB-hosts", + "id": "MongoDB-hosts-ecs", "panelIndex": 1, "row": 1, "size_x": 8, @@ -1152,7 +1152,7 @@ }, { "col": 9, - "id": "MongoDB-Engine-ampersand-Version", + "id": "MongoDB-Engine-ampersand-Version-ecs", "panelIndex": 4, "row": 1, "size_x": 4, @@ -1161,7 +1161,7 @@ }, { "col": 1, - "id": "MongoDB-operation-counters", + "id": "MongoDB-operation-counters-ecs", "panelIndex": 2, "row": 4, "size_x": 6, @@ -1170,7 +1170,7 @@ }, { "col": 7, - "id": "MongoDB-Concurrent-transactions-Read", + "id": "MongoDB-Concurrent-transactions-Read-ecs", "panelIndex": 6, "row": 4, "size_x": 3, @@ -1179,7 +1179,7 @@ }, { "col": 10, - "id": "MongoDB-Concurrent-transactions-Write", + "id": "MongoDB-Concurrent-transactions-Write-ecs", "panelIndex": 7, "row": 4, "size_x": 3, @@ -1188,7 +1188,7 @@ }, { "col": 1, - "id": "MongoDB-memory-stats", + "id": "MongoDB-memory-stats-ecs", "panelIndex": 5, "row": 10, "size_x": 12, @@ -1197,7 +1197,7 @@ }, { "col": 7, - "id": "MongoDB-asserts", + "id": "MongoDB-asserts-ecs", "panelIndex": 3, "row": 7, "size_x": 6, @@ -1206,7 +1206,7 @@ }, { "col": 1, - "id": "MongoDB-WiredTiger-Cache", + "id": "MongoDB-WiredTiger-Cache-ecs", "panelIndex": 8, "row": 7, "size_x": 6, @@ -1215,7 +1215,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat MongoDB] Overview", + "title": "[Metricbeat MongoDB] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -1230,7 +1230,7 @@ }, "version": 1 }, - "id": "Metricbeat-MongoDB", + "id": "Metricbeat-MongoDB-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json index ae00dabb15d4..93f84529c016 100644 --- a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json +++ b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections rate [Metricbeat MySQL]", + "title": "Connections rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -52,11 +52,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Connections rate [Metricbeat MySQL]", + "title": "Connections rate [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1", + "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -67,7 +67,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Command rates [Metricbeat MySQL]", + "title": "Command rates [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -193,11 +193,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Command rates [Metricbeat MySQL]", + "title": "Command rates [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1", + "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -208,7 +208,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Running threads [Metricbeat MySQL]", + "title": "Running threads [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -248,11 +248,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Running threads [Metricbeat MySQL]", + "title": "Running threads [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1", + "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -263,7 +263,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Opened tables rate [Metricbeat MySQL]", + "title": "Opened tables rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -309,11 +309,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Opened tables rate [Metricbeat MySQL]", + "title": "Opened tables rate [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1", + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 3 @@ -324,7 +324,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Threads created rate [Metricbeat MySQL]", + "title": "Threads created rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -370,11 +370,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Threads created rate [Metricbeat MySQL]", + "title": "Threads created rate [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1", + "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -385,7 +385,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Open files [Metricbeat MySQL]", + "title": "Open files [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -425,11 +425,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Open files [Metricbeat MySQL]", + "title": "Open files [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1", + "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -440,7 +440,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Sent and received bytes rates [Metricbeat MySQL]", + "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -513,11 +513,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Sent and received bytes rates [Metricbeat MySQL]", + "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1", + "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:15:49.714Z", "version": 3 @@ -555,7 +555,7 @@ "x": 0, "y": 3 }, - "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1", + "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.4" @@ -568,7 +568,7 @@ "x": 0, "y": 0 }, - "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1", + "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.4" @@ -581,7 +581,7 @@ "x": 6, "y": 3 }, - "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1", + "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "13", "type": "visualization", "version": "6.2.4" @@ -594,7 +594,7 @@ "x": 0, "y": 6 }, - "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1", + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "14", "type": "visualization", "version": "6.2.4" @@ -607,7 +607,7 @@ "x": 6, "y": 6 }, - "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1", + "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "15", "type": "visualization", "version": "6.2.4" @@ -620,7 +620,7 @@ "x": 6, "y": 9 }, - "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1", + "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "16", "type": "visualization", "version": "6.2.4" @@ -633,17 +633,17 @@ "x": 0, "y": 9 }, - "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1", + "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "17", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Metricbeat MySQL] Overview", + "title": "[Metricbeat MySQL] Overview ECS", "version": 1 }, - "id": "66881e90-0006-11e7-bf7f-c9acc3d3e306", + "id": "66881e90-0006-11e7-bf7f-c9acc3d3e306-ecs", "type": "dashboard", "updated_at": "2018-01-05T09:14:45.934Z", "version": 3 diff --git a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json index 784f6c8a2ab5..da25f98f3186 100644 --- a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json +++ b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Subscriptions Info [Metricbeat NATS]", + "title": "Subscriptions Info [Metricbeat NATS] ECS", "uiStateJSON": { "vis": { "params": { @@ -120,11 +120,11 @@ }, "totalFunc": "sum" }, - "title": "Subscriptions Info [Metricbeat NATS]", + "title": "Subscriptions Info [Metricbeat NATS] ECS", "type": "table" } }, - "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61", + "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:54:30.301Z", "version": 3 @@ -142,7 +142,7 @@ } } }, - "title": "Current Memory Usage [Metricbeat NATS]", + "title": "Current Memory Usage [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -186,11 +186,11 @@ }, "type": "metric" }, - "title": "Current Memory Usage [Metricbeat NATS]", + "title": "Current Memory Usage [Metricbeat NATS] ECS", "type": "metric" } }, - "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61", + "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:56:32.097Z", "version": 4 @@ -208,7 +208,7 @@ } } }, - "title": "Server Uptime [Metricbeat NATS]", + "title": "Server Uptime [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -252,11 +252,11 @@ }, "type": "metric" }, - "title": "Server Uptime [Metricbeat NATS]", + "title": "Server Uptime [Metricbeat NATS] ECS", "type": "metric" } }, - "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:57:04.084Z", "version": 4 @@ -274,7 +274,7 @@ } } }, - "title": "Total Connections [Metricbeat NATS]", + "title": "Total Connections [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -318,11 +318,11 @@ }, "type": "metric" }, - "title": "Total Connections [Metricbeat NATS]", + "title": "Total Connections [Metricbeat NATS] ECS", "type": "metric" } }, - "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:57:32.006Z", "version": 4 @@ -340,7 +340,7 @@ } } }, - "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS]", + "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -507,11 +507,11 @@ } ] }, - "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS]", + "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", "type": "area" } }, - "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61", + "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:53:31.785Z", "version": 3 @@ -529,7 +529,7 @@ } } }, - "title": "Subscription Stats Timeline [Metricbeat NATS]", + "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -714,11 +714,11 @@ } ] }, - "title": "Subscription Stats Timeline [Metricbeat NATS]", + "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61", + "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-23T14:55:04.899Z", "version": 3 @@ -736,7 +736,7 @@ } } }, - "title": "Slow Consumers Timeline [Metricbeat NATS]", + "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -833,11 +833,11 @@ } ] }, - "title": "Slow Consumers Timeline [Metricbeat NATS]", + "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90", + "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", "type": "visualization", "updated_at": "2019-01-23T14:53:57.137Z", "version": 2 @@ -855,7 +855,7 @@ } } }, - "title": "IO Bytes Stats [Metricbeat NATS]", + "title": "IO Bytes Stats [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -974,11 +974,11 @@ } ] }, - "title": "IO Bytes Stats [Metricbeat NATS]", + "title": "IO Bytes Stats [Metricbeat NATS] ECS", "type": "line" } }, - "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90", + "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", "type": "visualization", "updated_at": "2019-01-24T07:48:22.914Z", "version": 4 @@ -996,7 +996,7 @@ } } }, - "title": "Memory Utilization Timeline [Metricbeat NATS]", + "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1093,11 +1093,11 @@ } ] }, - "title": "Memory Utilization Timeline [Metricbeat NATS]", + "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90", + "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", "type": "visualization", "updated_at": "2019-01-24T07:52:55.445Z", "version": 5 @@ -1115,7 +1115,7 @@ } } }, - "title": "IO Messages Stats [Metricbeat NATS]", + "title": "IO Messages Stats [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1234,11 +1234,11 @@ } ] }, - "title": "IO Messages Stats [Metricbeat NATS]", + "title": "IO Messages Stats [Metricbeat NATS] ECS", "type": "line" } }, - "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb", + "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", "type": "visualization", "updated_at": "2019-01-24T07:47:25.774Z", "version": 2 @@ -1256,7 +1256,7 @@ } } }, - "title": "CPU Utilization Timeline [Metricbeat NATS]", + "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1353,11 +1353,11 @@ } ] }, - "title": "CPU Utilization Timeline [Metricbeat NATS]", + "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb", + "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", "type": "visualization", "updated_at": "2019-01-24T07:51:51.767Z", "version": 2 @@ -1375,7 +1375,7 @@ } } }, - "title": "Cache Hit Rate Timeline [Metricbeat NATS]", + "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1472,11 +1472,11 @@ } ] }, - "title": "Cache Hit Rate Timeline [Metricbeat NATS]", + "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb", + "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", "type": "visualization", "updated_at": "2019-01-23T14:57:20.994Z", "version": 2 @@ -1511,7 +1511,7 @@ "x": 0, "y": 45 }, - "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61", + "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "6", "type": "visualization", "version": "6.5.4" @@ -1525,7 +1525,7 @@ "x": 24, "y": 34 }, - "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61", + "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "7", "type": "visualization", "version": "6.5.4" @@ -1539,7 +1539,7 @@ "x": 37, "y": 34 }, - "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "8", "type": "visualization", "version": "6.5.4" @@ -1553,7 +1553,7 @@ "x": 24, "y": 41 }, - "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "9", "type": "visualization", "version": "6.5.4" @@ -1567,7 +1567,7 @@ "x": 0, "y": 34 }, - "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61", + "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "11", "type": "visualization", "version": "6.5.4" @@ -1581,7 +1581,7 @@ "x": 15, "y": 0 }, - "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61", + "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "12", "type": "visualization", "version": "6.5.4" @@ -1595,7 +1595,7 @@ "x": 0, "y": 0 }, - "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90", + "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "13", "type": "visualization", "version": "6.5.4" @@ -1609,7 +1609,7 @@ "x": 24, "y": 10 }, - "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90", + "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "14", "type": "visualization", "version": "6.5.4" @@ -1627,7 +1627,7 @@ "x": 24, "y": 22 }, - "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90", + "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "15", "type": "visualization", "version": "6.5.4" @@ -1641,7 +1641,7 @@ "x": 0, "y": 10 }, - "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb", + "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "16", "type": "visualization", "version": "6.3.2" @@ -1655,7 +1655,7 @@ "x": 0, "y": 22 }, - "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb", + "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "17", "type": "visualization", "version": "6.3.2" @@ -1669,17 +1669,17 @@ "x": 33, "y": 0 }, - "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb", + "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "18", "type": "visualization", "version": "6.3.2" } ], "timeRestore": false, - "title": "[Metricbeat NATS] Overview", + "title": "[Metricbeat NATS] Overview ECS", "version": 1 }, - "id": "Metricbeat-Nats-Dashboard", + "id": "Metricbeat-Nats-Dashboard-ecs", "type": "dashboard", "updated_at": "2019-01-24T08:13:29.732Z", "version": 4 diff --git a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json index 513738292a0a..6bcb92193532 100644 --- a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json +++ b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Request Rate [Metricbeat Nginx]", + "title": "Request Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -52,11 +52,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Request Rate [Metricbeat Nginx]", + "title": "Request Rate [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129", + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T22:48:58.542Z", "version": 2 @@ -67,7 +67,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Accepts and Handled Rate [Metricbeat Nginx]", + "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -152,11 +152,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Accepts and Handled Rate [Metricbeat Nginx]", + "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129", + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T23:07:23.056Z", "version": 2 @@ -167,7 +167,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Drops Rate [Metricbeat Nginx]", + "title": "Drops Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -213,11 +213,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Drops Rate [Metricbeat Nginx]", + "title": "Drops Rate [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129", + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T22:51:46.375Z", "version": 1 @@ -228,7 +228,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Active connections [Metricbeat Nginx]", + "title": "Active connections [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -267,11 +267,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Active connections [Metricbeat Nginx]", + "title": "Active connections [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129", + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T23:09:55.944Z", "version": 2 @@ -282,7 +282,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx]", + "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -364,11 +364,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx]", + "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129", + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T23:13:23.859Z", "version": 1 @@ -402,7 +402,7 @@ "x": 6, "y": 0 }, - "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129", + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -415,7 +415,7 @@ "x": 6, "y": 3 }, - "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129", + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -428,7 +428,7 @@ "x": 0, "y": 3 }, - "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129", + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -441,7 +441,7 @@ "x": 0, "y": 0 }, - "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129", + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -454,17 +454,17 @@ "x": 0, "y": 6 }, - "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129", + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Metricbeat Nginx] Overview", + "title": "[Metricbeat Nginx] Overview ECS", "version": 1 }, - "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129", + "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs", "type": "dashboard", "updated_at": "2018-01-04T23:14:26.755Z", "version": 1 diff --git a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json index 3b5e1ad38e43..bfc42629f112 100644 --- a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json +++ b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Memory Usage [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Memory Usage [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -70,11 +70,11 @@ "times": [], "yAxis": {} }, - "title": "RabbitMQ Memory Usage", + "title": "RabbitMQ Memory Usage ECS", "type": "line" } }, - "id": "RabbitMQ-Memory-Usage", + "id": "RabbitMQ-Memory-Usage-ecs", "type": "visualization", "version": 2 }, @@ -86,8 +86,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Number of Nodes [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Number of Nodes [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -108,11 +108,11 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Rabbitmq-Number-of-Nodes", + "title": "Rabbitmq-Number-of-Nodes-ecs ECS", "type": "metric" } }, - "id": "Rabbitmq-Number-of-Nodes", + "id": "Rabbitmq-Number-of-Nodes-ecs ECS", "type": "visualization", "version": 2 }, @@ -124,8 +124,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Erlang Process Usage [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Erlang Process Usage [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -185,11 +185,11 @@ "times": [], "yAxis": {} }, - "title": "RabbitMQ Erlang Process Usage", + "title": "RabbitMQ Erlang Process Usage ECS", "type": "line" } }, - "id": "RabbitMQ-Erlang-Process-Usage", + "id": "RabbitMQ-Erlang-Process-Usage-ecs", "type": "visualization", "version": 2 }, @@ -201,8 +201,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Queue Index Operations [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -329,11 +329,11 @@ ], "yAxis": {} }, - "title": "Queue Index Operations [Metricbeat RabbitMQ]", + "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", "type": "line" } }, - "id": "RabbitMQ-Queue-Index-Operations", + "id": "RabbitMQ-Queue-Index-Operations-ecs", "type": "visualization", "version": 2 }, @@ -361,7 +361,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:rabbitmq" + "query": "event.module:rabbitmq" } } } @@ -370,10 +370,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat-Rabbitmq", + "title": "Metricbeat-Rabbitmq-ecs ECS", "version": 1 }, - "id": "Metricbeat-Rabbitmq", + "id": "Metricbeat-Rabbitmq-ecs ECS", "type": "search", "version": 1 }, @@ -403,7 +403,7 @@ "panelsJSON": [ { "col": 1, - "id": "RabbitMQ-Memory-Usage", + "id": "RabbitMQ-Memory-Usage-ecs", "panelIndex": 8, "row": 1, "size_x": 6, @@ -412,7 +412,7 @@ }, { "col": 8, - "id": "Rabbitmq-Number-of-Nodes", + "id": "Rabbitmq-Number-of-Nodes-ecs ECS", "panelIndex": 2, "row": 1, "size_x": 3, @@ -421,7 +421,7 @@ }, { "col": 1, - "id": "RabbitMQ-Erlang-Process-Usage", + "id": "RabbitMQ-Erlang-Process-Usage-ecs", "panelIndex": 10, "row": 4, "size_x": 6, @@ -430,7 +430,7 @@ }, { "col": 7, - "id": "RabbitMQ-Queue-Index-Operations", + "id": "RabbitMQ-Queue-Index-Operations-ecs", "panelIndex": 9, "row": 4, "size_x": 6, @@ -439,7 +439,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat RabbitMQ] Overview", + "title": "[Metricbeat RabbitMQ] Overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -451,7 +451,7 @@ }, "version": 1 }, - "id": "AV4YobKIge1VCbKU_qVo", + "id": "AV4YobKIge1VCbKU_qVo-ecs", "type": "dashboard", "version": 2 } diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json index ccf3508789cc..d39771ae8bfc 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json @@ -12,7 +12,7 @@ } } }, - "title": "Keyspace selector [Redis]", + "title": "Keyspace selector [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -39,11 +39,11 @@ "updateFiltersOnChange": true, "useTimeFilter": false }, - "title": "Keyspace selector [Redis]", + "title": "Keyspace selector [Redis] ECS", "type": "input_control_vis" } }, - "id": "00d39210-050d-11e9-9c60-d582a238e2c5", + "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:19:04.179Z", "version": 5 @@ -88,7 +88,7 @@ } } }, - "title": "Lists length [Redis]", + "title": "Lists length [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -228,11 +228,11 @@ } ] }, - "title": "Lists length [Redis]", + "title": "Lists length [Redis] ECS", "type": "line" } }, - "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5", + "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:22:12.807Z", "version": 4 @@ -250,7 +250,7 @@ } } }, - "title": "Keys by type [Redis]", + "title": "Keys by type [Redis] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -377,11 +377,11 @@ } ] }, - "title": "Keys by type [Redis]", + "title": "Keys by type [Redis] ECS", "type": "line" } }, - "id": "4435ac40-050e-11e9-9c60-d582a238e2c5", + "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:23:46.207Z", "version": 5 @@ -426,7 +426,7 @@ } } }, - "title": "Average string key size [Redis]", + "title": "Average string key size [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -548,11 +548,11 @@ } ] }, - "title": "Average string key size [Redis]", + "title": "Average string key size [Redis] ECS", "type": "line" } }, - "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5", + "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:28:20.970Z", "version": 1 @@ -595,7 +595,7 @@ } } }, - "title": "Average keys TTL [Redis]", + "title": "Average keys TTL [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -734,11 +734,11 @@ } ] }, - "title": "Average keys TTL [Redis]", + "title": "Average keys TTL [Redis] ECS", "type": "line" } }, - "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5", + "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:34:03.597Z", "version": 1 @@ -808,7 +808,7 @@ "x": 0, "y": 0 }, - "id": "00d39210-050d-11e9-9c60-d582a238e2c5", + "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "1", "title": "Keyspace selector", "type": "visualization", @@ -823,7 +823,7 @@ "x": 12, "y": 0 }, - "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5", + "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "2", "title": "Lists length", "type": "visualization", @@ -842,7 +842,7 @@ "x": 0, "y": 5 }, - "id": "4435ac40-050e-11e9-9c60-d582a238e2c5", + "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "3", "title": "Keys by type", "type": "visualization", @@ -857,7 +857,7 @@ "x": 0, "y": 15 }, - "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5", + "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "4", "title": "Average size of string keys", "type": "visualization", @@ -872,7 +872,7 @@ "x": 24, "y": 15 }, - "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5", + "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "5", "title": "Average keys TTL", "type": "visualization", @@ -880,10 +880,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat Redis] Keys", + "title": "[Metricbeat Redis] Keys ECS", "version": 1 }, - "id": "28969190-0511-11e9-9c60-d582a238e2c5", + "id": "28969190-0511-11e9-9c60-d582a238e2c5-ecs", "type": "dashboard", "updated_at": "2018-12-21T11:39:13.143Z", "version": 4 diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json index f244f0cb8532..1efa33513f0f 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Clients [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Clients [Metricbeat Redis] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -75,12 +75,12 @@ "handleNoResults": true, "type": "gauge" }, - "title": "Clients [Metricbeat Redis]", + "title": "Clients [Metricbeat Redis] ECS", "type": "metric" } }, "col": 1, - "id": "Redis-Clients-Metrics", + "id": "Redis-Clients-Metrics-ecs", "panelIndex": 2, "row": 1, "size_x": 3, @@ -96,8 +96,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Connected clients [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Connected clients [Metricbeat Redis] ECS", "uiStateJSON": { "vis": { "colors": { @@ -216,12 +216,12 @@ ], "yAxis": {} }, - "title": "Connected clients [Metricbeat Redis]", + "title": "Connected clients [Metricbeat Redis] ECS", "type": "histogram" } }, "col": 4, - "id": "Redis-Connected-clients", + "id": "Redis-Connected-clients-ecs", "panelIndex": 1, "row": 1, "size_x": 5, @@ -237,8 +237,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Hosts [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Hosts [Metricbeat Redis] ECS", "uiStateJSON": { "vis": { "params": { @@ -256,7 +256,7 @@ "enabled": true, "id": "2", "params": { - "field": "metricset.host", + "field": "service.address", "order": "desc", "orderBy": "1", "size": 5 @@ -279,7 +279,7 @@ "id": "6", "params": { "customLabel": "PID", - "field": "redis.info.server.process_id" + "field": "process.pid" }, "schema": "metric", "type": "max" @@ -327,12 +327,12 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat Redis]", + "title": "Hosts [Metricbeat Redis] ECS", "type": "table" } }, "col": 1, - "id": "Redis-hosts", + "id": "Redis-hosts-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -348,8 +348,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Server Versions [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Server Versions [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -359,7 +359,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -369,7 +369,7 @@ "id": "2", "params": { "customLabel": "Multiplexing API", - "field": "redis.info.server.version", + "field": "service.version", "order": "desc", "orderBy": "1", "size": 5 @@ -386,12 +386,12 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Server Versions [Metricbeat Redis]", + "title": "Server Versions [Metricbeat Redis] ECS", "type": "pie" } }, "col": 1, - "id": "Redis-Server-Versions", + "id": "Redis-Server-Versions-ecs", "panelIndex": 4, "row": 6, "size_x": 4, @@ -407,8 +407,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Server mode [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Server mode [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -418,7 +418,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -445,12 +445,12 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Server mode [Metricbeat Redis]", + "title": "Server mode [Metricbeat Redis] ECS", "type": "pie" } }, "col": 5, - "id": "Redis-server-mode", + "id": "Redis-server-mode-ecs", "panelIndex": 5, "row": 6, "size_x": 4, @@ -466,8 +466,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Multiplexing API [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Multiplexing API [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -477,7 +477,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -504,12 +504,12 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Multiplexing API [Metricbeat Redis]", + "title": "Multiplexing API [Metricbeat Redis] ECS", "type": "pie" } }, "col": 9, - "id": "Redis-multiplexing-API", + "id": "Redis-multiplexing-API-ecs", "panelIndex": 6, "row": 6, "size_x": 3, @@ -525,8 +525,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Keyspaces [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Keyspaces [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -645,12 +645,12 @@ ], "yAxis": {} }, - "title": "Keyspaces [Metricbeat Redis]", + "title": "Keyspaces [Metricbeat Redis] ECS", "type": "area" } }, "col": 9, - "id": "Redis-Keyspaces", + "id": "Redis-Keyspaces-ecs", "panelIndex": 7, "row": 1, "size_x": 4, @@ -685,7 +685,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:redis" + "query": "event.module:redis" } } } @@ -694,10 +694,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat Redis", + "title": "Metricbeat Redis ECS", "version": 1 }, - "id": "Metricbeat-Redis", + "id": "Metricbeat-Redis-ecs", "type": "search", "version": 7 }, @@ -727,7 +727,7 @@ "panelsJSON": [ { "col": 1, - "id": "Redis-Clients-Metrics", + "id": "Redis-Clients-Metrics-ecs", "panelIndex": 2, "row": 1, "size_x": 3, @@ -736,7 +736,7 @@ }, { "col": 4, - "id": "Redis-Connected-clients", + "id": "Redis-Connected-clients-ecs", "panelIndex": 1, "row": 1, "size_x": 5, @@ -745,7 +745,7 @@ }, { "col": 1, - "id": "Redis-hosts", + "id": "Redis-hosts-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -754,7 +754,7 @@ }, { "col": 1, - "id": "Redis-Server-Versions", + "id": "Redis-Server-Versions-ecs", "panelIndex": 4, "row": 6, "size_x": 4, @@ -763,7 +763,7 @@ }, { "col": 5, - "id": "Redis-server-mode", + "id": "Redis-server-mode-ecs", "panelIndex": 5, "row": 6, "size_x": 4, @@ -772,7 +772,7 @@ }, { "col": 9, - "id": "Redis-multiplexing-API", + "id": "Redis-multiplexing-API-ecs", "panelIndex": 6, "row": 6, "size_x": 3, @@ -781,7 +781,7 @@ }, { "col": 9, - "id": "Redis-Keyspaces", + "id": "Redis-Keyspaces-ecs", "panelIndex": 7, "row": 1, "size_x": 4, @@ -790,7 +790,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Redis] Overview", + "title": "[Metricbeat Redis] Overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -817,7 +817,7 @@ }, "version": 1 }, - "id": "AV4YjZ5pux-M-tCAunxK", + "id": "AV4YjZ5pux-M-tCAunxK-ecs", "type": "dashboard", "version": 1 } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json index 411d4b4310d2..af1286660722 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json @@ -18,7 +18,7 @@ } } }, - "title": "Container CPU usage [Metricbeat System]", + "title": "Container CPU usage [Metricbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -90,7 +90,7 @@ "id": "6", "params": { "customLabel": "Process name", - "field": "system.process.name", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -110,11 +110,11 @@ }, "totalFunc": "sum" }, - "title": "Container CPU usage [Metricbeat System]", + "title": "Container CPU usage [Metricbeat System] ECS", "type": "table" } }, - "id": "Container-CPU-usage", + "id": "Container-CPU-usage-ecs", "type": "visualization", "version": 1 }, @@ -135,20 +135,20 @@ } } }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "type": "markdown" } }, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "type": "visualization", "version": 3 }, @@ -170,7 +170,7 @@ } } }, - "title": "Container Memory stats [Metricbeat System]", + "title": "Container Memory stats [Metricbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -272,7 +272,7 @@ "id": "8", "params": { "customLabel": "Process name", - "field": "system.process.name", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -352,11 +352,11 @@ }, "totalFunc": "sum" }, - "title": "Container Memory stats [Metricbeat System]", + "title": "Container Memory stats [Metricbeat System] ECS", "type": "table" } }, - "id": "Container-Memory-stats", + "id": "Container-Memory-stats-ecs", "type": "visualization", "version": 1 }, @@ -378,7 +378,7 @@ } } }, - "title": "Container Block IO [Metricbeat System]", + "title": "Container Block IO [Metricbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -430,7 +430,7 @@ "id": "4", "params": { "customLabel": "Process name", - "field": "system.process.name", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -450,11 +450,11 @@ }, "totalFunc": "sum" }, - "title": "Container Block IO [Metricbeat System]", + "title": "Container Block IO [Metricbeat System] ECS", "type": "table" } }, - "id": "Container-Block-IO", + "id": "Container-Block-IO-ecs", "type": "visualization", "version": 1 }, @@ -484,7 +484,7 @@ "panelsJSON": [ { "col": 1, - "id": "Container-CPU-usage", + "id": "Container-CPU-usage-ecs", "panelIndex": 2, "row": 2, "size_x": 12, @@ -493,7 +493,7 @@ }, { "col": 1, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "panelIndex": 3, "row": 1, "size_x": 12, @@ -502,7 +502,7 @@ }, { "col": 1, - "id": "Container-Memory-stats", + "id": "Container-Memory-stats-ecs", "panelIndex": 4, "row": 5, "size_x": 12, @@ -511,7 +511,7 @@ }, { "col": 1, - "id": "Container-Block-IO", + "id": "Container-Block-IO-ecs", "panelIndex": 5, "row": 8, "size_x": 12, @@ -520,7 +520,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat System] Containers overview", + "title": "[Metricbeat System] Containers overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -555,7 +555,7 @@ }, "version": 1 }, - "id": "CPU-slash-Memory-per-container", + "id": "CPU-slash-Memory-per-container-ecs", "type": "dashboard", "version": 1 } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json index 59c466dd0bad..3094b6247de0 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Network Traffic (Packets) [Metricbeat System]", + "title": "Network Traffic (Packets) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -118,11 +118,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Mericbeat: Network Traffic (Packets)", + "title": "Mericbeat: Network Traffic (Packets) ECS", "type": "metrics" } }, - "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23", + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", "type": "visualization", "version": 1 }, @@ -142,7 +142,7 @@ } } }, - "title": "System Load [Metricbeat System]", + "title": "System Load [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -223,11 +223,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "System Load [Metricbeat System]", + "title": "System Load [Metricbeat System] ECS", "type": "metrics" } }, - "id": "4d546850-1b15-11e7-b09e-037021c4f8df", + "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -244,7 +244,7 @@ } } }, - "title": "Network Traffic (Bytes) [Metricbeat System]", + "title": "Network Traffic (Bytes) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -349,11 +349,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Mericbeat: Network Traffic (Bytes)", + "title": "Mericbeat: Network Traffic (Bytes) ECS", "type": "metrics" } }, - "id": "089b85d0-1b16-11e7-b09e-037021c4f8df", + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -373,7 +373,7 @@ } } }, - "title": "Memory Usage [Metricbeat System]", + "title": "Memory Usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -476,11 +476,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Memory Usage [Metricbeat System]", + "title": "Memory Usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df", + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -500,7 +500,7 @@ } } }, - "title": "Top Processes By CPU [Metricbeat System]", + "title": "Top Processes By CPU [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -541,7 +541,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "system.process.name", + "terms_field": "process.name", "terms_order_by": "5f5b8d52-1b18-11e7-b09e-037021c4f8df" } ], @@ -550,11 +550,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top Processes By CPU [Metricbeat System]", + "title": "Top Processes By CPU [Metricbeat System] ECS", "type": "metrics" } }, - "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df", + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -574,7 +574,7 @@ } } }, - "title": "Processes By Memory [Metricbeat System]", + "title": "Processes By Memory [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -627,7 +627,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "system.process.name", + "terms_field": "process.name", "terms_order_by": "edfceb32-1b18-11e7-b09e-037021c4f8df" } ], @@ -636,11 +636,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Processes By Memory [Metricbeat System]", + "title": "Processes By Memory [Metricbeat System] ECS", "type": "metrics" } }, - "id": "2e224660-1b19-11e7-b09e-037021c4f8df", + "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -660,7 +660,7 @@ } } }, - "title": "CPU Usage [Metricbeat System]", + "title": "CPU Usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -804,11 +804,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "CPU Usage [Metricbeat System]", + "title": "CPU Usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df", + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -828,7 +828,7 @@ } } }, - "title": "Disk IO (Bytes) [Metricbeat System]", + "title": "Disk IO (Bytes) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -921,11 +921,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Disk IO (Bytes) [Metricbeat System]", + "title": "Disk IO (Bytes) [Metricbeat System] ECS", "type": "metrics" } }, - "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df", + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -945,7 +945,7 @@ } } }, - "title": "Load Gauge [Metricbeat System]", + "title": "Load Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -997,11 +997,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Load Gauge [Metricbeat System]", + "title": "Load Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 1 }, @@ -1021,7 +1021,7 @@ } } }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1117,11 +1117,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1141,7 +1141,7 @@ } } }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1205,11 +1205,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1229,7 +1229,7 @@ } } }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1335,11 +1335,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1359,7 +1359,7 @@ } } }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1465,11 +1465,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "type": "visualization", "version": 2 }, @@ -1489,7 +1489,7 @@ } } }, - "title": "Disk Usage [Metricbeat System]", + "title": "Disk Usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1550,11 +1550,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Disk Usage [Metricbeat System]", + "title": "Disk Usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e", + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", "type": "visualization", "version": 1 }, @@ -1575,20 +1575,20 @@ } } }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "type": "markdown" } }, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "type": "visualization", "version": 3 }, @@ -1608,7 +1608,7 @@ } } }, - "title": "Swap usage [Metricbeat System]", + "title": "Swap usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1672,11 +1672,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Swap usage [Metricbeat System]", + "title": "Swap usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec", + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", "type": "visualization", "version": 1 }, @@ -1693,7 +1693,7 @@ } } }, - "title": "Memory usage vs total", + "title": "Memory usage vs total ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1758,11 +1758,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Memory usage vs total", + "title": "Memory usage vs total ECS", "type": "metrics" } }, - "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6", + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", "type": "visualization", "version": 1 }, @@ -1782,7 +1782,7 @@ } } }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1868,11 +1868,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "type": "metrics" } }, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "type": "visualization", "version": 2 }, @@ -1892,7 +1892,7 @@ } } }, - "title": "Packetloss [Metricbeat System]", + "title": "Packetloss [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1957,11 +1957,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Packetloss [Metricbeat System]", + "title": "Packetloss [Metricbeat System] ECS", "type": "metrics" } }, - "id": "96976150-4d5d-11e7-aa29-87a97a796de6", + "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", "type": "visualization", "version": 1 }, @@ -1981,7 +1981,7 @@ } } }, - "title": "Interfaces by Incoming traffic [Metricbeat System]", + "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -2027,11 +2027,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Interfaces by Incoming traffic [Metricbeat System]", + "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "type": "visualization", "version": 1 }, @@ -2051,7 +2051,7 @@ } } }, - "title": "Interfaces by Outgoing traffic [Metricbeat System]", + "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -2097,11 +2097,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Interfaces by Outgoing traffic [Metricbeat System]", + "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "type": "visualization", "version": 1 }, @@ -2120,7 +2120,7 @@ } } }, - "title": "Number of processes [Metricbeat System]", + "title": "Number of processes [Metricbeat System] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -2136,7 +2136,7 @@ "id": "1", "params": { "customLabel": "Processes", - "field": "system.process.pid" + "field": "process.pid" }, "schema": "metric", "type": "cardinality" @@ -2185,11 +2185,11 @@ }, "type": "gauge" }, - "title": "Number of processes", + "title": "Number of processes ECS", "type": "metric" } }, - "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4", + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", "type": "visualization", "version": 1 }, @@ -2199,20 +2199,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Tip [Metricbeat System]", + "title": "Tip [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**TIP:** To select another host, go to the [System Overview](#/dashboard/Metricbeat-system-overview) dashboard and double-click a host name." + "markdown": "**TIP:** To select another host, go to the [System Overview](#/dashboard/Metricbeat-system-overview-ecs) dashboard and double-click a host name." }, - "title": "Tip [Metricbeat System]", + "title": "Tip [Metricbeat System] ECS", "type": "markdown" } }, - "id": "3d65d450-a9c3-11e7-af20-67db8aecb295", + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", "type": "visualization", "version": 2 }, @@ -2226,7 +2226,7 @@ "highlightAll": true, "query": { "language": "lucene", - "query": "beat.name:\"CHANGEME_HOSTNAME\"" + "query": "host.name:\"CHANGEME_HOSTNAME\"" }, "version": true } @@ -2237,7 +2237,7 @@ "panelsJSON": [ { "col": 1, - "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23", + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", "panelIndex": 1, "row": 12, "size_x": 6, @@ -2246,7 +2246,7 @@ }, { "col": 7, - "id": "4d546850-1b15-11e7-b09e-037021c4f8df", + "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", "panelIndex": 2, "row": 6, "size_x": 6, @@ -2255,7 +2255,7 @@ }, { "col": 7, - "id": "089b85d0-1b16-11e7-b09e-037021c4f8df", + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", "panelIndex": 3, "row": 12, "size_x": 6, @@ -2264,7 +2264,7 @@ }, { "col": 1, - "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df", + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", "panelIndex": 4, "row": 9, "size_x": 6, @@ -2273,7 +2273,7 @@ }, { "col": 7, - "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df", + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", "panelIndex": 5, "row": 15, "size_x": 6, @@ -2282,7 +2282,7 @@ }, { "col": 1, - "id": "2e224660-1b19-11e7-b09e-037021c4f8df", + "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", "panelIndex": 6, "row": 15, "size_x": 6, @@ -2291,7 +2291,7 @@ }, { "col": 1, - "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df", + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", "panelIndex": 7, "row": 6, "size_x": 6, @@ -2300,7 +2300,7 @@ }, { "col": 7, - "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df", + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", "panelIndex": 8, "row": 9, "size_x": 6, @@ -2309,7 +2309,7 @@ }, { "col": 5, - "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 9, "row": 2, "size_x": 2, @@ -2318,7 +2318,7 @@ }, { "col": 1, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 10, "row": 2, "size_x": 2, @@ -2327,7 +2327,7 @@ }, { "col": 3, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 11, "row": 2, "size_x": 2, @@ -2336,7 +2336,7 @@ }, { "col": 7, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 12, "row": 2, "size_x": 2, @@ -2345,7 +2345,7 @@ }, { "col": 9, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "panelIndex": 13, "row": 2, "size_x": 2, @@ -2354,7 +2354,7 @@ }, { "col": 9, - "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e", + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", "panelIndex": 14, "row": 4, "size_x": 4, @@ -2363,7 +2363,7 @@ }, { "col": 1, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "panelIndex": 16, "row": 1, "size_x": 6, @@ -2372,7 +2372,7 @@ }, { "col": 1, - "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec", + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", "panelIndex": 21, "row": 4, "size_x": 2, @@ -2381,7 +2381,7 @@ }, { "col": 3, - "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6", + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", "panelIndex": 22, "row": 4, "size_x": 2, @@ -2390,7 +2390,7 @@ }, { "col": 7, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "panelIndex": 23, "row": 4, "size_x": 2, @@ -2399,7 +2399,7 @@ }, { "col": 11, - "id": "96976150-4d5d-11e7-aa29-87a97a796de6", + "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", "panelIndex": 25, "row": 2, "size_x": 2, @@ -2408,7 +2408,7 @@ }, { "col": 1, - "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "panelIndex": 27, "row": 18, "size_x": 6, @@ -2417,7 +2417,7 @@ }, { "col": 7, - "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "panelIndex": 28, "row": 18, "size_x": 6, @@ -2426,7 +2426,7 @@ }, { "col": 5, - "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4", + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", "panelIndex": 29, "row": 4, "size_x": 2, @@ -2435,7 +2435,7 @@ }, { "col": 7, - "id": "3d65d450-a9c3-11e7-af20-67db8aecb295", + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", "panelIndex": 30, "row": 1, "size_x": 6, @@ -2444,7 +2444,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat System] Host overview", + "title": "[Metricbeat System] Host overview ECS", "uiStateJSON": { "P-29": { "vis": { @@ -2456,7 +2456,7 @@ }, "version": 1 }, - "id": "79ffd6e0-faa0-11e6-947f-177f697178b8", + "id": "79ffd6e0-faa0-11e6-947f-177f697178b8-ecs", "type": "dashboard", "version": 12 } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json index 4dc8714925c9..267175eeb06e 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json @@ -17,20 +17,20 @@ } } }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "type": "markdown" } }, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "type": "visualization", "version": 3 }, @@ -52,7 +52,7 @@ } } }, - "title": "Number of hosts [Metricbeat System]", + "title": "Number of hosts [Metricbeat System] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -68,7 +68,7 @@ "id": "1", "params": { "customLabel": "Number of hosts", - "field": "beat.name" + "field": "host.name" }, "schema": "metric", "type": "cardinality" @@ -116,11 +116,11 @@ }, "type": "gauge" }, - "title": "Number of hosts [Metricbeat System]", + "title": "Number of hosts [Metricbeat System] ECS", "type": "metric" } }, - "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9", + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", "type": "visualization", "version": 2 }, @@ -140,7 +140,7 @@ } } }, - "title": "Top Hosts By Memory (Realtime) [Metricbeat System]", + "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -168,7 +168,7 @@ "value": 0.85 } ], - "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8?_a=(query:(query_string:(analyze_wildcard:!t,query:'beat.name:\"{{key}}\"')))", + "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(query_string:(analyze_wildcard:!t,query:'host.name:\"{{key}}\"')))", "filter": "", "id": "31e5afa0-1b1c-11e7-b09e-037021c4f8df", "index_pattern": "metricbeat-*", @@ -193,7 +193,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "beat.name", + "terms_field": "host.name", "terms_order_by": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", "terms_size": "10" } @@ -203,11 +203,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top Hosts By Memory (Realtime) [Metricbeat System]", + "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", "type": "metrics" } }, - "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b", + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -227,7 +227,7 @@ } } }, - "title": "Top Hosts By CPU (Realtime) [Metricbeat System]", + "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -255,7 +255,7 @@ "value": 0.85 } ], - "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8?_a=(query:(query_string:(analyze_wildcard:!t,query:'beat.name:\"{{key}}\"')))", + "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(query_string:(analyze_wildcard:!t,query:'host.name:\"{{key}}\"')))", "filter": "", "id": "31e5afa0-1b1c-11e7-b09e-037021c4f8df", "index_pattern": "metricbeat-*", @@ -280,7 +280,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "beat.name", + "terms_field": "host.name", "terms_order_by": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", "terms_size": "10" } @@ -290,11 +290,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top Hosts By CPU (Realtime) [Metricbeat System]", + "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", "type": "metrics" } }, - "id": "855899e0-1b1c-11e7-b09e-037021c4f8df", + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 2 }, @@ -316,7 +316,7 @@ } } }, - "title": "Hosts histogram by CPU usage [Metricbeat System]", + "title": "Hosts histogram by CPU usage [Metricbeat System] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -358,7 +358,7 @@ "id": "3", "params": { "customLabel": "Hosts", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "1", "size": 20 @@ -397,11 +397,11 @@ } ] }, - "title": "Hosts histogram by CPU usage [Metricbeat System]", + "title": "Hosts histogram by CPU usage [Metricbeat System] ECS", "type": "heatmap" } }, - "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9", + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", "type": "visualization", "version": 1 }, @@ -421,7 +421,7 @@ } } }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -527,11 +527,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -551,7 +551,7 @@ } } }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -657,11 +657,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "type": "visualization", "version": 2 }, @@ -681,7 +681,7 @@ } } }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -767,11 +767,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "type": "metrics" } }, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "type": "visualization", "version": 2 }, @@ -791,7 +791,7 @@ } } }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -855,11 +855,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -879,7 +879,7 @@ } } }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -975,11 +975,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1009,7 +1009,7 @@ "panelsJSON": [ { "col": 1, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "panelIndex": 9, "row": 1, "size_x": 12, @@ -1018,7 +1018,7 @@ }, { "col": 1, - "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9", + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", "panelIndex": 11, "row": 2, "size_x": 2, @@ -1027,7 +1027,7 @@ }, { "col": 7, - "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b", + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 12, "row": 4, "size_x": 6, @@ -1036,7 +1036,7 @@ }, { "col": 1, - "id": "855899e0-1b1c-11e7-b09e-037021c4f8df", + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", "panelIndex": 13, "row": 4, "size_x": 6, @@ -1045,7 +1045,7 @@ }, { "col": 1, - "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9", + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", "panelIndex": 14, "row": 9, "size_x": 12, @@ -1054,7 +1054,7 @@ }, { "col": 9, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 16, "row": 2, "size_x": 2, @@ -1063,7 +1063,7 @@ }, { "col": 11, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "panelIndex": 17, "row": 2, "size_x": 2, @@ -1072,7 +1072,7 @@ }, { "col": 7, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "panelIndex": 18, "row": 2, "size_x": 2, @@ -1081,7 +1081,7 @@ }, { "col": 5, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 19, "row": 2, "size_x": 2, @@ -1090,7 +1090,7 @@ }, { "col": 3, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 20, "row": 2, "size_x": 2, @@ -1099,7 +1099,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat System] Overview", + "title": "[Metricbeat System] Overview ECS", "uiStateJSON": { "P-11": { "vis": { @@ -1149,7 +1149,7 @@ }, "version": 1 }, - "id": "Metricbeat-system-overview", + "id": "Metricbeat-system-overview-ecs", "type": "dashboard", "version": 2 } diff --git a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json index 17b1158e8285..8be3fc93f428 100644 --- a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json +++ b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Overview [Metricbeat uWSGI]", + "title": "Overview [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -14,11 +14,11 @@ "expression": ".es(metric=avg:uwsgi.status.total.requests).derivative().label('Requests').title('Overview of requests per period'),\n.es(metric=avg:uwsgi.status.total.exceptions).derivative().label('Exceptions'),\n.es(metric=max:uwsgi.status.worker.avg_rt).label('Average response time').yaxis(2)", "interval": "15s" }, - "title": "Overview [Metricbeat uWSGI]", + "title": "Overview [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de", + "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -28,7 +28,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Memory usage [Metricbeat uWSGI]", + "title": "Memory usage [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -36,11 +36,11 @@ "expression": ".es(metric=max:uwsgi.status.worker.rss).label('Currently used (rss)').title('Memory usage'),\n.es(metric=max:uwsgi.status.worker.vsz).label('Assigned (vsz)').yaxis(2)", "interval": "15s" }, - "title": "Memory usage [Metricbeat uWSGI]", + "title": "Memory usage [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -50,7 +50,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Workers [Metricbeat uWSGI]", + "title": "Workers [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -58,11 +58,11 @@ "expression": ".es(split=uwsgi.status.core.id:16,metric=max:uwsgi.status.core.requests.total).derivative().bars().title('Requests handled by each thread (core) per period')", "interval": "15s" }, - "title": "Workers [Metricbeat uWSGI]", + "title": "Workers [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de", + "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -72,7 +72,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Errors [Metricbeat uWSGI]", + "title": "Errors [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -80,11 +80,11 @@ "expression": ".es(metric=max:uwsgi.status.total.read_errors).label('Read errors').title('Errors'),\n.es(metric=max:uwsgi.status.total.write_errors).label('Write errors'),\n.es(metric=max:uwsgi.status.worker.harakiri_count).label('Timeouted requests')", "interval": "15s" }, - "title": "Errors [Metricbeat uWSGI]", + "title": "Errors [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -102,7 +102,7 @@ "index": "metricbeat-*", "query": { "language": "lucene", - "query": "metricset.module: uwsgi" + "query": "event.module: uwsgi" }, "version": true } @@ -111,10 +111,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat uWSGI status", + "title": "Metricbeat uWSGI status-ecs ECS", "version": 1 }, - "id": "Metricbeat uWSGI status", + "id": "Metricbeat uWSGI status-ecs ECS", "type": "search", "version": 1 }, @@ -139,7 +139,7 @@ "panelsJSON": [ { "col": 1, - "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de", + "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -148,7 +148,7 @@ }, { "col": 7, - "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -157,7 +157,7 @@ }, { "col": 1, - "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de", + "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -166,7 +166,7 @@ }, { "col": 7, - "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -175,11 +175,11 @@ } ], "timeRestore": false, - "title": "[Metricbeat uWSGI] Overview", + "title": "[Metricbeat uWSGI] Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "32fca290-f0af-11e7-b9ff-9f96241065de", + "id": "32fca290-f0af-11e7-b9ff-9f96241065de-ecs", "type": "dashboard", "version": 1 } diff --git a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json index 576b3702f512..c5d8f012d2f3 100644 --- a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json +++ b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json @@ -13,7 +13,7 @@ } } }, - "title": "Service States [Metricbeat Windows]", + "title": "Service States [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "params": { @@ -59,7 +59,7 @@ "id": "5", "params": { "customLabel": "Host", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "_term", "size": 5 @@ -171,11 +171,11 @@ }, "totalFunc": "sum" }, - "title": "Service States [Metricbeat Windows]", + "title": "Service States [Metricbeat Windows] ECS", "type": "table" } }, - "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b", + "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 1 }, @@ -191,8 +191,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Hosts [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Hosts [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "params": { @@ -221,7 +221,7 @@ "id": "2", "params": { "customLabel": "Host", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "1", "size": 100 @@ -241,11 +241,11 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat Windows]", + "title": "Hosts [Metricbeat Windows] ECS", "type": "table" } }, - "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b", + "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 2 }, @@ -261,8 +261,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Startup States [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Startup States [Metricbeat Windows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -311,11 +311,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Startup States [Metricbeat Windows]", + "title": "Startup States [Metricbeat Windows] ECS", "type": "pie" } }, - "id": "830c45f0-c991-11e7-9835-2f31fe08873b", + "id": "830c45f0-c991-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 2 }, @@ -331,8 +331,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Unique Services [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Unique Services [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -395,11 +395,11 @@ }, "type": "gauge" }, - "title": "Unique Services [Metricbeat Windows]", + "title": "Unique Services [Metricbeat Windows] ECS", "type": "metric" } }, - "id": "35f5ad60-c996-11e7-9835-2f31fe08873b", + "id": "35f5ad60-c996-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 2 }, @@ -485,8 +485,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Non-zero Service Exit Codes [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Non-zero Service Exit Codes [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -549,18 +549,18 @@ }, "type": "gauge" }, - "title": "Non-zero Service Exit Codes [Metricbeat Windows]", + "title": "Non-zero Service Exit Codes [Metricbeat Windows] ECS", "type": "metric" } }, - "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b", + "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "beat.name", + "host.name", "windows.service.display_name", "windows.service.state", "windows.service.start_type", @@ -581,7 +581,7 @@ "alias": null, "disabled": false, "index": "metricbeat-*", - "key": "metricset.module", + "key": "event.module", "negate": false, "params": { "query": "windows", @@ -592,7 +592,7 @@ }, "query": { "match": { - "metricset.module": { + "event.module": { "query": "windows", "type": "phrase" } @@ -639,10 +639,10 @@ "@timestamp", "desc" ], - "title": "Services [Metricbeat Windows]", + "title": "Services [Metricbeat Windows] ECS", "version": 1 }, - "id": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", + "id": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", "type": "search", "version": 2 }, @@ -667,7 +667,7 @@ "panelsJSON": [ { "col": 4, - "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b", + "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b-ecs", "panelIndex": 1, "row": 4, "size_x": 9, @@ -676,7 +676,7 @@ }, { "col": 1, - "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b", + "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b-ecs", "panelIndex": 2, "row": 4, "size_x": 3, @@ -685,7 +685,7 @@ }, { "col": 1, - "id": "830c45f0-c991-11e7-9835-2f31fe08873b", + "id": "830c45f0-c991-11e7-9835-2f31fe08873b-ecs", "panelIndex": 3, "row": 1, "size_x": 4, @@ -694,7 +694,7 @@ }, { "col": 5, - "id": "35f5ad60-c996-11e7-9835-2f31fe08873b", + "id": "35f5ad60-c996-11e7-9835-2f31fe08873b-ecs", "panelIndex": 4, "row": 1, "size_x": 4, @@ -703,7 +703,7 @@ }, { "col": 9, - "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b", + "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b-ecs", "panelIndex": 5, "row": 1, "size_x": 4, @@ -712,7 +712,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Windows] Services", + "title": "[Metricbeat Windows] Services ECS", "uiStateJSON": { "P-1": { "vis": { @@ -751,7 +751,7 @@ }, "version": 1 }, - "id": "d9eba730-c991-11e7-9835-2f31fe08873b", + "id": "d9eba730-c991-11e7-9835-2f31fe08873b-ecs", "type": "dashboard", "version": 6 } diff --git a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json index eae9c76f04ac..b310e8c1aaf2 100644 --- a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json +++ b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json @@ -12,7 +12,7 @@ } } }, - "title": "Approximate data size [Metricbeat Zookeeper]", + "title": "Approximate data size [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -53,11 +53,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Approximate data size [Metricbeat Zookeeper]", + "title": "Approximate data size [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4", + "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:29:19.163Z", "version": 2 @@ -74,7 +74,7 @@ } } }, - "title": "Latency [Metricbeat Zookeeper]", + "title": "Latency [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Latency [Metricbeat Zookeeper]", + "title": "Latency [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4", + "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:29:05.974Z", "version": 2 @@ -136,7 +136,7 @@ } } }, - "title": "Alive Connections [Metricbeat Zookeeper]", + "title": "Alive Connections [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -177,11 +177,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Alive Connections [Metricbeat Zookeeper]", + "title": "Alive Connections [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4", + "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:28:52.034Z", "version": 3 @@ -198,7 +198,7 @@ } } }, - "title": "Used file descriptors [Metricbeat Zookeeper]", + "title": "Used file descriptors [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -285,11 +285,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Used file descriptors [Metricbeat Zookeeper]", + "title": "Used file descriptors [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4", + "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:28:22.583Z", "version": 5 @@ -306,7 +306,7 @@ } } }, - "title": "Packets received / sent [Metricbeat Zookeeper]", + "title": "Packets received / sent [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -386,11 +386,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Packets received / sent [Metricbeat Zookeeper]", + "title": "Packets received / sent [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4", + "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:26:42.583Z", "version": 3 @@ -423,7 +423,7 @@ "x": 0, "y": 15 }, - "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4", + "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "1", "title": "Approximate data size", "type": "visualization", @@ -438,7 +438,7 @@ "x": 15, "y": 15 }, - "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4", + "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "2", "title": "Latency", "type": "visualization", @@ -453,7 +453,7 @@ "x": 32, "y": 15 }, - "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4", + "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "3", "title": "Alive Connections", "type": "visualization", @@ -468,7 +468,7 @@ "x": 23, "y": 0 }, - "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4", + "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "4", "title": "Used file descriptors", "type": "visualization", @@ -483,7 +483,7 @@ "x": 0, "y": 0 }, - "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4", + "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "5", "title": "Packets received / sent", "type": "visualization", @@ -491,10 +491,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat Zookeeper] Overview", + "title": "[Metricbeat Zookeeper] Overview ECS", "version": 1 }, - "id": "467207a0-231e-11e9-bb66-8baac426dfd4", + "id": "467207a0-231e-11e9-bb66-8baac426dfd4-ecs", "type": "dashboard", "updated_at": "2019-01-30T13:34:01.235Z", "version": 6 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json index 44b3958925d8..1e05fc32df66 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json @@ -15,8 +15,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseKeyspace [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseKeyspace [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -61,11 +61,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra ResponseKeyspace", + "title": "Cassandra ResponseKeyspace ECS", "type": "pie" } }, - "id": "Cassandra-ResponseKeyspace", + "id": "Cassandra-ResponseKeyspace-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -85,8 +85,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -119,11 +119,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra ResponseType", + "title": "Cassandra ResponseType ECS", "type": "pie" } }, - "id": "Cassandra-ResponseType", + "id": "Cassandra-ResponseType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -143,8 +143,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseTime [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseTime [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -263,11 +263,11 @@ ], "yAxis": {} }, - "title": "Cassandra ResponseTime [Packetbeat]", + "title": "Cassandra ResponseTime [Packetbeat] ECS", "type": "line" } }, - "id": "Cassandra-ResponseTime", + "id": "Cassandra-ResponseTime-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -287,8 +287,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra RequestCount [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra RequestCount [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -332,11 +332,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCount", + "title": "Cassandra RequestCount ECS", "type": "line" } }, - "id": "Cassandra-RequestCount", + "id": "Cassandra-RequestCount-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -356,8 +356,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra Ops [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra Ops [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -402,11 +402,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra Ops", + "title": "Cassandra Ops ECS", "type": "pie" } }, - "id": "Cassandra-Ops", + "id": "Cassandra-Ops-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -426,8 +426,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra RequestCountStackByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra RequestCountStackByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -479,11 +479,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCountStackByType", + "title": "Cassandra RequestCountStackByType ECS", "type": "histogram" } }, - "id": "Cassandra-RequestCountStackByType", + "id": "Cassandra-RequestCountStackByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -503,8 +503,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseCountStackByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseCountStackByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -556,11 +556,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra ResponseCountStackByType", + "title": "Cassandra ResponseCountStackByType ECS", "type": "histogram" } }, - "id": "Cassandra-ResponseCountStackByType", + "id": "Cassandra-ResponseCountStackByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -580,8 +580,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra RequestCountByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra RequestCountByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -644,11 +644,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCountByType", + "title": "Cassandra RequestCountByType ECS", "type": "line" } }, - "id": "Cassandra-RequestCountByType", + "id": "Cassandra-RequestCountByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -668,8 +668,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseCountByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseCountByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -727,11 +727,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra: ResponseCountByType", + "title": "Cassandra: ResponseCountByType ECS", "type": "line" } }, - "id": "Cassandra-ResponseCountByType", + "id": "Cassandra-ResponseCountByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -753,21 +753,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -869,10 +869,10 @@ "@timestamp", "desc" ], - "title": "Cassandra Query Search [Packetbeat]", + "title": "Cassandra Query Search [Packetbeat] ECS", "version": 1 }, - "id": "Cassandra-QueryView", + "id": "Cassandra-QueryView-ecs", "type": "search", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -927,10 +927,10 @@ "@timestamp", "desc" ], - "title": "Cassandra Search [Packetbeat]", + "title": "Cassandra Search [Packetbeat] ECS", "version": 1 }, - "id": "eaa83e60-190b-11e9-be0d-adde5066235e", + "id": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "type": "search", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -961,7 +961,7 @@ "panelsJSON": [ { "col": 10, - "id": "Cassandra-ResponseKeyspace", + "id": "Cassandra-ResponseKeyspace-ecs", "panelIndex": 3, "row": 3, "size_x": 3, @@ -970,7 +970,7 @@ }, { "col": 7, - "id": "Cassandra-ResponseType", + "id": "Cassandra-ResponseType-ecs", "panelIndex": 4, "row": 3, "size_x": 3, @@ -979,7 +979,7 @@ }, { "col": 1, - "id": "Cassandra-ResponseTime", + "id": "Cassandra-ResponseTime-ecs", "panelIndex": 9, "row": 5, "size_x": 12, @@ -988,7 +988,7 @@ }, { "col": 4, - "id": "Cassandra-RequestCount", + "id": "Cassandra-RequestCount-ecs", "panelIndex": 10, "row": 1, "size_x": 9, @@ -997,7 +997,7 @@ }, { "col": 4, - "id": "Cassandra-Ops", + "id": "Cassandra-Ops-ecs", "panelIndex": 11, "row": 3, "size_x": 3, @@ -1006,7 +1006,7 @@ }, { "col": 1, - "id": "Cassandra-RequestCountStackByType", + "id": "Cassandra-RequestCountStackByType-ecs", "panelIndex": 15, "row": 7, "size_x": 12, @@ -1015,7 +1015,7 @@ }, { "col": 1, - "id": "Cassandra-ResponseCountStackByType", + "id": "Cassandra-ResponseCountStackByType-ecs", "panelIndex": 16, "row": 9, "size_x": 12, @@ -1024,7 +1024,7 @@ }, { "col": 1, - "id": "Cassandra-RequestCountByType", + "id": "Cassandra-RequestCountByType-ecs", "panelIndex": 17, "row": 11, "size_x": 6, @@ -1033,7 +1033,7 @@ }, { "col": 7, - "id": "Cassandra-ResponseCountByType", + "id": "Cassandra-ResponseCountByType-ecs", "panelIndex": 18, "row": 11, "size_x": 6, @@ -1042,7 +1042,7 @@ }, { "col": 1, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": 19, "row": 1, "size_x": 3, @@ -1057,7 +1057,7 @@ "cassandra.response.result.rows.meta.table", "cassandra.response.result.rows.num_rows" ], - "id": "Cassandra-QueryView", + "id": "Cassandra-QueryView-ecs", "panelIndex": 20, "row": 14, "size_x": 12, @@ -1070,7 +1070,7 @@ } ], "timeRestore": false, - "title": "[Packetbeat] Cassandra", + "title": "[Packetbeat] Cassandra ECS", "uiStateJSON": { "P-10": { "vis": { @@ -1090,7 +1090,7 @@ }, "version": 1 }, - "id": "Packetbeat-Cassandra", + "id": "Packetbeat-Cassandra-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json index b273b09b4c3f..07ec987ea889 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Message Types over Time [Packetbeat DHCPv4]", + "title": "Message Types over Time [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -98,11 +98,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Message Types over Time [Packetbeat DHCPv4]", + "title": "Message Types over Time [Packetbeat DHCPv4] ECS", "type": "metrics" } }, - "id": "8460fcd0-8baa-11e8-9676-ef67484126fb", + "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -119,8 +119,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "NAK and Decline Count [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -161,11 +161,11 @@ }, "type": "metric" }, - "title": "NAK and Decline Count [Packetbeat DHCPv4]", + "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "4ad9db20-8bab-11e8-9676-ef67484126fb", + "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -182,8 +182,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Message Types [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Message Types [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -243,11 +243,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Message Types [Packetbeat DHCPv4]", + "title": "Message Types [Packetbeat DHCPv4] ECS", "type": "pie" } }, - "id": "418dfbe0-8bac-11e8-9676-ef67484126fb", + "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -309,10 +309,10 @@ "@timestamp", "desc" ], - "title": "DHCPv4 [Packetbeat]", + "title": "DHCPv4 [Packetbeat] ECS", "version": 1 }, - "id": "b8992150-8ba8-11e8-9676-ef67484126fb", + "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "type": "search", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -329,8 +329,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Transaction Count [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Transaction Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -374,11 +374,11 @@ }, "type": "metric" }, - "title": "Transaction Count [Packetbeat DHCPv4]", + "title": "Transaction Count [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "d0120dc0-8bac-11e8-9676-ef67484126fb", + "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -395,8 +395,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Client Count [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Client Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -440,11 +440,11 @@ }, "type": "metric" }, - "title": "Client Count [Packetbeat DHCPv4]", + "title": "Client Count [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "11d33ea0-8bad-11e8-9676-ef67484126fb", + "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -461,8 +461,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Data Transfer [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Data Transfer [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -516,11 +516,11 @@ }, "type": "metric" }, - "title": "Data Transfer [Packetbeat DHCPv4]", + "title": "Data Transfer [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb", + "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -555,7 +555,7 @@ "x": 0, "y": 7 }, - "id": "8460fcd0-8baa-11e8-9676-ef67484126fb", + "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -569,7 +569,7 @@ "x": 0, "y": 0 }, - "id": "4ad9db20-8bab-11e8-9676-ef67484126fb", + "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", "panelIndex": "2", "type": "visualization", "version": "6.3.0" @@ -583,7 +583,7 @@ "x": 37, "y": 0 }, - "id": "418dfbe0-8bac-11e8-9676-ef67484126fb", + "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", "panelIndex": "3", "type": "visualization", "version": "6.3.0" @@ -597,7 +597,7 @@ "x": 0, "y": 16 }, - "id": "b8992150-8ba8-11e8-9676-ef67484126fb", + "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "panelIndex": "5", "type": "search", "version": "6.3.0" @@ -611,7 +611,7 @@ "x": 8, "y": 0 }, - "id": "d0120dc0-8bac-11e8-9676-ef67484126fb", + "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", "panelIndex": "6", "type": "visualization", "version": "6.3.0" @@ -625,7 +625,7 @@ "x": 16, "y": 0 }, - "id": "11d33ea0-8bad-11e8-9676-ef67484126fb", + "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", "panelIndex": "7", "type": "visualization", "version": "6.3.0" @@ -639,17 +639,17 @@ "x": 24, "y": 0 }, - "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb", + "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", "panelIndex": "8", "type": "visualization", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Packetbeat] DHCPv4", + "title": "[Packetbeat] DHCPv4 ECS", "version": 1 }, - "id": "a7b35890-8baa-11e8-9676-ef67484126fb", + "id": "a7b35890-8baa-11e8-9676-ef67484126fb-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json index 1bd84d87367e..6e7b98a1d17e 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Query Summary [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Query Summary [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -86,11 +86,11 @@ }, "type": "metric" }, - "title": "DNS Query Summary [Packetbeat]", + "title": "DNS Query Summary [Packetbeat] ECS", "type": "metric" } }, - "id": "DNS-Query-Summary", + "id": "DNS-Query-Summary-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -108,8 +108,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Request Status Over Time [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Request Status Over Time [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -237,11 +237,11 @@ ], "yAxis": {} }, - "title": "DNS Request Status Over Time [Packetbeat]", + "title": "DNS Request Status Over Time [Packetbeat] ECS", "type": "area" } }, - "id": "DNS-Request-Status-Over-Time", + "id": "DNS-Request-Status-Over-Time-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -264,8 +264,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Question Types [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Question Types [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -308,11 +308,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "DNS Question Types [Packetbeat]", + "title": "DNS Question Types [Packetbeat] ECS", "type": "pie" } }, - "id": "DNS-Question-Types", + "id": "DNS-Question-Types-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -370,8 +370,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Top 10 Questions [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Top 10 Questions [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -421,11 +421,11 @@ }, "totalFunc": "sum" }, - "title": "DNS Top 10 Questions [Packetbeat]", + "title": "DNS Top 10 Questions [Packetbeat] ECS", "type": "table" } }, - "id": "DNS-Top-10-Questions", + "id": "DNS-Top-10-Questions-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -456,8 +456,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Response Codes [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Response Codes [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -507,11 +507,11 @@ }, "totalFunc": "sum" }, - "title": "DNS Response Codes [Packetbeat]", + "title": "DNS Response Codes [Packetbeat] ECS", "type": "table" } }, - "id": "DNS-Response-Codes", + "id": "DNS-Response-Codes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -528,8 +528,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -683,11 +683,11 @@ } ] }, - "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat]", + "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat] ECS", "type": "area" } }, - "id": "735d25c0-1459-11e9-9de0-f98d1808db8e", + "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -704,8 +704,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Client and Servers Pie Chart [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -765,11 +765,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "DNS Client and Servers Pie Chart [Packetbeat]", + "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", "type": "pie" } }, - "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e", + "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -840,10 +840,10 @@ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat]", + "title": "DNS Protocol [Packetbeat] ECS", "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", "version": 2 @@ -876,7 +876,7 @@ "x": 0, "y": 0 }, - "id": "DNS-Query-Summary", + "id": "DNS-Query-Summary-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -890,7 +890,7 @@ "x": 24, "y": 0 }, - "id": "DNS-Request-Status-Over-Time", + "id": "DNS-Request-Status-Over-Time-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -904,7 +904,7 @@ "x": 0, "y": 15 }, - "id": "DNS-Question-Types", + "id": "DNS-Question-Types-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -918,7 +918,7 @@ "x": 0, "y": 30 }, - "id": "DNS-Top-10-Questions", + "id": "DNS-Top-10-Questions-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -932,7 +932,7 @@ "x": 24, "y": 30 }, - "id": "DNS-Response-Codes", + "id": "DNS-Response-Codes-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -946,7 +946,7 @@ "x": 24, "y": 15 }, - "id": "735d25c0-1459-11e9-9de0-f98d1808db8e", + "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -960,17 +960,17 @@ "x": 13, "y": 15 }, - "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e", + "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] DNS Overview", + "title": "[Packetbeat] DNS Overview ECS", "version": 1 }, - "id": "65120940-1454-11e9-9de0-f98d1808db8e", + "id": "65120940-1454-11e9-9de0-f98d1808db8e-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json index 10fc0e2cf1a8..060b6869a00d 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "Unique FQDNs per eTLD+1", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "Unique FQDNs per eTLD+1 ECS", "uiStateJSON": { "vis": { "colors": { @@ -59,11 +59,11 @@ "times": [], "yAxis": {} }, - "title": "Unique FQDNs per eTLD+1", + "title": "Unique FQDNs per eTLD+1 ECS", "type": "histogram" } }, - "id": "Unique-FQDNs-per-eTLD 1", + "id": "Unique-FQDNs-per-eTLD 1-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -76,8 +76,8 @@ "filter": [] } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "Unique FQDNs per eTLD+1 Table", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "Unique FQDNs per eTLD+1 Table ECS", "uiStateJSON": { "vis": { "params": { @@ -136,11 +136,11 @@ }, "totalFunc": "sum" }, - "title": "Unique FQDNs per eTLD+1 Table", + "title": "Unique FQDNs per eTLD+1 Table ECS", "type": "table" } }, - "id": "Unique-FQDNs-per-eTLD 1-Table", + "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -157,8 +157,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "Bytes Transferred per Domain", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "Bytes Transferred per Domain ECS", "uiStateJSON": { "vis": { "colors": { @@ -294,11 +294,11 @@ ], "yAxis": {} }, - "title": "Bytes Transferred per Domain", + "title": "Bytes Transferred per Domain ECS", "type": "histogram" } }, - "id": "Bytes-Transferred-per-Domain", + "id": "Bytes-Transferred-per-Domain-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -321,7 +321,7 @@ } } }, - "title": "Top Domains by Data Volume", + "title": "Top Domains by Data Volume ECS", "uiStateJSON": { "vis": { "params": { @@ -384,11 +384,11 @@ }, "totalFunc": "sum" }, - "title": "Top Domains by Data Volume", + "title": "Top Domains by Data Volume ECS", "type": "table" } }, - "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d", + "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -459,10 +459,10 @@ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat]", + "title": "DNS Protocol [Packetbeat] ECS", "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", "version": 2 @@ -510,7 +510,7 @@ "x": 0, "y": 0 }, - "id": "Unique-FQDNs-per-eTLD 1", + "id": "Unique-FQDNs-per-eTLD 1-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -533,7 +533,7 @@ "x": 0, "y": 35 }, - "id": "Unique-FQDNs-per-eTLD 1-Table", + "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -551,7 +551,7 @@ "x": 0, "y": 20 }, - "id": "Bytes-Transferred-per-Domain", + "id": "Bytes-Transferred-per-Domain-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -574,17 +574,17 @@ "x": 24, "y": 35 }, - "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d", + "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] DNS Tunneling", + "title": "[Packetbeat] DNS Tunneling ECS", "version": 1 }, - "id": "DNS-Unique-Domains", + "id": "DNS-Unique-Domains-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json index 231114356807..94457a40ee11 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Top Hosts Creating Traffic [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -138,11 +138,11 @@ ], "yAxis": {} }, - "title": "Top Hosts Creating Traffic [Packetbeat Flows]", + "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", "type": "area" } }, - "id": "Top-hosts-creating-traffic", + "id": "Top-hosts-creating-traffic-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -164,21 +164,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -195,8 +195,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Connections over time [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Connections over time [Packetbeat Flows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -304,11 +304,11 @@ ], "yAxis": {} }, - "title": "Connections over time [Packetbeat Flows]", + "title": "Connections over time [Packetbeat Flows] ECS", "type": "area" } }, - "id": "Connections-over-time", + "id": "Connections-over-time-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -325,8 +325,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Top Hosts Receiving Traffic [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -451,11 +451,11 @@ ], "yAxis": {} }, - "title": "Top Hosts Receiving Traffic [Packetbeat Flows]", + "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", "type": "area" } }, - "id": "Top-hosts-receiving-traffic", + "id": "Top-hosts-receiving-traffic-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -472,8 +472,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Network Traffic Between Hosts [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Network Traffic Between Hosts [Packetbeat Flows] ECS", "uiStateJSON": { "vis": { "params": { @@ -553,11 +553,11 @@ }, "totalFunc": "sum" }, - "title": "Network Traffic Between Hosts [Packetbeat Flows]", + "title": "Network Traffic Between Hosts [Packetbeat Flows] ECS", "type": "table" } }, - "id": "Network-traffic-between-your-hosts", + "id": "Network-traffic-between-your-hosts-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -611,10 +611,10 @@ "@timestamp", "desc" ], - "title": "Flows Search [Packetbeat]", + "title": "Flows Search [Packetbeat] ECS", "version": 1 }, - "id": "Packetbeat-Flows-Search", + "id": "Packetbeat-Flows-Search-ecs", "type": "search", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -646,7 +646,7 @@ "x": 0, "y": 25 }, - "id": "Top-hosts-creating-traffic", + "id": "Top-hosts-creating-traffic-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -659,7 +659,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -672,7 +672,7 @@ "x": 12, "y": 0 }, - "id": "Connections-over-time", + "id": "Connections-over-time-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -685,7 +685,7 @@ "x": 24, "y": 25 }, - "id": "Top-hosts-receiving-traffic", + "id": "Top-hosts-receiving-traffic-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -708,17 +708,17 @@ "x": 0, "y": 60 }, - "id": "Network-traffic-between-your-hosts", + "id": "Network-traffic-between-your-hosts-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] Flows", + "title": "[Packetbeat] Flows ECS", "version": 1 }, - "id": "Packetbeat-Flows", + "id": "Packetbeat-Flows-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json index 0f0034d7c69b..ec5b2bd06358 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "HTTP Transactions [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "HTTP Transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ ], "yAxis": {} }, - "title": "HTTP Transactions [Packetbeat]", + "title": "HTTP Transactions [Packetbeat] ECS", "type": "histogram" } }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", "version": 3 @@ -180,7 +180,7 @@ } } }, - "title": "HTTP error codes [Packetbeat]", + "title": "HTTP error codes [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -286,11 +286,11 @@ ], "yAxis": {} }, - "title": "HTTP error codes [Packetbeat]", + "title": "HTTP error codes [Packetbeat] ECS", "type": "histogram" } }, - "id": "HTTP-error-codes", + "id": "HTTP-error-codes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -370,7 +370,7 @@ } } }, - "title": "HTTP error codes evolution [Packetbeat]", + "title": "HTTP error codes evolution [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -497,11 +497,11 @@ ], "yAxis": {} }, - "title": "HTTP error codes evolution [Packetbeat]", + "title": "HTTP error codes evolution [Packetbeat] ECS", "type": "line" } }, - "id": "HTTP-error-codes-evolution", + "id": "HTTP-error-codes-evolution-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -523,21 +523,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -554,8 +554,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "Total number of HTTP transactions [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "Total number of HTTP transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -598,11 +598,11 @@ }, "type": "metric" }, - "title": "Total number of HTTP transactions [Packetbeat]", + "title": "Total number of HTTP transactions [Packetbeat] ECS", "type": "metric" } }, - "id": "Total-number-of-HTTP-transactions", + "id": "Total-number-of-HTTP-transactions-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -619,8 +619,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "HTTP status codes for the top queries [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "HTTP status codes for the top queries [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -682,11 +682,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "HTTP status codes for the top queries [Packetbeat]", + "title": "HTTP status codes for the top queries [Packetbeat] ECS", "type": "pie" } }, - "id": "HTTP-codes-for-the-top-queries", + "id": "HTTP-codes-for-the-top-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -703,8 +703,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "Top 10 HTTP requests [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "Top 10 HTTP requests [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -753,11 +753,11 @@ }, "totalFunc": "sum" }, - "title": "Top 10 HTTP requests [Packetbeat]", + "title": "Top 10 HTTP requests [Packetbeat] ECS", "type": "table" } }, - "id": "Top-10-HTTP-requests", + "id": "Top-10-HTTP-requests-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -812,10 +812,10 @@ "@timestamp", "desc" ], - "title": "HTTP Transactions Search [Packetbeat]", + "title": "HTTP Transactions Search [Packetbeat] ECS", "version": 1 }, - "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "type": "search", "updated_at": "2019-01-19T00:21:43.886Z", "version": 3 @@ -852,7 +852,7 @@ "x": 12, "y": 0 }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -865,7 +865,7 @@ "x": 0, "y": 35 }, - "id": "HTTP-error-codes", + "id": "HTTP-error-codes-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -878,7 +878,7 @@ "x": 24, "y": 35 }, - "id": "HTTP-error-codes-evolution", + "id": "HTTP-error-codes-evolution-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -891,7 +891,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -911,7 +911,7 @@ "x": 0, "y": 20 }, - "id": "Total-number-of-HTTP-transactions", + "id": "Total-number-of-HTTP-transactions-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -924,7 +924,7 @@ "x": 12, "y": 20 }, - "id": "HTTP-codes-for-the-top-queries", + "id": "HTTP-codes-for-the-top-queries-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -947,17 +947,17 @@ "x": 0, "y": 50 }, - "id": "Top-10-HTTP-requests", + "id": "Top-10-HTTP-requests-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] HTTP", + "title": "[Packetbeat] HTTP ECS", "version": 1 }, - "id": "Packetbeat-HTTP", + "id": "Packetbeat-HTTP-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json index 71e509b05f4c..47a3dc369be5 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -48,8 +48,8 @@ } } }, - "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", - "title": "MongoDB errors [Packetbeat]", + "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", + "title": "MongoDB errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -97,7 +97,7 @@ "enabled": true, "id": "4", "params": { - "field": "method", + "field": "http.request.method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -193,11 +193,11 @@ ], "yAxis": {} }, - "title": "MongoDB errors [Packetbeat]", + "title": "MongoDB errors [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-errors", + "id": "MongoDB-errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -214,8 +214,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "MongoDB Commands [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "MongoDB Commands [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -246,7 +246,7 @@ "enabled": true, "id": "3", "params": { - "field": "method", + "field": "http.request.method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -336,11 +336,11 @@ ], "yAxis": {} }, - "title": "MongoDB Commands [Packetbeat]", + "title": "MongoDB Commands [Packetbeat] ECS", "type": "area" } }, - "id": "MongoDB-commands", + "id": "MongoDB-commands-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -357,8 +357,8 @@ } } }, - "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", - "title": "MongoDB errors per collection [Packetbeat]", + "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", + "title": "MongoDB errors per collection [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -485,11 +485,11 @@ ], "yAxis": {} }, - "title": "MongoDB errors per collection [Packetbeat]", + "title": "MongoDB errors per collection [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-errors-per-collection", + "id": "MongoDB-errors-per-collection-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "MongoDB in/out throughput [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "MongoDB in/out throughput [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -641,11 +641,11 @@ ], "yAxis": {} }, - "title": "MongoDB in/out throughput [Packetbeat]", + "title": "MongoDB in/out throughput [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-in-slash-out-throughput", + "id": "MongoDB-in-slash-out-throughput-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -662,8 +662,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "MongoDB response times by collection [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "MongoDB response times by collection [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -801,11 +801,11 @@ ], "yAxis": {} }, - "title": "MongoDB response times by collection [Packetbeat]", + "title": "MongoDB response times by collection [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-response-times-by-collection", + "id": "MongoDB-response-times-by-collection-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -822,8 +822,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "Top slowest MongoDB queries [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "Top slowest MongoDB queries [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -877,11 +877,11 @@ }, "totalFunc": "sum" }, - "title": "Top slowest MongoDB queries [Packetbeat]", + "title": "Top slowest MongoDB queries [Packetbeat] ECS", "type": "table" } }, - "id": "Top-slowest-MongoDB-queries", + "id": "Top-slowest-MongoDB-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -898,8 +898,8 @@ } } }, - "savedSearchId": "MongoDB-transactions-with-write-concern-0", - "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat]", + "savedSearchId": "MongoDB-transactions-with-write-concern-0-ecs", + "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1016,11 +1016,11 @@ ], "yAxis": {} }, - "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat]", + "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", "type": "line" } }, - "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0", + "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1101,10 +1101,10 @@ "@timestamp", "desc" ], - "title": "MongoDB errors [Packetbeat]", + "title": "MongoDB errors [Packetbeat] ECS", "version": 1 }, - "id": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", + "id": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1112,9 +1112,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status", "query" @@ -1181,10 +1181,10 @@ "@timestamp", "desc" ], - "title": "MongoDB Transaction Search [Packetbeat]", + "title": "MongoDB Transaction Search [Packetbeat] ECS", "version": 1 }, - "id": "MongoDB-transactions", + "id": "MongoDB-transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1192,9 +1192,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status", "query" @@ -1261,10 +1261,10 @@ "@timestamp", "desc" ], - "title": "MongoDB transactions with write concern 0 [Packetbeat]", + "title": "MongoDB transactions with write concern 0 [Packetbeat] ECS", "version": 1 }, - "id": "MongoDB-transactions-with-write-concern-0", + "id": "MongoDB-transactions-with-write-concern-0-ecs", "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1296,7 +1296,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1309,7 +1309,7 @@ "x": 12, "y": 0 }, - "id": "MongoDB-errors", + "id": "MongoDB-errors-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1322,7 +1322,7 @@ "x": 32, "y": 0 }, - "id": "MongoDB-commands", + "id": "MongoDB-commands-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1335,7 +1335,7 @@ "x": 0, "y": 20 }, - "id": "MongoDB-errors-per-collection", + "id": "MongoDB-errors-per-collection-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1348,7 +1348,7 @@ "x": 16, "y": 20 }, - "id": "MongoDB-in-slash-out-throughput", + "id": "MongoDB-in-slash-out-throughput-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1361,7 +1361,7 @@ "x": 0, "y": 35 }, - "id": "MongoDB-response-times-by-collection", + "id": "MongoDB-response-times-by-collection-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1384,7 +1384,7 @@ "x": 32, "y": 35 }, - "id": "Top-slowest-MongoDB-queries", + "id": "Top-slowest-MongoDB-queries-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1397,17 +1397,17 @@ "x": 32, "y": 20 }, - "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0", + "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] MongoDB", + "title": "[Packetbeat] MongoDB ECS", "version": 1 }, - "id": "Packetbeat-MongoDB-performance", + "id": "Packetbeat-MongoDB-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json index 6ac6876e0583..20493e53833f 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "MySQL-errors", - "title": "MySQL Errors [Packetbeat]", + "savedSearchId": "MySQL-errors-ecs", + "title": "MySQL Errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -118,11 +118,11 @@ ], "yAxis": {} }, - "title": "MySQL Errors [Packetbeat]", + "title": "MySQL Errors [Packetbeat] ECS", "type": "area" } }, - "id": "MySQL-Errors", + "id": "MySQL-Errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -139,8 +139,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "MySQL Methods [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "MySQL Methods [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -171,7 +171,7 @@ "enabled": true, "id": "3", "params": { - "field": "method", + "field": "http.request.method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -261,11 +261,11 @@ ], "yAxis": {} }, - "title": "MySQL Methods [Packetbeat]", + "title": "MySQL Methods [Packetbeat] ECS", "type": "area" } }, - "id": "MySQL-Methods", + "id": "MySQL-Methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -287,21 +287,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -318,8 +318,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "MySQL throughput [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "MySQL throughput [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -438,11 +438,11 @@ } ] }, - "title": "MySQL throughput [Packetbeat]", + "title": "MySQL throughput [Packetbeat] ECS", "type": "line" } }, - "id": "MySQL-throughput", + "id": "MySQL-throughput-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -455,8 +455,8 @@ "filter": [] } }, - "savedSearchId": "MySQL-Transactions", - "title": "Most frequent MySQL queries", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "Most frequent MySQL queries ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -485,11 +485,11 @@ "showMeticsAtAllLevels": false, "showPartialRows": false }, - "title": "Most frequent MySQL queries", + "title": "Most frequent MySQL queries ECS", "type": "table" } }, - "id": "Most-frequent-MySQL-queries", + "id": "Most-frequent-MySQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "Slowest MySQL queries", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "Slowest MySQL queries ECS", "uiStateJSON": { "vis": { "params": { @@ -559,11 +559,11 @@ }, "totalFunc": "sum" }, - "title": "Slowest MySQL queries", + "title": "Slowest MySQL queries ECS", "type": "table" } }, - "id": "Slowest-MySQL-queries", + "id": "Slowest-MySQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -580,8 +580,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "Mysql response times percentiles [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "Mysql response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -686,11 +686,11 @@ } ] }, - "title": "Mysql response times percentiles [Packetbeat]", + "title": "Mysql response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "Mysql-response-times-percentiles", + "id": "Mysql-response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -707,8 +707,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "MySQL Reads vs Writes [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "MySQL Reads vs Writes [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -745,14 +745,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "method: SELECT" + "query": "http.request.method: SELECT" } } } }, { "input": { - "query": "method: INSERT OR method: UPDATE OR method: DELETE" + "query": "http.request.method: INSERT OR http.request.method: UPDATE OR http.request.method: DELETE" } } ] @@ -840,11 +840,11 @@ ], "yAxis": {} }, - "title": "MySQL Reads vs Writes [Packetbeat]", + "title": "MySQL Reads vs Writes [Packetbeat] ECS", "type": "area" } }, - "id": "MySQL-Reads-vs-Writes", + "id": "MySQL-Reads-vs-Writes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -852,9 +852,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status" ], @@ -945,10 +945,10 @@ "@timestamp", "desc" ], - "title": "MySQL Errors Search [Packetbeat]", + "title": "MySQL Errors Search [Packetbeat] ECS", "version": 1 }, - "id": "MySQL-errors", + "id": "MySQL-errors-ecs", "type": "search", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -956,9 +956,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status" ], @@ -1023,10 +1023,10 @@ "@timestamp", "desc" ], - "title": "MySQL Transactions [Packetbeat]", + "title": "MySQL Transactions [Packetbeat] ECS", "version": 1 }, - "id": "MySQL-Transactions", + "id": "MySQL-Transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -1063,7 +1063,7 @@ "x": 12, "y": 0 }, - "id": "MySQL-Errors", + "id": "MySQL-Errors-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1076,7 +1076,7 @@ "x": 32, "y": 0 }, - "id": "MySQL-Methods", + "id": "MySQL-Methods-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1089,7 +1089,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1102,7 +1102,7 @@ "x": 24, "y": 35 }, - "id": "MySQL-throughput", + "id": "MySQL-throughput-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1125,7 +1125,7 @@ "x": 0, "y": 50 }, - "id": "Most-frequent-MySQL-queries", + "id": "Most-frequent-MySQL-queries-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1148,7 +1148,7 @@ "x": 24, "y": 50 }, - "id": "Slowest-MySQL-queries", + "id": "Slowest-MySQL-queries-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1161,7 +1161,7 @@ "x": 0, "y": 20 }, - "id": "Mysql-response-times-percentiles", + "id": "Mysql-response-times-percentiles-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1174,17 +1174,17 @@ "x": 0, "y": 35 }, - "id": "MySQL-Reads-vs-Writes", + "id": "MySQL-Reads-vs-Writes-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] MySQL performance", + "title": "[Packetbeat] MySQL performance ECS", "version": 1 }, - "id": "Packetbeat-MySQL-performance", + "id": "Packetbeat-MySQL-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json index 019ea1fff1d8..698cd6f84c20 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS clients pie chart [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS clients pie chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -56,11 +56,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "NFS clients pie chart [Packetbeat]", + "title": "NFS clients pie chart [Packetbeat] ECS", "type": "pie" } }, - "id": "NFS-clients-pie-chart", + "id": "NFS-clients-pie-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -73,8 +73,8 @@ "filter": [] } }, - "savedSearchId": "nfs", - "title": "NFS operations area chart", + "savedSearchId": "nfs-ecs", + "title": "NFS operations area chart ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -124,11 +124,11 @@ "times": [], "yAxis": {} }, - "title": "NFS operations area chart", + "title": "NFS operations area chart ECS", "type": "area" } }, - "id": "NFS-operations-area-chart", + "id": "NFS-operations-area-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -145,8 +145,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS top group pie chart [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS top group pie chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -189,11 +189,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "NFS top group pie chart [Packetbeat]", + "title": "NFS top group pie chart [Packetbeat] ECS", "type": "pie" } }, - "id": "NFS-top-group-pie-chart", + "id": "NFS-top-group-pie-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -210,8 +210,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS top users pie chart [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS top users pie chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -254,11 +254,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "NFS top users pie chart [Packetbeat]", + "title": "NFS top users pie chart [Packetbeat] ECS", "type": "pie" } }, - "id": "NFS-top-users-pie-chart", + "id": "NFS-top-users-pie-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -275,8 +275,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS response times [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS response times [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -391,11 +391,11 @@ ], "yAxis": {} }, - "title": "NFS response times [Packetbeat]", + "title": "NFS response times [Packetbeat] ECS", "type": "line" } }, - "id": "NFS-response-times", + "id": "NFS-response-times-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -412,8 +412,8 @@ } } }, - "savedSearchId": "NFS-errors-search", - "title": "NFS errors [Packetbeat]", + "savedSearchId": "NFS-errors-search-ecs", + "title": "NFS errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -534,11 +534,11 @@ ], "yAxis": {} }, - "title": "NFS errors [Packetbeat]", + "title": "NFS errors [Packetbeat] ECS", "type": "area" } }, - "id": "NFS-errors", + "id": "NFS-errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -555,8 +555,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS operation table [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS operation table [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -616,11 +616,11 @@ }, "totalFunc": "sum" }, - "title": "NFS operation table [Packetbeat]", + "title": "NFS operation table [Packetbeat] ECS", "type": "table" } }, - "id": "NFS-operation-table", + "id": "NFS-operation-table-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -637,8 +637,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS Request / Response Sizes [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS Request / Response Sizes [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -780,11 +780,11 @@ ], "yAxis": {} }, - "title": "NFS Request / Response Sizes [Packetbeat]", + "title": "NFS Request / Response Sizes [Packetbeat] ECS", "type": "line" } }, - "id": "NFS-bytes-in-slash-out", + "id": "NFS-bytes-in-slash-out-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -806,21 +806,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -846,16 +846,16 @@ "key": "event.dataset", "negate": false, "params": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" }, "type": "phrase", - "value": "nfs" + "value": "nfs-ecs" }, "query": { "match": { "event.dataset": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" } } @@ -893,10 +893,10 @@ "@timestamp", "desc" ], - "title": "NFS Search [Packetbeat]", + "title": "NFS Search [Packetbeat] ECS", "version": 1 }, - "id": "nfs", + "id": "nfs-ecs", "type": "search", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -974,16 +974,16 @@ "key": "event.dataset", "negate": false, "params": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" }, "type": "phrase", - "value": "nfs" + "value": "nfs-ecs" }, "query": { "match": { "event.dataset": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" } } @@ -1021,10 +1021,10 @@ "@timestamp", "desc" ], - "title": "NFS Error Search [Packetbeat]", + "title": "NFS Error Search [Packetbeat] ECS", "version": 1 }, - "id": "NFS-errors-search", + "id": "NFS-errors-search-ecs", "type": "search", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -1061,7 +1061,7 @@ "x": 16, "y": 0 }, - "id": "NFS-clients-pie-chart", + "id": "NFS-clients-pie-chart-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1074,7 +1074,7 @@ "x": 0, "y": 55 }, - "id": "NFS-operations-area-chart", + "id": "NFS-operations-area-chart-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1098,7 +1098,7 @@ "x": 32, "y": 0 }, - "id": "NFS-top-group-pie-chart", + "id": "NFS-top-group-pie-chart-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1116,7 +1116,7 @@ "x": 32, "y": 10 }, - "id": "NFS-top-users-pie-chart", + "id": "NFS-top-users-pie-chart-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1134,7 +1134,7 @@ "x": 24, "y": 25 }, - "id": "NFS-response-times", + "id": "NFS-response-times-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1147,7 +1147,7 @@ "x": 24, "y": 40 }, - "id": "NFS-errors", + "id": "NFS-errors-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1170,7 +1170,7 @@ "x": 24, "y": 55 }, - "id": "NFS-operation-table", + "id": "NFS-operation-table-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1188,7 +1188,7 @@ "x": 0, "y": 25 }, - "id": "NFS-bytes-in-slash-out", + "id": "NFS-bytes-in-slash-out-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1201,17 +1201,17 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "10", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] NFS", + "title": "[Packetbeat] NFS ECS", "version": 1 }, - "id": "Packetbeat-NFS", + "id": "Packetbeat-NFS-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json index 0a9fa49a58a0..8a1fc15bcc92 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "HTTP Transactions [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "HTTP Transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ ], "yAxis": {} }, - "title": "HTTP Transactions [Packetbeat]", + "title": "HTTP Transactions [Packetbeat] ECS", "type": "histogram" } }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", "version": 3 @@ -164,7 +164,7 @@ } } }, - "title": "Transaction Types [Packetbeat]", + "title": "Transaction Types [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -282,11 +282,11 @@ ], "yAxis": {} }, - "title": "Transaction Types [Packetbeat]", + "title": "Transaction Types [Packetbeat] ECS", "type": "histogram" } }, - "id": "DB-transactions", + "id": "DB-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:20:54.634Z", "version": 3 @@ -303,8 +303,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Response times percentiles [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -421,11 +421,11 @@ ], "yAxis": {} }, - "title": "Response times percentiles [Packetbeat]", + "title": "Response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "Response-times-percentiles", + "id": "Response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-19T00:01:49.340Z", "version": 2 @@ -438,8 +438,8 @@ "filter": [] } }, - "savedSearchId": "Transactions-errors", - "title": "Errors count over time", + "savedSearchId": "Transactions-errors-ecs", + "title": "Errors count over time ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -487,11 +487,11 @@ "times": [], "yAxis": {} }, - "title": "New Visualization", + "title": "New Visualization ECS", "type": "histogram" } }, - "id": "Errors-count-over-time", + "id": "Errors-count-over-time-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:30.350Z", "version": 1 @@ -508,8 +508,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Errors vs successful transactions [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Errors vs successful transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -627,11 +627,11 @@ ], "yAxis": {} }, - "title": "Errors vs successful transactions [Packetbeat]", + "title": "Errors vs successful transactions [Packetbeat] ECS", "type": "histogram" } }, - "id": "Errors-vs-successful-transactions", + "id": "Errors-vs-successful-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:02:24.071Z", "version": 2 @@ -648,8 +648,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Latency Histogram [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Latency Histogram [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -750,11 +750,11 @@ ], "yAxis": {} }, - "title": "Latency Histogram [Packetbeat]", + "title": "Latency Histogram [Packetbeat] ECS", "type": "area" } }, - "id": "Latency-histogram", + "id": "Latency-histogram-ecs", "type": "visualization", "updated_at": "2019-01-19T00:03:54.084Z", "version": 2 @@ -777,7 +777,7 @@ } } }, - "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat]", + "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat] ECS", "uiStateJSON": { "mapCenter": [ 0, @@ -860,11 +860,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat]", + "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat] ECS", "type": "tile_map" } }, - "id": "Client-locations", + "id": "Client-locations-ecs", "type": "visualization", "updated_at": "2019-01-18T23:52:42.404Z", "version": 2 @@ -881,8 +881,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Response times repartition [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Response times repartition [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -995,11 +995,11 @@ ], "yAxis": {} }, - "title": "Response times repartition [Packetbeat]", + "title": "Response times repartition [Packetbeat] ECS", "type": "histogram" } }, - "id": "Response-times-repartition", + "id": "Response-times-repartition-ecs", "type": "visualization", "updated_at": "2019-01-19T00:00:32.530Z", "version": 2 @@ -1021,21 +1021,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -1052,8 +1052,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Transactions [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1195,11 +1195,11 @@ } ] }, - "title": "DNS Transactions [Packetbeat]", + "title": "DNS Transactions [Packetbeat] ECS", "type": "area" } }, - "id": "e3f09730-1b80-11e9-83df-75eebb35951e", + "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", "type": "visualization", "updated_at": "2019-01-19T00:29:49.161Z", "version": 3 @@ -1216,8 +1216,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Sessions [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Sessions [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -1335,11 +1335,11 @@ } ] }, - "title": "TLS Sessions", + "title": "TLS Sessions ECS", "type": "histogram" } }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1394,10 +1394,10 @@ "@timestamp", "desc" ], - "title": "HTTP Transactions Search [Packetbeat]", + "title": "HTTP Transactions Search [Packetbeat] ECS", "version": 1 }, - "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "type": "search", "updated_at": "2019-01-19T00:21:43.886Z", "version": 3 @@ -1411,7 +1411,7 @@ "server.port", "event.dataset", "query", - "method", + "http.request.method", "event.duration", "status" ], @@ -1473,10 +1473,10 @@ "@timestamp", "desc" ], - "title": "Packetbeat Search", + "title": "Packetbeat Search ECS", "version": 1 }, - "id": "Packetbeat-Search", + "id": "Packetbeat-Search-ecs", "type": "search", "updated_at": "2019-01-19T00:01:10.720Z", "version": 2 @@ -1490,7 +1490,7 @@ "server.port", "event.dataset", "query", - "method", + "http.request.method", "event.duration", "status" ], @@ -1578,10 +1578,10 @@ "@timestamp", "desc" ], - "title": "Transactions Errors Search [Packetbeat]", + "title": "Transactions Errors Search [Packetbeat] ECS", "version": 1 }, - "id": "Transactions-errors", + "id": "Transactions-errors-ecs", "type": "search", "updated_at": "2019-01-19T00:05:18.965Z", "version": 3 @@ -1652,10 +1652,10 @@ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat]", + "title": "DNS Protocol [Packetbeat] ECS", "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", "version": 2 @@ -1706,10 +1706,10 @@ "@timestamp", "desc" ], - "title": "TLS Sessions [Packetbeat]", + "title": "TLS Sessions [Packetbeat] ECS", "version": 1 }, - "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1741,7 +1741,7 @@ "x": 12, "y": 20 }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1754,7 +1754,7 @@ "x": 36, "y": 20 }, - "id": "DB-transactions", + "id": "DB-transactions-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1767,7 +1767,7 @@ "x": 0, "y": 45 }, - "id": "Response-times-percentiles", + "id": "Response-times-percentiles-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1780,7 +1780,7 @@ "x": 0, "y": 60 }, - "id": "Errors-count-over-time", + "id": "Errors-count-over-time-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1793,7 +1793,7 @@ "x": 24, "y": 45 }, - "id": "Errors-vs-successful-transactions", + "id": "Errors-vs-successful-transactions-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1806,7 +1806,7 @@ "x": 24, "y": 60 }, - "id": "Latency-histogram", + "id": "Latency-histogram-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1843,7 +1843,7 @@ "x": 12, "y": 0 }, - "id": "Client-locations", + "id": "Client-locations-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1856,7 +1856,7 @@ "x": 0, "y": 30 }, - "id": "Response-times-repartition", + "id": "Response-times-repartition-ecs", "panelIndex": "10", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1869,7 +1869,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "11", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1883,7 +1883,7 @@ "x": 0, "y": 20 }, - "id": "e3f09730-1b80-11e9-83df-75eebb35951e", + "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", "panelIndex": "12", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1897,17 +1897,17 @@ "x": 24, "y": 20 }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "panelIndex": "13", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] Overview", + "title": "[Packetbeat] Overview ECS", "version": 1 }, - "id": "Packetbeat-Dashboard", + "id": "Packetbeat-Dashboard-ecs", "type": "dashboard", "updated_at": "2019-01-19T00:31:53.357Z", "version": 5 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json index c0d6cf2db8eb..4200feb29bf7 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -48,8 +48,8 @@ } } }, - "savedSearchId": "PgSQL-errors", - "title": "PgSQL Errors [Packetbeat]", + "savedSearchId": "PgSQL-errors-ecs", + "title": "PgSQL Errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -154,11 +154,11 @@ ], "yAxis": {} }, - "title": "PgSQL Errors [Packetbeat]", + "title": "PgSQL Errors [Packetbeat] ECS", "type": "area" } }, - "id": "PgSQL-Errors", + "id": "PgSQL-Errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -175,8 +175,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL Methods [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL Methods [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -207,7 +207,7 @@ "enabled": true, "id": "3", "params": { - "field": "method", + "field": "http.request.method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -297,11 +297,11 @@ ], "yAxis": {} }, - "title": "PgSQL Methods [Packetbeat]", + "title": "PgSQL Methods [Packetbeat] ECS", "type": "area" } }, - "id": "PgSQL-Methods", + "id": "PgSQL-Methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -318,8 +318,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL response times percentiles [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -424,11 +424,11 @@ } ] }, - "title": "PgSQL response times percentiles [Packetbeat]", + "title": "PgSQL response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "PgSQL-response-times-percentiles", + "id": "PgSQL-response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -445,8 +445,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL Throughput [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL Throughput [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -565,11 +565,11 @@ } ] }, - "title": "PgSQL Throughput [Packetbeat]", + "title": "PgSQL Throughput [Packetbeat] ECS", "type": "line" } }, - "id": "PgSQL-throughput", + "id": "PgSQL-throughput-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -586,8 +586,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL Reads vs Writes [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL Reads vs Writes [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -624,14 +624,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "method: SELECT" + "query": "http.request.method: SELECT" } } } }, { "input": { - "query": "method: INSERT OR method: UPDATE OR method: DELETE" + "query": "http.request.method: INSERT OR http.request.method: UPDATE OR http.request.method: DELETE" } } ] @@ -719,11 +719,11 @@ ], "yAxis": {} }, - "title": "PgSQL Reads vs Writes [Packetbeat]", + "title": "PgSQL Reads vs Writes [Packetbeat] ECS", "type": "area" } }, - "id": "PgSQL-Reads-vs-Writes", + "id": "PgSQL-Reads-vs-Writes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -740,8 +740,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "Most frequent PgSQL queries [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "Most frequent PgSQL queries [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -790,11 +790,11 @@ }, "totalFunc": "sum" }, - "title": "Most frequent PgSQL queries [Packetbeat]", + "title": "Most frequent PgSQL queries [Packetbeat] ECS", "type": "table" } }, - "id": "Most-frequent-PgSQL-queries", + "id": "Most-frequent-PgSQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -811,8 +811,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "Slowest PgSQL Queries [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "Slowest PgSQL Queries [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -864,11 +864,11 @@ }, "totalFunc": "sum" }, - "title": "Slowest PgSQL Queries [Packetbeat]", + "title": "Slowest PgSQL Queries [Packetbeat] ECS", "type": "table" } }, - "id": "Slowest-PgSQL-queries", + "id": "Slowest-PgSQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -876,9 +876,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status" ], @@ -964,10 +964,10 @@ "@timestamp", "desc" ], - "title": "PgSQL Errors Search [Packetbeat]", + "title": "PgSQL Errors Search [Packetbeat] ECS", "version": 1 }, - "id": "PgSQL-errors", + "id": "PgSQL-errors-ecs", "type": "search", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -975,9 +975,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status" ], @@ -1042,10 +1042,10 @@ "@timestamp", "desc" ], - "title": "PgSQL Transactions [Packetbeat]", + "title": "PgSQL Transactions [Packetbeat] ECS", "version": 1 }, - "id": "PgSQL-transactions", + "id": "PgSQL-transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -1082,7 +1082,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1095,7 +1095,7 @@ "x": 12, "y": 0 }, - "id": "PgSQL-Errors", + "id": "PgSQL-Errors-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1108,7 +1108,7 @@ "x": 32, "y": 0 }, - "id": "PgSQL-Methods", + "id": "PgSQL-Methods-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1121,7 +1121,7 @@ "x": 0, "y": 20 }, - "id": "PgSQL-response-times-percentiles", + "id": "PgSQL-response-times-percentiles-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1134,7 +1134,7 @@ "x": 24, "y": 35 }, - "id": "PgSQL-throughput", + "id": "PgSQL-throughput-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1147,7 +1147,7 @@ "x": 0, "y": 35 }, - "id": "PgSQL-Reads-vs-Writes", + "id": "PgSQL-Reads-vs-Writes-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1170,7 +1170,7 @@ "x": 0, "y": 50 }, - "id": "Most-frequent-PgSQL-queries", + "id": "Most-frequent-PgSQL-queries-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1193,17 +1193,17 @@ "x": 24, "y": 50 }, - "id": "Slowest-PgSQL-queries", + "id": "Slowest-PgSQL-queries-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] PgSQL performance", + "title": "[Packetbeat] PgSQL performance ECS", "version": 1 }, - "id": "Packetbeat-PgSQL-performance", + "id": "Packetbeat-PgSQL-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json index 01f0017cb752..f24a152cc7f0 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -44,8 +44,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-transactions", - "title": "Thrift requests per minute [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Thrift requests per minute [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -82,11 +82,11 @@ "times": [], "yAxis": {} }, - "title": "Thrift requests per minute", + "title": "Thrift requests per minute ECS", "type": "histogram" } }, - "id": "Thrift-requests-per-minute", + "id": "Thrift-requests-per-minute-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -99,8 +99,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-errors", - "title": "Thrift RPC Errors [Packetbeat]", + "savedSearchId": "Thrift-errors-ecs", + "title": "Thrift RPC Errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -139,11 +139,11 @@ "times": [], "yAxis": {} }, - "title": "Thrift RPC Errors", + "title": "Thrift RPC Errors ECS", "type": "area" } }, - "id": "Thrift-RPC-Errors", + "id": "Thrift-RPC-Errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -160,8 +160,8 @@ } } }, - "savedSearchId": "Thrift-transactions", - "title": "Slowest Thrift RPC methods [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Slowest Thrift RPC methods [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -188,7 +188,7 @@ "enabled": true, "id": "2", "params": { - "field": "method", + "field": "http.request.method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -212,11 +212,11 @@ }, "totalFunc": "sum" }, - "title": "Slowest Thrift RPC methods [Packetbeat]", + "title": "Slowest Thrift RPC methods [Packetbeat] ECS", "type": "table" } }, - "id": "Slowest-Thrift-RPC-methods", + "id": "Slowest-Thrift-RPC-methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -233,8 +233,8 @@ } } }, - "savedSearchId": "Thrift-transactions", - "title": "Thrift response times percentiles [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Thrift response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -339,11 +339,11 @@ } ] }, - "title": "Thrift response times percentiles [Packetbeat]", + "title": "Thrift response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "Thrift-response-times-percentiles", + "id": "Thrift-response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -356,8 +356,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-transactions", - "title": "Top Thrift-RPC methods [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Top Thrift-RPC methods [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -371,7 +371,7 @@ { "id": "2", "params": { - "field": "method", + "field": "http.request.method", "order": "desc", "orderBy": "1", "size": 5 @@ -393,11 +393,11 @@ "times": [], "yAxis": {} }, - "title": "Top Thrift-RPC methods", + "title": "Top Thrift-RPC methods ECS", "type": "histogram" } }, - "id": "Top-Thrift-RPC-methods", + "id": "Top-Thrift-RPC-methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -410,8 +410,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-errors", - "title": "Top Thrift-RPC calls with errors [Packetbeat]", + "savedSearchId": "Thrift-errors-ecs", + "title": "Top Thrift-RPC calls with errors [Packetbeat] ECS", "version": 1, "visState": { "aggs": [ @@ -424,7 +424,7 @@ { "id": "2", "params": { - "field": "method", + "field": "http.request.method", "order": "desc", "orderBy": "1", "size": 5 @@ -444,7 +444,7 @@ "type": "histogram" } }, - "id": "Top-Thrift-RPC-calls-with-errors", + "id": "Top-Thrift-RPC-calls-with-errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -452,9 +452,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status" ], @@ -519,10 +519,10 @@ "@timestamp", "desc" ], - "title": "Thrift Transactions Search [Packetbeat]", + "title": "Thrift Transactions Search [Packetbeat] ECS", "version": 1 }, - "id": "Thrift-transactions", + "id": "Thrift-transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -530,9 +530,9 @@ { "attributes": { "columns": [ - "method", + "http.request.method", "type", - "path", + "url.path", "event.duration", "status" ], @@ -623,10 +623,10 @@ "@timestamp", "desc" ], - "title": "Thrift Errors [Packetbeat]", + "title": "Thrift Errors [Packetbeat] ECS", "version": 1 }, - "id": "Thrift-errors", + "id": "Thrift-errors-ecs", "type": "search", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -657,7 +657,7 @@ "panelsJSON": [ { "col": 1, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": 1, "row": 1, "size_x": 3, @@ -666,7 +666,7 @@ }, { "col": 4, - "id": "Thrift-requests-per-minute", + "id": "Thrift-requests-per-minute-ecs", "panelIndex": 2, "row": 1, "size_x": 5, @@ -675,7 +675,7 @@ }, { "col": 9, - "id": "Thrift-RPC-Errors", + "id": "Thrift-RPC-Errors-ecs", "panelIndex": 3, "row": 1, "size_x": 4, @@ -684,7 +684,7 @@ }, { "col": 1, - "id": "Slowest-Thrift-RPC-methods", + "id": "Slowest-Thrift-RPC-methods-ecs", "panelIndex": 4, "row": 5, "size_x": 6, @@ -693,7 +693,7 @@ }, { "col": 7, - "id": "Thrift-response-times-percentiles", + "id": "Thrift-response-times-percentiles-ecs", "panelIndex": 5, "row": 5, "size_x": 6, @@ -702,7 +702,7 @@ }, { "col": 1, - "id": "Top-Thrift-RPC-methods", + "id": "Top-Thrift-RPC-methods-ecs", "panelIndex": 6, "row": 8, "size_x": 6, @@ -711,7 +711,7 @@ }, { "col": 7, - "id": "Top-Thrift-RPC-calls-with-errors", + "id": "Top-Thrift-RPC-calls-with-errors-ecs", "panelIndex": 7, "row": 8, "size_x": 6, @@ -720,7 +720,7 @@ } ], "timeRestore": false, - "title": "[Packetbeat] Thrift performance", + "title": "[Packetbeat] Thrift performance ECS", "uiStateJSON": { "P-4": { "vis": { @@ -735,7 +735,7 @@ }, "version": 1 }, - "id": "Packetbeat-Thrift-performance", + "id": "Packetbeat-Thrift-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json index 1d29a4761a42..a3563dd1f131 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -48,8 +48,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Sessions [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Sessions [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -167,11 +167,11 @@ } ] }, - "title": "TLS Sessions", + "title": "TLS Sessions ECS", "type": "histogram" } }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -209,7 +209,7 @@ } } }, - "title": "TLS Alerts [Packetbeat]", + "title": "TLS Alerts [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -250,11 +250,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "TLS Alerts", + "title": "TLS Alerts ECS", "type": "pie" } }, - "id": "c14377a0-d353-11e7-9914-4982455b3063", + "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -295,7 +295,7 @@ } } }, - "title": "Total Number of TLS Sessions [Packetbeat]", + "title": "Total Number of TLS Sessions [Packetbeat] ECS", "uiStateJSON": { "P-5": { "vis": { @@ -354,11 +354,11 @@ }, "type": "metric" }, - "title": "Total Number of TLS Sessions", + "title": "Total Number of TLS Sessions ECS", "type": "metric" } }, - "id": "061de380-d361-11e7-9914-4982455b3063", + "id": "061de380-d361-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -375,8 +375,8 @@ } } }, - "savedSearchId": "94908e80-d2d8-11e7-9914-4982455b3063", - "title": "TLS Server Name Indication [Packetbeat]", + "savedSearchId": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", + "title": "TLS Server Name Indication [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -409,11 +409,11 @@ "orientation": "single", "scale": "linear" }, - "title": "TLS Server Name Indication", + "title": "TLS Server Name Indication ECS", "type": "tagcloud" } }, - "id": "a28d09d0-d361-11e7-9914-4982455b3063", + "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -430,8 +430,8 @@ } } }, - "savedSearchId": "bf3d23b0-d37c-11e7-9914-4982455b3063", - "title": "TLS Versions [Packetbeat]", + "savedSearchId": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", + "title": "TLS Versions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -464,11 +464,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "TLS Versions", + "title": "TLS Versions ECS", "type": "pie" } }, - "id": "0af0b790-d37d-11e7-9914-4982455b3063", + "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -485,8 +485,8 @@ } } }, - "savedSearchId": "8f0ff590-d37d-11e7-9914-4982455b3063", - "title": "TLS Server Public Key Size [Packetbeat]", + "savedSearchId": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", + "title": "TLS Server Public Key Size [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -519,11 +519,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Server Public Key Size", + "title": "Server Public Key Size ECS", "type": "pie" } }, - "id": "ae6e33c0-d37d-11e7-9914-4982455b3063", + "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -540,8 +540,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Session Resume [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Session Resume [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -585,11 +585,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "TLS Session Resume [Packetbeat]", + "title": "TLS Session Resume [Packetbeat] ECS", "type": "pie" } }, - "id": "2c467370-d392-11e7-8fa0-232aa9259081", + "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -606,8 +606,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Server Certificates [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Server Certificates [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -668,11 +668,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Server Certificates", + "title": "TLS Server Certificates ECS", "type": "table" } }, - "id": "0958a910-d396-11e7-8fa0-232aa9259081", + "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -689,8 +689,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Client Certificates [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Client Certificates [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -750,11 +750,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Client Certificates", + "title": "TLS Client Certificates ECS", "type": "table" } }, - "id": "86743f90-d396-11e7-8fa0-232aa9259081", + "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -771,8 +771,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Cipher [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Cipher [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -818,11 +818,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Cipher", + "title": "TLS Cipher ECS", "type": "table" } }, - "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961", + "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -839,8 +839,8 @@ } } }, - "savedSearchId": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b", - "title": "TLS Fingerprint [Packetbeat]", + "savedSearchId": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b-ecs", + "title": "TLS Fingerprint [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -886,11 +886,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Fingerprint", + "title": "TLS Fingerprint ECS", "type": "table" } }, - "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b", + "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -932,8 +932,8 @@ } } }, - "savedSearchId": "8e2af860-d520-11e7-9fff-7b1ebf397ba9", - "title": "TLS Handshake Latency [Packetbeat]", + "savedSearchId": "8e2af860-d520-11e7-9fff-7b1ebf397ba9-ecs", + "title": "TLS Handshake Latency [Packetbeat] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -1032,11 +1032,11 @@ } ] }, - "title": "TLS Handshake Latency", + "title": "TLS Handshake Latency ECS", "type": "area" } }, - "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9", + "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1087,10 +1087,10 @@ "@timestamp", "desc" ], - "title": "TLS Sessions [Packetbeat]", + "title": "TLS Sessions [Packetbeat] ECS", "version": 1 }, - "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1141,10 +1141,10 @@ "@timestamp", "desc" ], - "title": "TLS Server Name Indication [Packetbeat]", + "title": "TLS Server Name Indication [Packetbeat] ECS", "version": 1 }, - "id": "94908e80-d2d8-11e7-9914-4982455b3063", + "id": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1195,10 +1195,10 @@ "@timestamp", "desc" ], - "title": "TLS Version [Packetbeat]", + "title": "TLS Version [Packetbeat] ECS", "version": 1 }, - "id": "bf3d23b0-d37c-11e7-9914-4982455b3063", + "id": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1249,10 +1249,10 @@ "@timestamp", "desc" ], - "title": "Server Public Key Size", + "title": "Server Public Key Size ECS", "version": 1 }, - "id": "8f0ff590-d37d-11e7-9914-4982455b3063", + "id": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1298,10 +1298,10 @@ "@timestamp", "desc" ], - "title": "TLS Fingerprint [Packetbeat]", + "title": "TLS Fingerprint [Packetbeat] ECS", "version": 1 }, - "id": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b", + "id": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1364,17 +1364,17 @@ "@timestamp", "desc" ], - "title": "TLS Handshake Latency [Packetbeat]", + "title": "TLS Handshake Latency [Packetbeat] ECS", "version": 1 }, - "id": "8e2af860-d520-11e7-9fff-7b1ebf397ba9", + "id": "8e2af860-d520-11e7-9fff-7b1ebf397ba9-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 }, { "attributes": { - "description": "TLS Sessions", + "description": "TLS Sessions ECS", "hits": 0, "kibanaSavedObjectMeta": { "searchSourceJSON": { @@ -1405,7 +1405,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -1418,7 +1418,7 @@ "x": 3, "y": 0 }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.4" @@ -1431,7 +1431,7 @@ "x": 3, "y": 7 }, - "id": "c14377a0-d353-11e7-9914-4982455b3063", + "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", "panelIndex": "9", "type": "visualization", "version": "6.2.4" @@ -1444,7 +1444,7 @@ "x": 0, "y": 4 }, - "id": "061de380-d361-11e7-9914-4982455b3063", + "id": "061de380-d361-11e7-9914-4982455b3063-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.4" @@ -1457,7 +1457,7 @@ "x": 0, "y": 10 }, - "id": "a28d09d0-d361-11e7-9914-4982455b3063", + "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.4" @@ -1470,7 +1470,7 @@ "x": 6, "y": 7 }, - "id": "0af0b790-d37d-11e7-9914-4982455b3063", + "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", "panelIndex": "12", "type": "visualization", "version": "6.2.4" @@ -1483,7 +1483,7 @@ "x": 9, "y": 7 }, - "id": "ae6e33c0-d37d-11e7-9914-4982455b3063", + "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", "panelIndex": "13", "type": "visualization", "version": "6.2.4" @@ -1496,7 +1496,7 @@ "x": 0, "y": 7 }, - "id": "2c467370-d392-11e7-8fa0-232aa9259081", + "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", "panelIndex": "14", "type": "visualization", "version": "6.2.4" @@ -1509,7 +1509,7 @@ "x": 0, "y": 13 }, - "id": "0958a910-d396-11e7-8fa0-232aa9259081", + "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", "panelIndex": "15", "type": "visualization", "version": "6.2.4" @@ -1522,7 +1522,7 @@ "x": 0, "y": 16 }, - "id": "86743f90-d396-11e7-8fa0-232aa9259081", + "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", "panelIndex": "16", "type": "visualization", "version": "6.2.4" @@ -1535,7 +1535,7 @@ "x": 6, "y": 13 }, - "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961", + "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", "panelIndex": "17", "type": "visualization", "version": "6.2.4" @@ -1548,7 +1548,7 @@ "x": 6, "y": 16 }, - "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b", + "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", "panelIndex": "18", "type": "visualization", "version": "6.2.4" @@ -1561,14 +1561,14 @@ "x": 3, "y": 4 }, - "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9", + "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", "panelIndex": "19", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Packetbeat] TLS Sessions", + "title": "[Packetbeat] TLS Sessions ECS", "uiStateJSON": { "P-15": { "vis": { @@ -1630,7 +1630,7 @@ }, "version": 1 }, - "id": "tls-sessions", + "id": "tls-sessions-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 diff --git a/script/kibana-migration.py b/script/kibana-migration.py new file mode 100644 index 000000000000..59c1c4db25b5 --- /dev/null +++ b/script/kibana-migration.py @@ -0,0 +1,128 @@ +import yaml +import glob + + +def migration(): + print "Start Kibana files migration" + + print "Migrate all fields to the ECS fields" + migration_fields = read_migration_fields() + rename_entries(migration_fields) + + print "Postfix all ids with -ecs" + ids = get_replaceable_ids() + rename_entries(ids) + + print "Postfix all titles with ` ECS`" + titles = get_replacable_titles() + rename_entries(titles) + + +def get_replaceable_ids(): + files = get_files() + + ids = {} + for file in files: + with open(file, 'r') as f: + objects = yaml.safe_load(f) + + for v in objects["objects"]: + # Checks if an id was already migrated, if not adds it to the list + if "-ecs" not in v["id"]: + # Add "{}" around fields to make them more unique and not have false positives + ids['"' + v["id"] + '"'] = '"' + v["id"] + "-ecs" + '"' + # Prefix with / to also modify links + ids['/' + v["id"]] = '/' + v["id"] + "-ecs" + + return ids + + +def read_migration_fields(): + migration_fields = {} + migration_yml = "../dev-tools/ecs-migration.yml" + with open(migration_yml, 'r') as f: + migration = yaml.safe_load(f) + for k in migration: + if "to" in k and "from" in k: + if "rename" in k and k["rename"] is False: + continue + if not isinstance(k["to"], basestring): + continue + + # Add "{}" around fields to make them more unique and not have false positives + migration_fields['"' + k["from"] + '"'] = '"' + k["to"] + '"' + # Some fields exist inside a query / filter where they are followed by : + migration_fields[k["from"] + ':'] = k["to"] + ':' + + return migration_fields + + +def get_replacable_titles(): + files = get_files() + + titles = {} + for file in files: + with open(file, 'r') as f: + objects = yaml.safe_load(f) + + for v in objects["objects"]: + + # Add "{}" around titles to make them more unique and not have false positives + if "title" in v["attributes"]: + if "ECS" not in v["attributes"]["title"]: + titles['"' + v["attributes"]["title"] + '"'] = '"' + v["attributes"]["title"] + " ECS" + '"' + + if "visState" in v["attributes"] and "title" in v["attributes"]["visState"]: + if "ECS" not in v["attributes"]["visState"]["title"]: + titles['"' + v["attributes"]["visState"]["title"] + '"'] = '"' + \ + v["attributes"]["visState"]["title"] + " ECS" + '"' + + return titles + + +def rename_entries(renames): + files = get_files() + + for file in files: + print file + s = open(file).read() + for k in renames: + s = s.replace(k, renames[k]) + f = open(file, 'w') + f.write(s) + f.close() + + +def get_files(): + all_beats = '../*/_meta/kibana/7/dashboard/*.json' + module_beats = '../*/module/*/_meta/kibana/7/dashboard/*.json' + heartbeat = '../heartbeat/monitors/active/*/_meta/kibana/7/dashboard/*.json' + xpack_module_beats = '../x-pack/*/module/*/_meta/kibana/7/dashboard/*.json' + + return glob.glob(all_beats) + glob.glob(module_beats) + glob.glob(heartbeat) + glob.glob(xpack_module_beats) + + +if __name__ == "__main__": + migration() + + +# There are more id's, do they matter? +# Example: +# +# "series": [ +# { +# "axis_position": "right", +# "chart_type": "line", +# "color": "#68BC00", +# "fill": 0.5, +# "formatter": "number", +# "id": "6984af11-4d5d-11e7-aa29-87a97a796de6", +# "label": "In Packetloss", +# "line_width": 1, +# "metrics": [ +# { +# "field": "system.network.in.dropped", +# "id": "6984af12-4d5d-11e7-aa29-87a97a796de6", +# "type": "max" +# } +# ], diff --git a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json index 82ccb0386409..6455d6f8341e 100644 --- a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json +++ b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json @@ -100,6 +100,7 @@ }, "references": [ { +<<<<<<< HEAD "id": "Number-of-Events-Over-Time-By-Event-Log", "name": "panel_0", "type": "visualization" @@ -326,6 +327,367 @@ "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", "type": "index-pattern" +======= + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "index": "winlogbeat-*", + "query": { + "query_string": { + "analyze_wildcard": true, + "query": "*" + } + } + } + }, + "title": "Number of Events Over Time By Event Log ECS", + "uiStateJSON": {}, + "version": 1, + "visState": { + "aggs": [ + { + "id": "1", + "params": {}, + "schema": "metric", + "type": "count" + }, + { + "id": "2", + "params": { + "customInterval": "2h", + "extended_bounds": {}, + "field": "@timestamp", + "interval": "auto", + "min_doc_count": 1 + }, + "schema": "segment", + "type": "date_histogram" + }, + { + "id": "3", + "params": { + "field": "log_name", + "order": "desc", + "orderBy": "1", + "size": 6 + }, + "schema": "group", + "type": "terms" + } + ], + "listeners": {}, + "params": { + "addLegend": true, + "addTimeMarker": false, + "addTooltip": true, + "defaultYExtents": false, + "mode": "stacked", + "scale": "linear", + "setYExtents": false, + "shareYAxis": true, + "times": [], + "yAxis": {} + }, + "type": "histogram" + } + }, + "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", + "type": "visualization", + "version": 1 + }, + { + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "index": "winlogbeat-*", + "query": { + "query_string": { + "analyze_wildcard": true, + "query": "*" + } + } + } + }, + "title": "Number of Events ECS", + "uiStateJSON": {}, + "version": 1, + "visState": { + "aggs": [ + { + "id": "1", + "params": {}, + "schema": "metric", + "type": "count" + } + ], + "listeners": {}, + "params": { + "fontSize": 60 + }, + "type": "metric" + } + }, + "id": "Number-of-Events-ecs", + "type": "visualization", + "version": 1 + }, + { + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "index": "winlogbeat-*", + "query": { + "query_string": { + "analyze_wildcard": true, + "query": "*" + } + } + } + }, + "title": "Top Event IDs ECS", + "uiStateJSON": {}, + "version": 1, + "visState": { + "aggs": [ + { + "id": "1", + "params": {}, + "schema": "metric", + "type": "count" + }, + { + "id": "2", + "params": { + "field": "event_id", + "order": "desc", + "orderBy": "1", + "size": 5 + }, + "schema": "bucket", + "type": "terms" + } + ], + "listeners": {}, + "params": { + "perPage": 10, + "showMeticsAtAllLevels": false, + "showPartialRows": false + }, + "type": "table" + } + }, + "id": "Top-Event-IDs-ecs", + "type": "visualization", + "version": 1 + }, + { + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "index": "winlogbeat-*", + "query": { + "query_string": { + "analyze_wildcard": true, + "query": "*" + } + } + } + }, + "title": "Event Levels ECS", + "uiStateJSON": { + "vis": { + "params": { + "sort": { + "columnIndex": null, + "direction": null + } + } + } + }, + "version": 1, + "visState": { + "aggs": [ + { + "enabled": true, + "id": "1", + "params": {}, + "schema": "metric", + "type": "count" + }, + { + "enabled": true, + "id": "2", + "params": { + "field": "level", + "order": "desc", + "orderBy": "1", + "size": 5 + }, + "schema": "bucket", + "type": "terms" + } + ], + "listeners": {}, + "params": { + "perPage": 10, + "showMeticsAtAllLevels": false, + "showPartialRows": false, + "showTotal": false, + "sort": { + "columnIndex": null, + "direction": null + }, + "totalFunc": "sum" + }, + "title": "Event Levels ECS", + "type": "table" + } + }, + "id": "Event-Levels-ecs", + "type": "visualization", + "version": 1 + }, + { + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "index": "winlogbeat-*", + "query": { + "query_string": { + "analyze_wildcard": true, + "query": "*" + } + } + } + }, + "title": "Sources-ecs ECS", + "uiStateJSON": {}, + "version": 1, + "visState": { + "aggs": [ + { + "enabled": true, + "id": "1", + "params": {}, + "schema": "metric", + "type": "count" + }, + { + "enabled": true, + "id": "2", + "params": { + "field": "source_name", + "order": "desc", + "orderBy": "1", + "size": 7 + }, + "schema": "segment", + "type": "terms" + } + ], + "listeners": {}, + "params": { + "addLegend": true, + "addTooltip": true, + "isDonut": false, + "legendPosition": "right", + "shareYAxis": true + }, + "title": "Sources-ecs ECS", + "type": "pie" + } + }, + "id": "Sources-ecs ECS", + "type": "visualization", + "version": 1 + }, + { + "attributes": { + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [ + { + "query": { + "query_string": { + "analyze_wildcard": true, + "query": "*" + } + } + } + ] + } + }, + "optionsJSON": { + "darkTheme": false + }, + "panelsJSON": [ + { + "col": 4, + "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", + "panelIndex": 1, + "row": 1, + "size_x": 9, + "size_y": 4, + "type": "visualization" + }, + { + "col": 1, + "id": "Number-of-Events-ecs", + "panelIndex": 3, + "row": 1, + "size_x": 3, + "size_y": 4, + "type": "visualization" + }, + { + "col": 5, + "id": "Top-Event-IDs-ecs", + "panelIndex": 4, + "row": 5, + "size_x": 4, + "size_y": 4, + "type": "visualization" + }, + { + "col": 9, + "id": "Event-Levels-ecs", + "panelIndex": 5, + "row": 5, + "size_x": 4, + "size_y": 4, + "type": "visualization" + }, + { + "col": 1, + "id": "Sources-ecs ECS", + "panelIndex": 6, + "row": 5, + "size_x": 4, + "size_y": 4, + "type": "visualization" + } + ], + "timeRestore": false, + "title": "Winlogbeat Dashboard ECS", + "uiStateJSON": {}, + "version": 1 + }, + "id": "Winlogbeat-Dashboard-ecs", + "type": "dashboard", + "version": 1 +>>>>>>> Introduce migration script for data in Kibana files } ], "type": "visualization", diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json index e10f783d7645..066c8f162211 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Events Timeline [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Events Timeline [Filebeat Iptables] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -111,11 +111,11 @@ } ] }, - "title": "Events Timeline [Filebeat Iptables]", + "title": "Events Timeline [Filebeat Iptables] ECS", "type": "area" } }, - "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb", + "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", "type": "visualization", "updated_at": "2019-01-23T20:56:04.891Z", "version": 1 @@ -132,8 +132,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Top Source Countries [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Top Source Countries [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -183,11 +183,11 @@ }, "totalFunc": "sum" }, - "title": "Top Source Countries [Filebeat Iptables]", + "title": "Top Source Countries [Filebeat Iptables] ECS", "type": "table" } }, - "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3", + "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -204,8 +204,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Source Map [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Source Map [Filebeat Iptables] ECS", "uiStateJSON": { "mapCenter": [ 45.02695045318546, @@ -269,11 +269,11 @@ } } }, - "title": "Source Map [Filebeat Iptables]", + "title": "Source Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3", + "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -290,8 +290,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Destination Map [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Destination Map [Filebeat Iptables] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -349,11 +349,11 @@ } } }, - "title": "Destination Map [Filebeat Iptables]", + "title": "Destination Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3", + "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -370,8 +370,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Network Type Breakdown [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Network Type Breakdown [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -417,11 +417,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Type Breakdown [Filebeat Iptables]", + "title": "Network Type Breakdown [Filebeat Iptables] ECS", "type": "pie" } }, - "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3", + "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -438,8 +438,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Network Transport Breakdown [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Network Transport Breakdown [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -485,11 +485,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Transport Breakdown [Filebeat Iptables]", + "title": "Network Transport Breakdown [Filebeat Iptables] ECS", "type": "pie" } }, - "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3", + "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Top Destination Ports [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Top Destination Ports [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -557,11 +557,11 @@ }, "totalFunc": "sum" }, - "title": "Top Destination Ports [Filebeat Iptables]", + "title": "Top Destination Ports [Filebeat Iptables] ECS", "type": "table" } }, - "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3", + "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -589,10 +589,10 @@ "@timestamp", "desc" ], - "title": "Events Search [Filebeat Iptables]", + "title": "Events Search [Filebeat Iptables] ECS", "version": 1 }, - "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", "type": "search", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -629,7 +629,7 @@ "x": 0, "y": 0 }, - "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb", + "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", "panelIndex": "1", "type": "visualization", "version": "6.6.0" @@ -643,7 +643,7 @@ "x": 37, "y": 0 }, - "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3", + "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.6.0" @@ -663,7 +663,7 @@ "x": 0, "y": 15 }, - "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3", + "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.6.0" @@ -683,7 +683,7 @@ "x": 24, "y": 15 }, - "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3", + "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.6.0" @@ -697,7 +697,7 @@ "x": 0, "y": 30 }, - "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3", + "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.6.0" @@ -711,7 +711,7 @@ "x": 19, "y": 30 }, - "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3", + "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.6.0" @@ -725,7 +725,7 @@ "x": 37, "y": 30 }, - "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3", + "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "7", "type": "visualization", "version": "6.6.0" @@ -739,17 +739,17 @@ "x": 0, "y": 45 }, - "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "8", "type": "search", "version": "6.6.0" } ], "timeRestore": false, - "title": "[Filebeat Iptables] Overview", + "title": "[Filebeat Iptables] Overview ECS", "version": 1 }, - "id": "ceefb9e0-1f51-11e9-93ed-f7e068f4aebb", + "id": "ceefb9e0-1f51-11e9-93ed-f7e068f4aebb-ecs", "type": "dashboard", "updated_at": "2019-01-23T20:59:43.614Z", "version": 1 diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json index 000a1bdcd931..94b0e96fab8f 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables]", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "colors": { @@ -138,11 +138,11 @@ } ] }, - "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables]", + "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables] ECS", "type": "histogram" } }, - "id": "758b3620-1fda-11e9-ae2a-939083c6a64e", + "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:37:11.788Z", "version": 2 @@ -159,8 +159,8 @@ } } }, - "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables]", + "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -210,11 +210,11 @@ }, "totalFunc": "sum" }, - "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables]", + "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables] ECS", "type": "table" } }, - "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e", + "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:06:20.635Z", "version": 2 @@ -231,8 +231,8 @@ } } }, - "savedSearchId": "7862cab0-1fdb-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables]", + "savedSearchId": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -290,11 +290,11 @@ } } }, - "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables]", + "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e", + "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T15:04:34.005Z", "version": 1 @@ -311,8 +311,8 @@ } } }, - "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables]", + "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables] ECS", "uiStateJSON": { "mapCenter": [ 19.228176737766262, @@ -376,11 +376,11 @@ } } }, - "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables]", + "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e", + "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T15:50:31.689Z", "version": 2 @@ -397,8 +397,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables]", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "colors": { @@ -484,11 +484,11 @@ "legendPosition": "top", "type": "pie" }, - "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables]", + "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables] ECS", "type": "pie" } }, - "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e", + "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:27:50.397Z", "version": 1 @@ -516,10 +516,10 @@ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Events [Filebeat Iptables]", + "title": "Ubiquiti Firewall Events [Filebeat Iptables] ECS", "version": 1 }, - "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", "type": "search", "updated_at": "2019-01-24T12:37:10.858Z", "version": 1 @@ -536,8 +536,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables]", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -605,11 +605,11 @@ }, "totalFunc": "sum" }, - "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables]", + "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables] ECS", "type": "table" } }, - "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e", + "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:35:45.413Z", "version": 1 @@ -637,10 +637,10 @@ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Blocked Events [Filebeat Iptables]", + "title": "Ubiquiti Firewall Blocked Events [Filebeat Iptables] ECS", "version": 1 }, - "id": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", + "id": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", "type": "search", "updated_at": "2019-01-24T15:35:33.942Z", "version": 2 @@ -668,10 +668,10 @@ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Allowed Events [Filebeat Iptables]", + "title": "Ubiquiti Firewall Allowed Events [Filebeat Iptables] ECS", "version": 1 }, - "id": "7862cab0-1fdb-11e9-ae2a-939083c6a64e", + "id": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", "type": "search", "updated_at": "2019-01-24T15:04:12.010Z", "version": 3 @@ -712,7 +712,7 @@ "x": 0, "y": 0 }, - "id": "758b3620-1fda-11e9-ae2a-939083c6a64e", + "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "1", "title": "Event Timeline", "type": "visualization", @@ -727,7 +727,7 @@ "x": 33, "y": 0 }, - "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e", + "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "2", "title": "Top Blocked by source IP", "type": "visualization", @@ -748,7 +748,7 @@ "x": 0, "y": 15 }, - "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e", + "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "3", "title": "Allowed Traffic Map", "type": "visualization", @@ -769,7 +769,7 @@ "x": 24, "y": 15 }, - "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e", + "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "4", "title": "Blocked Traffic Map", "type": "visualization", @@ -797,7 +797,7 @@ "x": 0, "y": 30 }, - "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e", + "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "5", "title": "Traffic Breakdown by Protocol", "type": "visualization", @@ -812,7 +812,7 @@ "x": 0, "y": 48 }, - "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "6", "title": "Event View", "type": "search", @@ -827,7 +827,7 @@ "x": 24, "y": 30 }, - "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e", + "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "7", "title": "Traffic Breakdown by Port", "type": "visualization", @@ -835,10 +835,10 @@ } ], "timeRestore": false, - "title": "[Filebeat Iptables] Ubiquiti Firewall Overview", + "title": "[Filebeat Iptables] Ubiquiti Firewall Overview ECS", "version": 1 }, - "id": "d39f0980-1ff3-11e9-ae2a-939083c6a64e", + "id": "d39f0980-1ff3-11e9-ae2a-939083c6a64e-ecs", "type": "dashboard", "updated_at": "2019-01-24T16:38:35.174Z", "version": 4 diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json index e8d82f4dc4a8..be3bc3db964b 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Top Alerting Hosts [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Top Alerting Hosts [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -123,11 +123,11 @@ } ] }, - "title": "Top Alerting Hosts [Suricata]", + "title": "Top Alerting Hosts [Suricata] ECS", "type": "histogram" } }, - "id": "494fa290-86d2-11e8-b59d-21efb914e65c", + "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -144,8 +144,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Top Alert Signatures [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Top Alert Signatures [Suricata] ECS", "uiStateJSON": { "vis": { "params": { @@ -212,11 +212,11 @@ }, "totalFunc": "sum" }, - "title": "Top Alert Signatures [Suricata]", + "title": "Top Alert Signatures [Suricata] ECS", "type": "table" } }, - "id": "16033310-86d3-11e8-b59d-21efb914e65c", + "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -304,10 +304,10 @@ "@timestamp", "desc" ], - "title": "Alerts [Suricata]", + "title": "Alerts [Suricata] ECS", "version": 1 }, - "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "type": "search", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -324,8 +324,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alert - Source Location [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alert - Source Location [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -395,11 +395,11 @@ ] } }, - "title": "Alert - Source Location [Suricata]", + "title": "Alert - Source Location [Suricata] ECS", "type": "tile_map" } }, - "id": "85fed080-86d7-11e8-b59d-21efb914e65c", + "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -416,8 +416,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alert - Destination Location [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alert - Destination Location [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -487,11 +487,11 @@ ] } }, - "title": "Alert - Destination Location [Suricata]", + "title": "Alert - Destination Location [Suricata] ECS", "type": "tile_map" } }, - "id": "a09ca070-86d7-11e8-b59d-21efb914e65c", + "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -508,8 +508,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alerts - Top Destination Countries [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alerts - Top Destination Countries [Suricata] ECS", "uiStateJSON": { "vis": { "params": { @@ -559,11 +559,11 @@ }, "totalFunc": "sum" }, - "title": "Alerts - Top Destination Countries [Suricata]", + "title": "Alerts - Top Destination Countries [Suricata] ECS", "type": "table" } }, - "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c", + "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -580,8 +580,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alerts - Top Source Countries [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alerts - Top Source Countries [Suricata] ECS", "uiStateJSON": { "vis": { "params": { @@ -631,11 +631,11 @@ }, "totalFunc": "sum" }, - "title": "Alerts - Top Source Countries [Suricata]", + "title": "Alerts - Top Source Countries [Suricata] ECS", "type": "table" } }, - "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c", + "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -670,7 +670,7 @@ "x": 0, "y": 0 }, - "id": "494fa290-86d2-11e8-b59d-21efb914e65c", + "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -684,7 +684,7 @@ "x": 23, "y": 0 }, - "id": "16033310-86d3-11e8-b59d-21efb914e65c", + "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", "panelIndex": "2", "type": "visualization", "version": "6.3.0" @@ -698,7 +698,7 @@ "x": 0, "y": 37 }, - "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "panelIndex": "3", "type": "search", "version": "6.3.0" @@ -718,7 +718,7 @@ "x": 0, "y": 22 }, - "id": "85fed080-86d7-11e8-b59d-21efb914e65c", + "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", "panelIndex": "4", "type": "visualization", "version": "6.3.0" @@ -738,7 +738,7 @@ "x": 23, "y": 22 }, - "id": "a09ca070-86d7-11e8-b59d-21efb914e65c", + "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", "panelIndex": "5", "type": "visualization", "version": "6.3.0" @@ -752,7 +752,7 @@ "x": 11, "y": 10 }, - "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c", + "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", "panelIndex": "7", "type": "visualization", "version": "6.3.0" @@ -766,17 +766,17 @@ "x": 0, "y": 10 }, - "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c", + "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", "panelIndex": "8", "type": "visualization", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Suricata] Alert Overview", + "title": "[Suricata] Alert Overview ECS", "version": 1 }, - "id": "05268ee0-86d1-11e8-b59d-21efb914e65c", + "id": "05268ee0-86d1-11e8-b59d-21efb914e65c-ecs", "type": "dashboard", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json index 6170c3a1a8db..d80d29f4aebf 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Activity Types over Time [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Activity Types over Time [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -123,11 +123,11 @@ } ] }, - "title": "Activity Types over Time [Suricata]", + "title": "Activity Types over Time [Suricata] ECS", "type": "histogram" } }, - "id": "c7d46c60-86da-11e8-b59d-21efb914e65c", + "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -144,8 +144,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Event Types [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Event Types [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -187,11 +187,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Event Types [Suricata]", + "title": "Event Types [Suricata] ECS", "type": "pie" } }, - "id": "0a0aa630-86db-11e8-b59d-21efb914e65c", + "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -208,8 +208,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Application Protocols [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Application Protocols [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -251,11 +251,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Top Application Protocols [Suricata]", + "title": "Top Application Protocols [Suricata] ECS", "type": "pie" } }, - "id": "728f64c0-86db-11e8-b59d-21efb914e65c", + "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -272,8 +272,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Hosts Generating Events [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Hosts Generating Events [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -383,11 +383,11 @@ } ] }, - "title": "Top Hosts Generating Events [Suricata]", + "title": "Top Hosts Generating Events [Suricata] ECS", "type": "histogram" } }, - "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c", + "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -477,10 +477,10 @@ "@timestamp", "desc" ], - "title": "Events [Suricata]", + "title": "Events [Suricata] ECS", "version": 1 }, - "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "type": "search", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -497,8 +497,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Connection Source Countries [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Connection Source Countries [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -535,11 +535,11 @@ "scale": "linear", "showLabel": true }, - "title": "Top Connection Source Countries [Suricata]", + "title": "Top Connection Source Countries [Suricata] ECS", "type": "tagcloud" } }, - "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c", + "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -556,8 +556,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Connection Destination Countries [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Connection Destination Countries [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -594,11 +594,11 @@ "scale": "linear", "showLabel": true }, - "title": "Top Connection Destination Countries [Suricata]", + "title": "Top Connection Destination Countries [Suricata] ECS", "type": "tagcloud" } }, - "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c", + "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -615,8 +615,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Network Protocols [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Network Protocols [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -658,11 +658,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Top Network Protocols [Suricata]", + "title": "Top Network Protocols [Suricata] ECS", "type": "pie" } }, - "id": "0a363820-86dd-11e8-b59d-21efb914e65c", + "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -749,10 +749,10 @@ "@timestamp", "desc" ], - "title": "Host Stats [Suricata]", + "title": "Host Stats [Suricata] ECS", "version": 1 }, - "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c", + "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", "type": "search", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -787,7 +787,7 @@ "x": 0, "y": 0 }, - "id": "c7d46c60-86da-11e8-b59d-21efb914e65c", + "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -801,7 +801,7 @@ "x": 0, "y": 20 }, - "id": "0a0aa630-86db-11e8-b59d-21efb914e65c", + "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "2", "type": "visualization", "version": "6.3.0" @@ -815,7 +815,7 @@ "x": 19, "y": 20 }, - "id": "728f64c0-86db-11e8-b59d-21efb914e65c", + "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "3", "type": "visualization", "version": "6.3.0" @@ -829,7 +829,7 @@ "x": 0, "y": 10 }, - "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c", + "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "4", "type": "visualization", "version": "6.3.0" @@ -843,7 +843,7 @@ "x": 0, "y": 34 }, - "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "5", "type": "search", "version": "6.3.0" @@ -857,7 +857,7 @@ "x": 30, "y": 20 }, - "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c", + "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "6", "type": "visualization", "version": "6.3.0" @@ -871,7 +871,7 @@ "x": 39, "y": 20 }, - "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c", + "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "7", "type": "visualization", "version": "6.3.0" @@ -885,7 +885,7 @@ "x": 9, "y": 20 }, - "id": "0a363820-86dd-11e8-b59d-21efb914e65c", + "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", "panelIndex": "8", "type": "visualization", "version": "6.3.0" @@ -899,17 +899,17 @@ "x": 0, "y": 53 }, - "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c", + "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", "panelIndex": "9", "type": "search", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Suricata] Events Overview", + "title": "[Suricata] Events Overview ECS", "version": 1 }, - "id": "78289c40-86da-11e8-b59d-21efb914e65c", + "id": "78289c40-86da-11e8-b59d-21efb914e65c-ecs", "type": "dashboard", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 diff --git a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json index 598b17a56fd3..5fd7816eb982 100644 --- a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json +++ b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Destination Geo [SIEM Zeek]", + "title": "Destination Geo [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -72,11 +72,11 @@ } } }, - "title": "Destination Geo [SIEM Zeek]", + "title": "Destination Geo [SIEM Zeek] ECS", "type": "tile_map" } }, - "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8", + "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:27:37.758Z", "version": 1 @@ -94,7 +94,7 @@ } } }, - "title": "Network Transport [SIEM Zeek]", + "title": "Network Transport [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -136,11 +136,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Transport [SIEM Zeek]", + "title": "Network Transport [SIEM Zeek] ECS", "type": "pie" } }, - "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8", + "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:30:28.271Z", "version": 1 @@ -158,7 +158,7 @@ } } }, - "title": "Network Application [SIEM Zeek]", + "title": "Network Application [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -200,11 +200,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Application [SIEM Zeek]", + "title": "Network Application [SIEM Zeek] ECS", "type": "pie" } }, - "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8", + "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:31:43.959Z", "version": 1 @@ -222,7 +222,7 @@ } } }, - "title": "Network Traffic Direction [SIEM Zeek]", + "title": "Network Traffic Direction [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -264,11 +264,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Traffic Direction [SIEM Zeek]", + "title": "Network Traffic Direction [SIEM Zeek] ECS", "type": "pie" } }, - "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8", + "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:32:46.436Z", "version": 1 @@ -286,7 +286,7 @@ } } }, - "title": "Top DNS Domains [SIEM Zeek]", + "title": "Top DNS Domains [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -328,11 +328,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top DNS Domains [SIEM Zeek]", + "title": "Top DNS Domains [SIEM Zeek] ECS", "type": "pie" } }, - "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8", + "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:51:30.288Z", "version": 1 @@ -350,7 +350,7 @@ } } }, - "title": "Top URL Domain [SIEM Zeek]", + "title": "Top URL Domain [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -392,11 +392,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top URL Domain [SIEM Zeek]", + "title": "Top URL Domain [SIEM Zeek] ECS", "type": "pie" } }, - "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8", + "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:53:10.300Z", "version": 1 @@ -414,7 +414,7 @@ } } }, - "title": "Top SSL Server [SIEM Zeek]", + "title": "Top SSL Server [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -456,11 +456,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top SSL Server [SIEM Zeek]", + "title": "Top SSL Server [SIEM Zeek] ECS", "type": "pie" } }, - "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8", + "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:54:11.067Z", "version": 1 @@ -477,7 +477,7 @@ } } }, - "title": "Time Series Count [SIEM Zeek]", + "title": "Time Series Count [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -534,11 +534,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Time Series Count [SIEM Zeek]", + "title": "Time Series Count [SIEM Zeek] ECS", "type": "metrics" } }, - "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25", + "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", "type": "visualization", "updated_at": "2019-01-17T07:56:26.486Z", "version": 74 @@ -577,7 +577,7 @@ "x": 0, "y": 0 }, - "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8", + "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "1", "type": "visualization", "version": "6.5.4" @@ -595,7 +595,7 @@ "x": 0, "y": 18 }, - "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8", + "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "2", "type": "visualization", "version": "6.5.4" @@ -613,7 +613,7 @@ "x": 16, "y": 18 }, - "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8", + "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "3", "type": "visualization", "version": "6.5.4" @@ -631,7 +631,7 @@ "x": 33, "y": 18 }, - "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8", + "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "4", "type": "visualization", "version": "6.5.4" @@ -645,7 +645,7 @@ "x": 0, "y": 28 }, - "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8", + "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "5", "type": "visualization", "version": "6.5.4" @@ -659,7 +659,7 @@ "x": 16, "y": 28 }, - "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8", + "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "6", "type": "visualization", "version": "6.5.4" @@ -673,7 +673,7 @@ "x": 33, "y": 28 }, - "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8", + "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "7", "type": "visualization", "version": "6.5.4" @@ -687,17 +687,17 @@ "x": 0, "y": 39 }, - "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25", + "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", "panelIndex": "8", "type": "visualization", "version": "6.5.4" } ], "timeRestore": false, - "title": "Zeek Overview Dashboard [SIEM]", + "title": "Zeek Overview Dashboard [SIEM] ECS", "version": 1 }, - "id": "87b0c430-1a2d-11e9-84b1-a12c578fa9e8", + "id": "87b0c430-1a2d-11e9-84b1-a12c578fa9e8-ecs", "type": "dashboard", "updated_at": "2019-01-17T07:57:50.613Z", "version": 2 diff --git a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json index 28396b84e0dc..960ee7cdebd4 100644 --- a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json +++ b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json @@ -12,7 +12,7 @@ } } }, - "title": "AWS EC2 DiskIO Write Bytes", + "title": "AWS EC2 DiskIO Write Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -44,7 +44,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 DiskIO Write Bytes", + "label": "AWS EC2 DiskIO Write Bytes ECS", "line_width": 1, "metrics": [ { @@ -70,11 +70,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 DiskIO Write Bytes", + "title": "AWS EC2 DiskIO Write Bytes ECS", "type": "metrics" } }, - "id": "fed59380-f7f8-11e8-af03-c999c9dea608", + "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:15:43.416Z", "version": 1 @@ -91,7 +91,7 @@ } } }, - "title": "AWS EC2 Status Check Failed", + "title": "AWS EC2 Status Check Failed ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -151,11 +151,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "AWS EC2 Status Check Failed", + "title": "AWS EC2 Status Check Failed ECS", "type": "metrics" } }, - "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608", + "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:13:01.875Z", "version": 1 @@ -172,7 +172,7 @@ } } }, - "title": "AWS EC2 Network In Bytes", + "title": "AWS EC2 Network In Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -204,7 +204,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 Network In Bytes", + "label": "AWS EC2 Network In Bytes ECS", "line_width": 1, "metrics": [ { @@ -230,11 +230,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 Network In Bytes", + "title": "AWS EC2 Network In Bytes ECS", "type": "metrics" } }, - "id": "15818fd0-f7f9-11e8-af03-c999c9dea608", + "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:16:21.453Z", "version": 1 @@ -251,7 +251,7 @@ } } }, - "title": "AWS EC2 Network Out Bytes", + "title": "AWS EC2 Network Out Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -283,7 +283,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 Network Out Bytes", + "label": "AWS EC2 Network Out Bytes ECS", "line_width": 1, "metrics": [ { @@ -309,11 +309,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 Network Out Bytes", + "title": "AWS EC2 Network Out Bytes ECS", "type": "metrics" } }, - "id": "233b3400-f7f9-11e8-af03-c999c9dea608", + "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:16:44.480Z", "version": 1 @@ -330,7 +330,7 @@ } } }, - "title": "AWS EC2 DiskIO Read Bytes", + "title": "AWS EC2 DiskIO Read Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -362,7 +362,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 DiskIO Read Bytes", + "label": "AWS EC2 DiskIO Read Bytes ECS", "line_width": 1, "metrics": [ { @@ -388,11 +388,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 DiskIO Read Bytes", + "title": "AWS EC2 DiskIO Read Bytes ECS", "type": "metrics" } }, - "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608", + "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:15:21.644Z", "version": 1 @@ -409,7 +409,7 @@ } } }, - "title": "AWS EC2 CPU Utilization", + "title": "AWS EC2 CPU Utilization ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -441,7 +441,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 CPU Utilization", + "label": "AWS EC2 CPU Utilization ECS", "line_width": 1, "metrics": [ { @@ -467,11 +467,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 CPU Utilization", + "title": "AWS EC2 CPU Utilization ECS", "type": "metrics" } }, - "id": "be8828d0-f7f6-11e8-af03-c999c9dea608", + "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:14:42.745Z", "version": 4 @@ -504,7 +504,7 @@ "x": 24, "y": 15 }, - "id": "fed59380-f7f8-11e8-af03-c999c9dea608", + "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "3", "type": "visualization", "version": "6.5.0" @@ -518,7 +518,7 @@ "x": 36, "y": 0 }, - "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608", + "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "5", "type": "visualization", "version": "6.5.0" @@ -532,7 +532,7 @@ "x": 0, "y": 30 }, - "id": "15818fd0-f7f9-11e8-af03-c999c9dea608", + "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", "panelIndex": "11", "type": "visualization", "version": "6.5.0" @@ -546,7 +546,7 @@ "x": 24, "y": 30 }, - "id": "233b3400-f7f9-11e8-af03-c999c9dea608", + "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", "panelIndex": "12", "type": "visualization", "version": "6.5.0" @@ -560,7 +560,7 @@ "x": 0, "y": 15 }, - "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608", + "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "15", "type": "visualization", "version": "6.5.0" @@ -574,17 +574,17 @@ "x": 0, "y": 0 }, - "id": "be8828d0-f7f6-11e8-af03-c999c9dea608", + "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", "panelIndex": "17", "type": "visualization", "version": "6.5.0" } ], "timeRestore": false, - "title": "[Metricbeat AWS] EC2 Overview", + "title": "[Metricbeat AWS] EC2 Overview ECS", "version": 1 }, - "id": "c5846400-f7fb-11e8-af03-c999c9dea608", + "id": "c5846400-f7fb-11e8-af03-c999c9dea608-ecs", "type": "dashboard", "updated_at": "2018-12-04T19:35:35.744Z", "version": 1 diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json index b7aa409efc69..b65a2604be40 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json @@ -13,7 +13,7 @@ } } }, - "title": "User Connections [Metricbeat MSSQL]", + "title": "User Connections [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -119,11 +119,11 @@ } ] }, - "title": "User Connections [Metricbeat MSSQL]", + "title": "User Connections [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "7784db10-18ba-11e9-9836-f37dedd3b411", + "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:43.827Z", "version": 8 @@ -141,7 +141,7 @@ } } }, - "title": "Transactions [Metricbeat MSSQL]", + "title": "Transactions [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -247,11 +247,11 @@ } ] }, - "title": "Transactions [Metricbeat MSSQL]", + "title": "Transactions [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "910f3f30-18ba-11e9-9836-f37dedd3b411", + "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:34.757Z", "version": 8 @@ -269,7 +269,7 @@ } } }, - "title": "Lock Waits/sec [Metricbeat MSSQL]", + "title": "Lock Waits/sec [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -375,11 +375,11 @@ } ] }, - "title": "Lock Waits/sec [Metricbeat MSSQL]", + "title": "Lock Waits/sec [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411", + "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:24.139Z", "version": 7 @@ -397,7 +397,7 @@ } } }, - "title": "Batch Requests/sec [Metricbeat MSSQL]", + "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -508,11 +508,11 @@ } ] }, - "title": "Batch Requests/sec [Metricbeat MSSQL]", + "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "b29a2160-18ba-11e9-9836-f37dedd3b411", + "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:03:10.853Z", "version": 9 @@ -530,7 +530,7 @@ } } }, - "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL]", + "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -639,11 +639,11 @@ } ] }, - "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL]", + "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "2e795230-1b2a-11e9-8b36-136038bb307a", + "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:16.184Z", "version": 8 @@ -680,7 +680,7 @@ "x": 0, "y": 0 }, - "id": "7784db10-18ba-11e9-9836-f37dedd3b411", + "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "1", "title": "User Connections", "type": "visualization", @@ -699,7 +699,7 @@ "x": 16, "y": 15 }, - "id": "910f3f30-18ba-11e9-9836-f37dedd3b411", + "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "2", "title": "Transactions", "type": "visualization", @@ -718,7 +718,7 @@ "x": 32, "y": 0 }, - "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411", + "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "3", "title": "Lock Waits/sec", "type": "visualization", @@ -737,7 +737,7 @@ "x": 16, "y": 0 }, - "id": "b29a2160-18ba-11e9-9836-f37dedd3b411", + "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "4", "title": "Batch Requests/sec", "type": "visualization", @@ -752,7 +752,7 @@ "x": 0, "y": 15 }, - "id": "2e795230-1b2a-11e9-8b36-136038bb307a", + "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", "panelIndex": "5", "title": "Buffer Cache Hit Ratio", "type": "visualization", @@ -760,10 +760,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat MSSQL] Performance", + "title": "[Metricbeat MSSQL] Performance ECS", "version": 1 }, - "id": "a2ead240-18bb-11e9-9836-f37dedd3b411", + "id": "a2ead240-18bb-11e9-9836-f37dedd3b411-ecs", "type": "dashboard", "updated_at": "2019-01-22T12:55:59.857Z", "version": 11 From 1962380e50d382ee61ab5bca5f03f5a52acffff3 Mon Sep 17 00:00:00 2001 From: beats-jenkins Date: Mon, 4 Feb 2019 21:52:55 +0100 Subject: [PATCH 2/6] add skip alias false --- .../kibana/7/dashboard/Filebeat-apache.json | 2 +- .../kibana/7/dashboard/Filebeat-iis.json | 4 +- .../kibana/7/dashboard/Filebeat-mysql.json | 2 +- .../7/dashboard/Filebeat-nginx-overview.json | 4 +- .../Filebeat-Postgresql-slowlogs.json | 14 +- .../dashboard/Filebeat-traefik-overview.json | 2 +- .../7/dashboard/Journalbeat-overview.json | 210 +----------------- .../7/dashboard/Packetbeat-mongodb.json | 12 +- .../kibana/7/dashboard/Packetbeat-mysql.json | 14 +- .../7/dashboard/Packetbeat-overview.json | 4 +- .../kibana/7/dashboard/Packetbeat-pgsql.json | 14 +- .../kibana/7/dashboard/Packetbeat-thrift.json | 14 +- script/kibana-migration.py | 2 + 13 files changed, 55 insertions(+), 243 deletions(-) diff --git a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json index e4dc473a7981..565551631cda 100644 --- a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json +++ b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json @@ -186,7 +186,7 @@ "enabled": true, "id": "3", "params": { - "field": "user_agent.major", + "field": "apache2.access.user_agent.major", "order": "desc", "orderBy": "1", "size": 5 diff --git a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json index addc3b2e787c..ef507875a556 100644 --- a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json +++ b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json @@ -224,7 +224,7 @@ "enabled": true, "id": "2", "params": { - "field": "iis.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -296,7 +296,7 @@ "enabled": true, "id": "2", "params": { - "field": "iis.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 diff --git a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json index fa83715a72d9..8ac1322da081 100644 --- a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json +++ b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json @@ -28,7 +28,7 @@ "id": "1", "params": { "customLabel": "Query time", - "field": "event.duration" + "field": "mysql.slowlog.query_time.sec" }, "schema": "metric", "type": "max" diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json index ea04c8ec081c..2841bfcd99ef 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json @@ -31,7 +31,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -99,7 +99,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json index 6eb09661aa45..d2a49c416d2b 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json @@ -52,7 +52,7 @@ "id": "2", "params": { "customLabel": "Sum of query duration", - "field": "event.duration" + "field": "postgresql.log.duration" }, "schema": "metric", "type": "sum" @@ -157,7 +157,7 @@ "columns": [ "user.name", "postgresql.log.database", - "event.duration", + "postgresql.log.duration", "postgresql.log.query" ], "description": "", @@ -169,7 +169,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "event.duration:>30" + "query": "postgresql.log.duration:>30" }, "version": true } @@ -190,7 +190,7 @@ "columns": [ "user.name", "postgresql.log.database", - "event.duration", + "postgresql.log.duration", "postgresql.log.query" ], "description": "", @@ -202,7 +202,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "event.duration:*" + "query": "postgresql.log.duration:*" }, "version": true } @@ -251,7 +251,7 @@ "columns": [ "user.name", "postgresql.log.database", - "event.duration", + "postgresql.log.duration", "postgresql.log.query" ], "id": "Slow PostgreSQL Queries-ecs", @@ -270,7 +270,7 @@ "columns": [ "user.name", "postgresql.log.database", - "event.duration", + "postgresql.log.duration", "postgresql.log.query" ], "id": "PostgreSQL Query Durations-ecs", diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json index 3458afcc0861..7edb0d63278a 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json @@ -43,7 +43,7 @@ "enabled": true, "id": "3", "params": { - "field": "user_agent.major", + "field": "traefik.access.user_agent.major", "order": "desc", "orderBy": "1", "size": 5 diff --git a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json index 5a07adf9b5a2..86a18d6ccbe9 100644 --- a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json +++ b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json @@ -58,66 +58,33 @@ "version": "7.0.0" } ], -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD "timeRestore": false, - "title": "[Journalbeat] Overview", + "title": "[Journalbeat] Overview ECS", "version": 1 }, - "id": "effdfcd0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "effdfcd0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "dashboard": "7.0.0" }, "references": [ { - "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_0", "type": "search" }, { - "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_1", "type": "search" }, { - "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd", + "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_2", "type": "search" } ], "type": "dashboard", "updated_at": "2019-02-04T12:25:20.413Z", -======= - "title": "[Journalbeat] Systemd messages 7.x", -======= - "title": "[Journalbeat] Systemd messages", ->>>>>>> checkout again -======= - "title": "[Journalbeat] Systemd messages ECS", ->>>>>>> apply changes to all dashboards -======= - "title": "[Journalbeat] Systemd messages", ->>>>>>> reset dashboards -======= - "title": "[Journalbeat] Systemd messages ECS", ->>>>>>> change all dashboards -======= - "title": "[Journalbeat] Systemd messages", ->>>>>>> reset dashboards -======= - "title": "[Journalbeat] Systemd messages ECS", ->>>>>>> change dashboards - "version": 1 - }, - "id": "aa003e90-e2b9-11e8-9f52-734e93de180d-ecs", - "type": "search", - "updated_at": "2018-11-07T18:19:28.377Z", ->>>>>>> Introduce migration script for data in Kibana files "version": 1 }, { @@ -149,14 +116,7 @@ "title": "[Journalbeat] Kernel errors ECS", "version": 1 }, -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD - "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "search": "7.0.0" }, @@ -167,27 +127,6 @@ "type": "index-pattern" } ], -======= - "id": "5db75310-e2ba-11e8-9f52-734e93de180d-7x", ->>>>>>> Introduce migration script for data in Kibana files -======= - "id": "5db75310-e2ba-11e8-9f52-734e93de180d", ->>>>>>> checkout again -======= - "id": "5db75310-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> apply changes to all dashboards -======= - "id": "5db75310-e2ba-11e8-9f52-734e93de180d", ->>>>>>> reset dashboards -======= - "id": "5db75310-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> change all dashboards -======= - "id": "5db75310-e2ba-11e8-9f52-734e93de180d", ->>>>>>> reset dashboards -======= - "id": "5db75310-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> change dashboards "type": "search", "updated_at": "2019-02-04T12:19:40.092Z", "version": 1 @@ -218,17 +157,10 @@ "@timestamp", "desc" ], -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD - "title": "[Journalbeat] Authorization", + "title": "[Journalbeat] Authorization ECS", "version": 1 }, - "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "search": "7.0.0" }, @@ -239,48 +171,6 @@ "type": "index-pattern" } ], -======= - "title": "[Journalbeat] Login authorization 7.x", - "version": 1 - }, - "id": "82408120-e2ba-11e8-9f52-734e93de180d-7x", ->>>>>>> Introduce migration script for data in Kibana files -======= - "title": "[Journalbeat] Login authorization", - "version": 1 - }, - "id": "82408120-e2ba-11e8-9f52-734e93de180d", ->>>>>>> checkout again -======= - "title": "[Journalbeat] Login authorization ECS", - "version": 1 - }, - "id": "82408120-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> apply changes to all dashboards -======= - "title": "[Journalbeat] Login authorization", - "version": 1 - }, - "id": "82408120-e2ba-11e8-9f52-734e93de180d", ->>>>>>> reset dashboards -======= - "title": "[Journalbeat] Login authorization ECS", - "version": 1 - }, - "id": "82408120-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> change all dashboards -======= - "title": "[Journalbeat] Login authorization", - "version": 1 - }, - "id": "82408120-e2ba-11e8-9f52-734e93de180d", ->>>>>>> reset dashboards -======= - "title": "[Journalbeat] Login authorization ECS", - "version": 1 - }, - "id": "82408120-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> change dashboards "type": "search", "updated_at": "2019-02-04T12:20:56.412Z", "version": 1 @@ -310,17 +200,10 @@ "@timestamp", "desc" ], -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD - "title": "[Journalbeat] Systemd messages", + "title": "[Journalbeat] Systemd messages ECS", "version": 1 }, - "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd", + "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "search": "7.0.0" }, @@ -331,82 +214,9 @@ "type": "index-pattern" } ], -======= - "title": "[Journalbeat] USB and HID messages 7.x", - "version": 1 - }, - "id": "f0232670-e2ba-11e8-9f52-734e93de180d-7x", ->>>>>>> Introduce migration script for data in Kibana files -======= - "title": "[Journalbeat] USB and HID messages", - "version": 1 - }, - "id": "f0232670-e2ba-11e8-9f52-734e93de180d", ->>>>>>> checkout again -======= - "title": "[Journalbeat] USB and HID messages ECS", - "version": 1 - }, - "id": "f0232670-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> apply changes to all dashboards -======= - "title": "[Journalbeat] USB and HID messages", - "version": 1 - }, - "id": "f0232670-e2ba-11e8-9f52-734e93de180d", ->>>>>>> reset dashboards -======= - "title": "[Journalbeat] USB and HID messages ECS", - "version": 1 - }, - "id": "f0232670-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> change all dashboards -======= - "title": "[Journalbeat] USB and HID messages", - "version": 1 - }, - "id": "f0232670-e2ba-11e8-9f52-734e93de180d", ->>>>>>> reset dashboards -======= - "title": "[Journalbeat] USB and HID messages ECS", - "version": 1 - }, - "id": "f0232670-e2ba-11e8-9f52-734e93de180d-ecs", ->>>>>>> change dashboards "type": "search", "updated_at": "2019-02-04T12:22:19.508Z", "version": 1 -<<<<<<< HEAD -======= - }, - { - "attributes": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "query": { - "language": "lucene", - "query": "" - } - } - }, - "optionsJSON": { - "darkTheme": false, - "hidePanelTitles": false, - "useMargins": true - }, - "panelsJSON": null, - "timeRestore": false, - "title": "[Journalbeat] Overview ECS", - "version": 1 - }, - "id": "f2de4440-e2b9-11e8-9f52-734e93de180d-ecs", - "type": "dashboard", - "updated_at": "2018-11-07T18:30:18.083Z", - "version": 2 ->>>>>>> Introduce migration script for data in Kibana files } ], "version": "7.0.0" diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json index 47a3dc369be5..3059b71ff108 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json @@ -97,7 +97,7 @@ "enabled": true, "id": "4", "params": { - "field": "http.request.method", + "field": "method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -246,7 +246,7 @@ "enabled": true, "id": "3", "params": { - "field": "http.request.method", + "field": "method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -1112,9 +1112,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status", "query" @@ -1192,9 +1192,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status", "query" diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json index 20493e53833f..65a0672a8944 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json @@ -171,7 +171,7 @@ "enabled": true, "id": "3", "params": { - "field": "http.request.method", + "field": "method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -745,14 +745,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "http.request.method: SELECT" + "query": "method: SELECT" } } } }, { "input": { - "query": "http.request.method: INSERT OR http.request.method: UPDATE OR http.request.method: DELETE" + "query": "method: INSERT OR method: UPDATE OR method: DELETE" } } ] @@ -852,9 +852,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status" ], @@ -956,9 +956,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status" ], diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json index 8a1fc15bcc92..592341242bee 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json @@ -1411,7 +1411,7 @@ "server.port", "event.dataset", "query", - "http.request.method", + "method", "event.duration", "status" ], @@ -1490,7 +1490,7 @@ "server.port", "event.dataset", "query", - "http.request.method", + "method", "event.duration", "status" ], diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json index 4200feb29bf7..d33eae639882 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json @@ -207,7 +207,7 @@ "enabled": true, "id": "3", "params": { - "field": "http.request.method", + "field": "method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -624,14 +624,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "http.request.method: SELECT" + "query": "method: SELECT" } } } }, { "input": { - "query": "http.request.method: INSERT OR http.request.method: UPDATE OR http.request.method: DELETE" + "query": "method: INSERT OR method: UPDATE OR method: DELETE" } } ] @@ -876,9 +876,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status" ], @@ -975,9 +975,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status" ], diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json index f24a152cc7f0..92761197e562 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json @@ -188,7 +188,7 @@ "enabled": true, "id": "2", "params": { - "field": "http.request.method", + "field": "method", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -371,7 +371,7 @@ { "id": "2", "params": { - "field": "http.request.method", + "field": "method", "order": "desc", "orderBy": "1", "size": 5 @@ -424,7 +424,7 @@ { "id": "2", "params": { - "field": "http.request.method", + "field": "method", "order": "desc", "orderBy": "1", "size": 5 @@ -452,9 +452,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status" ], @@ -530,9 +530,9 @@ { "attributes": { "columns": [ - "http.request.method", + "method", "type", - "url.path", + "path", "event.duration", "status" ], diff --git a/script/kibana-migration.py b/script/kibana-migration.py index 59c1c4db25b5..bd7a8cd39ed2 100644 --- a/script/kibana-migration.py +++ b/script/kibana-migration.py @@ -46,6 +46,8 @@ def read_migration_fields(): if "to" in k and "from" in k: if "rename" in k and k["rename"] is False: continue + if k["alias"] == False: + continue if not isinstance(k["to"], basestring): continue From 837d330827899c64bc78e6397e7332bc42d37988 Mon Sep 17 00:00:00 2001 From: beats-jenkins Date: Tue, 5 Feb 2019 14:47:56 +0100 Subject: [PATCH 3/6] one more migration take --- .../Metricbeat-haproxy-visualizations.json | 12 ++-- .../Metricbeat-mssql-transaction_log.json | 68 +++++++++---------- 2 files changed, 40 insertions(+), 40 deletions(-) diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json index 0c89814c26ac..56dc83d07d3d 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json @@ -240,7 +240,7 @@ "id": "978f2660-4735-11e8-b619-8f82b8185e96" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'process.name:\"{{ key }}\"'))", "filter": "haproxy.stat.component_type:(2 OR 3)", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", @@ -272,7 +272,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "haproxy.stat.service_name" + "terms_field": "process.name" } ], "show_grid": 1, @@ -955,7 +955,7 @@ "split_color_mode": "gradient", "split_mode": "everything", "stacked": "none", - "terms_field": "haproxy.stat.service_name" + "terms_field": "process.name" } ], "show_grid": 1, @@ -1023,7 +1023,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "haproxy.stat.service_name" + "terms_field": "process.name" } ], "show_grid": 1, @@ -1159,7 +1159,7 @@ "id": "50830800-47d9-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'process.name:\"{{ key }}\"'))", "filter": "", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "ignore_global_filter": 0, @@ -1188,7 +1188,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "haproxy.stat.service_name", + "terms_field": "process.name", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417", "terms_size": "20", "var_name": "" diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json index 8573af8504e3..d99542201283 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json @@ -12,7 +12,7 @@ } } }, - "title": "Recovery size of transaction log [Metricbeat MSSQL]", + "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -59,11 +59,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Recovery size of transaction log [Metricbeat MSSQL]", + "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -83,7 +83,7 @@ } } }, - "title": "Transaction log size since last checkpoint [Metricbeat MSSQL]", + "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -124,11 +124,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Transaction log size since last checkpoint [Metricbeat MSSQL]", + "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b", + "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -148,7 +148,7 @@ } } }, - "title": "Percentage of used space of transaction log [Metricbeat MSSQL]", + "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -189,11 +189,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Percentage of used space of transaction log [Metricbeat MSSQL]", + "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -213,7 +213,7 @@ } } }, - "title": "Log space size since last backup [Metricbeat MSSQL]", + "title": "Log space size since last backup [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -254,11 +254,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Log space size since last backup [Metricbeat MSSQL]", + "title": "Log space size since last backup [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b", + "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -278,7 +278,7 @@ } } }, - "title": "Active size of transaction log [Metricbeat MSSQL]", + "title": "Active size of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -319,11 +319,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Active size of transaction log [Metricbeat MSSQL]", + "title": "Active size of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -343,7 +343,7 @@ } } }, - "title": "Used space of transaction log [Metricbeat MSSQL]", + "title": "Used space of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -384,11 +384,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Used space of transaction log [Metricbeat MSSQL]", + "title": "Used space of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -408,7 +408,7 @@ } } }, - "title": "Total log space usage [Metricbeat MSSQL]", + "title": "Total log space usage [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -449,11 +449,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Total log space usage [Metricbeat MSSQL]", + "title": "Total log space usage [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b", + "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -473,7 +473,7 @@ } } }, - "title": "Database selector [Metricbeat MSSQL]", + "title": "Database selector [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -500,11 +500,11 @@ "updateFiltersOnChange": false, "useTimeFilter": false }, - "title": "Database selector [Metricbeat MSSQL]", + "title": "Database selector [Metricbeat MSSQL] ECS", "type": "input_control_vis" } }, - "id": "82bf9480-260b-11e9-a46a-471d2a76b305", + "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -540,7 +540,7 @@ "x": 0, "y": 12 }, - "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "1", "title": "Recovery size of transaction log", "type": "visualization", @@ -555,7 +555,7 @@ "x": 24, "y": 24 }, - "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b", + "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "2", "title": "Transaction log size since last checkpoint", "type": "visualization", @@ -570,7 +570,7 @@ "x": 30, "y": 0 }, - "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "3", "title": "Percentage of used space of transaction log", "type": "visualization", @@ -585,7 +585,7 @@ "x": 0, "y": 37 }, - "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b", + "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "4", "title": "Log space size since last backup", "type": "visualization", @@ -600,7 +600,7 @@ "x": 0, "y": 24 }, - "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "5", "title": "Active size of transaction log", "type": "visualization", @@ -615,7 +615,7 @@ "x": 24, "y": 12 }, - "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "6", "title": "Used space of transaction log", "type": "visualization", @@ -630,7 +630,7 @@ "x": 12, "y": 0 }, - "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b", + "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "7", "title": "Total log space usage", "type": "visualization", @@ -645,17 +645,17 @@ "x": 0, "y": 0 }, - "id": "82bf9480-260b-11e9-a46a-471d2a76b305", + "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Metricbeat MSSQL] Transaction log", + "title": "[Metricbeat MSSQL] Transaction log ECS", "version": 1 }, - "id": "18d66970-1fb4-11e9-8a4d-eb34d2834f6b", + "id": "18d66970-1fb4-11e9-8a4d-eb34d2834f6b-ecs", "type": "dashboard", "updated_at": "2019-02-01T10:39:36.585Z", "version": 3 From b2ed7b11bfcbad2b5bdd7f36285ef358b61c79b4 Mon Sep 17 00:00:00 2001 From: beats-jenkins Date: Tue, 5 Feb 2019 21:45:35 +0100 Subject: [PATCH 4/6] update all dashboards --- .../auditbeat-kernel-executions.json | 84 +-- .../dashboard/auditbeat-kernel-overview.json | 64 +- .../7/dashboard/auditbeat-kernel-sockets.json | 184 ++--- .../7/dashboard/auditbeat-file-integrity.json | 250 +++---- .../kibana/7/dashboard/Filebeat-apache.json | 120 ++-- .../kibana/7/dashboard/Filebeat-auditd.json | 90 +-- .../dashboard/Filebeat-haproxy-overview.json | 92 +-- .../dashboard/Filebeat-icinga-debug-log.json | 64 +- .../7/dashboard/Filebeat-icinga-main-log.json | 64 +- .../Filebeat-icinga-startup-errors.json | 34 +- .../kibana/7/dashboard/Filebeat-iis.json | 146 ++-- .../7/dashboard/Filebeat-Kafka-overview.json | 98 +-- .../7/dashboard/Filebeat-logstash-log.json | 76 +- .../dashboard/Filebeat-logstash-slowlog.json | 116 ++-- .../dashboard/Filebeat-Mongodb-overview.json | 46 +- .../kibana/7/dashboard/Filebeat-mysql.json | 152 ++-- .../7/dashboard/Filebeat-nginx-logs.json | 54 +- .../7/dashboard/Filebeat-nginx-overview.json | 132 ++-- ...nginx-access-remote-ip-count-explorer.json | 102 +-- .../ml-nginx-remote-ip-url-explorer.json | 100 +-- .../7/dashboard/osquery-compliance.json | 152 ++-- .../kibana/7/dashboard/osquery-rootkit.json | 92 +-- .../Filebeat-Postgresql-overview.json | 68 +- .../Filebeat-Postgresql-slowlogs.json | 60 +- .../kibana/7/dashboard/Filebeat-redis.json | 118 ++-- .../filebeat-santa-log-overview.json | 198 +++--- .../Filebeat-auth-sudo-commands.json | 74 +- .../Filebeat-new-users-and-groups.json | 136 ++-- .../Filebeat-ssh-login-attempts.json | 90 +-- .../kibana/7/dashboard/Filebeat-syslog.json | 60 +- .../dashboard/Filebeat-traefik-overview.json | 110 +-- ...aefik-access-remote-ip-count-explorer.json | 102 +-- .../ml-traefik-remote-ip-url-explorer.json | 100 +-- .../7/dashboard/Journalbeat-overview.json | 50 +- .../dashboard/Metricbeat-apache-overview.json | 158 ++--- .../dashboard/Metricbeat-docker-overview.json | 168 ++--- .../dashboard/Metricbeat-golang-overview.json | 70 +- .../dashboard/Metricbeat-haproxy-backend.json | 34 +- .../Metricbeat-haproxy-frontend.json | 18 +- .../Metricbeat-haproxy-http-backend.json | 42 +- .../Metricbeat-haproxy-http-frontend.json | 22 +- .../Metricbeat-haproxy-http-server.json | 34 +- .../Metricbeat-haproxy-overview.json | 26 +- .../Metricbeat-haproxy-visualizations.json | 280 ++++---- .../dashboard/Metricbeat-kafka-overview.json | 210 +++--- .../Metricbeat-kubernetes-apiserver.json | 70 +- .../Metricbeat-kubernetes-overview.json | 248 +++---- .../Metricbeat-mongodb-overview.json | 242 +++---- .../dashboard/Metricbeat-mysql-overview.json | 148 ++-- .../7/dashboard/Metricbeat-nats-overview.json | 346 +++++----- .../dashboard/metricbeat-nginx-overview.json | 104 +-- .../Metricbeat-rabbitmq-overview.json | 90 +-- .../7/dashboard/Metricbeat-redis-keys.json | 164 ++--- .../dashboard/Metricbeat-redis-overview.json | 148 ++-- .../Metricbeat-containers-overview.json | 100 +-- .../7/dashboard/Metricbeat-host-overview.json | 428 ++++++------ .../dashboard/Metricbeat-system-overview.json | 194 +++--- .../dashboard/Metricbeat-uwsgi-overview.json | 58 +- .../dashboard/metricbeat-windows-service.json | 132 ++-- .../Metricbeat-zookeeper-overview.json | 100 +-- .../7/dashboard/Packetbeat-cassandra.json | 210 +++--- .../kibana/7/dashboard/Packetbeat-dhcpv4.json | 144 ++-- .../7/dashboard/Packetbeat-dns-overview.json | 186 ++--- .../7/dashboard/Packetbeat-dns-tunneling.json | 112 +-- .../kibana/7/dashboard/Packetbeat-flows.json | 142 ++-- .../kibana/7/dashboard/Packetbeat-http.json | 192 +++--- .../7/dashboard/Packetbeat-mongodb.json | 280 ++++---- .../kibana/7/dashboard/Packetbeat-mysql.json | 244 +++---- .../kibana/7/dashboard/Packetbeat-nfs.json | 242 +++---- .../7/dashboard/Packetbeat-overview.json | 378 +++++----- .../kibana/7/dashboard/Packetbeat-pgsql.json | 240 +++---- .../kibana/7/dashboard/Packetbeat-thrift.json | 158 ++--- .../kibana/7/dashboard/Packetbeat-tls.json | 320 ++++----- .../7/dashboard/Winlogbeat-overview.json | 516 +++----------- .../auditbeat-system-host-dashboard.json | 232 +++---- .../auditbeat-system-login-dashboard.json | 268 ++++---- .../auditbeat-system-overview-dashboard.json | 648 +++++++++--------- .../auditbeat-system-package-dashboard.json | 268 ++++---- .../auditbeat-system-process-dashboard.json | 296 ++++---- .../auditbeat-system-socket-dashboard.json | 354 +++++----- .../auditbeat-system-user-dashboard.json | 270 ++++---- .../dashboard/Filebeat-Iptables-Overview.json | 148 ++-- ...t-Iptables-Ubiquiti-Firewall-Overview.json | 154 ++--- .../Filebeat-Suricata-Alert-Overview.json | 146 ++-- .../dashboard/Filebeat-Suricata-Overview.json | 204 +++--- .../7/dashboard/Filebeat-Zeek-Overview.json | 148 ++-- .../Metricbeat-aws-ec2-overview.json | 104 +-- .../Metricbeat-mssql-performance.json | 150 ++-- .../Metricbeat-mssql-transaction_log.json | 136 ++-- 89 files changed, 6818 insertions(+), 7184 deletions(-) diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json index 6fe85f307d86..51f31e2258f0 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json @@ -15,7 +15,7 @@ "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", "title": "Error Codes [Auditbeat Auditd Executions] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -44,16 +44,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Error Codes [Auditbeat Auditd Executions] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:10:23.921Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -70,7 +70,7 @@ }, "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -78,7 +78,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -90,7 +90,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -100,13 +100,13 @@ "scale": "linear" }, "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", - "type": "tagcloud" + "winlog.api": "tagcloud" } }, "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:12:18.730Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -123,7 +123,7 @@ "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -131,7 +131,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -143,7 +143,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -153,13 +153,13 @@ "scale": "linear" }, "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", - "type": "tagcloud" + "winlog.api": "tagcloud" } }, "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:57:41.411Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -187,16 +187,16 @@ "negate": false, "params": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -213,16 +213,16 @@ "negate": false, "params": { "query": "executed", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "executed" }, "query": { "match": { "event.action": { "query": "executed", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -234,7 +234,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -242,12 +242,12 @@ "desc" ], "title": "Process Executions [Auditbeat Auditd] ECS", - "version": 1 + "winlog.version": 1 }, "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-16T22:26:35.050Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -261,7 +261,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -279,8 +279,8 @@ }, "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -292,8 +292,8 @@ }, "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -305,8 +305,8 @@ }, "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -318,19 +318,19 @@ }, "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", "panelIndex": "6", - "type": "search", - "version": "6.2.4" + "winlog.api": "search", + "winlog.version": "6.2.4" } ], "timeRestore": false, "title": "[Auditbeat Auditd] Executions ECS", - "version": 1 + "winlog.version": 1 }, "id": "7de391b0-c1ca-11e7-8995-936807a28b16-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-16T22:58:11.243Z", - "version": 5 + "winlog.version": 5 } ], - "version": "6.2.4" + "winlog.version": "6.2.4" } \ No newline at end of file diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json index fcad7083c3f2..db12601a14a4 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json @@ -8,7 +8,7 @@ }, "title": "Event Actions [Auditbeat Auditd Overview] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -50,7 +50,7 @@ "metrics": [ { "id": "6b9fb2d0-c1bc-11e7-938f-ab0645b6c431", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -63,16 +63,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Event Actions [Auditbeat Auditd Overview] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:11:01.438Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -90,7 +90,7 @@ "savedSearchId": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", "title": "Event Categories [Auditbeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -98,7 +98,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -111,7 +111,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -124,7 +124,7 @@ "size": 20 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -132,16 +132,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Event Categories [Auditbeat Auditd] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:54:10.330Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -173,16 +173,16 @@ "negate": false, "params": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -194,7 +194,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -202,12 +202,12 @@ "desc" ], "title": "Audit Event Table [Auditbeat Auditd] ECS", - "version": 1 + "winlog.version": 1 }, "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-16T22:51:24.572Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -221,7 +221,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -239,8 +239,8 @@ }, "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -252,8 +252,8 @@ }, "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -265,19 +265,19 @@ }, "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", "panelIndex": "5", - "type": "search", - "version": "6.2.4" + "winlog.api": "search", + "winlog.version": "6.2.4" } ], "timeRestore": false, "title": "[Auditbeat Auditd] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "c0ac2c00-c1c0-11e7-8995-936807a28b16-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-16T22:55:17.775Z", - "version": 5 + "winlog.version": 5 } ], - "version": "6.2.4" + "winlog.version": "6.2.4" } \ No newline at end of file diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json index 5df146f04137..dc84cc075871 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json @@ -19,16 +19,16 @@ "negate": true, "params": { "query": "0", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "0" }, "query": { "match": { "auditd.summary.object.secondary": { "query": "0", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -52,7 +52,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -60,7 +60,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -73,7 +73,7 @@ "size": 50 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -86,7 +86,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -99,7 +99,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -114,13 +114,13 @@ "totalFunc": "sum" }, "title": "Bind (non-ephemeral) [Auditbeat Auditd] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:08:02.522Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -146,7 +146,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -154,7 +154,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -167,7 +167,7 @@ "size": 50 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -180,7 +180,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -193,7 +193,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -208,13 +208,13 @@ "totalFunc": "sum" }, "title": "Connect [Auditbeat Auditd] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T23:24:16.851Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -246,7 +246,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -257,7 +257,7 @@ "field": "auditd.summary.object.primary" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -270,7 +270,7 @@ "size": 50 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -283,7 +283,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -298,13 +298,13 @@ "totalFunc": "sum" }, "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:16:51.535Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -314,7 +314,7 @@ }, "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -330,7 +330,7 @@ "id": "2cebb0c0-c252-11e7-8a68-93ffe9ec5950" } ], - "filter": "auditd.summary.object.type:socket", + "filter": "auditd.summary.object.winlog.api:socket", "gauge_color_rules": [ { "id": "6c891740-c252-11e7-8a68-93ffe9ec5950" @@ -356,7 +356,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -369,16 +369,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:13:38.857Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -395,7 +395,7 @@ }, "title": "Socket Families [Auditbeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -403,7 +403,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -416,7 +416,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -429,7 +429,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -437,16 +437,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "left", - "type": "pie" + "winlog.api": "pie" }, "title": "Socket Families [Auditbeat Auditd] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-16T22:12:51.655Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -475,16 +475,16 @@ "negate": false, "params": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -501,16 +501,16 @@ "negate": false, "params": { "query": "bind", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "bind" }, "query": { "match": { "auditd.data.syscall": { "query": "bind", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -527,16 +527,16 @@ "negate": true, "params": { "query": "netlink", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "netlink" }, "query": { "match": { "auditd.data.socket.family": { "query": "netlink", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -548,7 +548,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -556,12 +556,12 @@ "desc" ], "title": "Socket Binds [Auditbeat Auditd] ECS", - "version": 1 + "winlog.version": 1 }, "id": "b4c93470-c240-11e7-8692-232bd1143e8a-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-16T23:05:58.935Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -591,16 +591,16 @@ "negate": false, "params": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -617,16 +617,16 @@ "negate": false, "params": { "query": "connected-to", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "connected-to" }, "query": { "match": { "event.action": { "query": "connected-to", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -644,7 +644,7 @@ "index": "auditbeat-*", "key": "auditd.summary.object.primary", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -655,7 +655,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -663,12 +663,12 @@ "desc" ], "title": "Socket Connects [Auditbeat Auditd] ECS", - "version": 1 + "winlog.version": 1 }, "id": "5438b030-c246-11e7-8692-232bd1143e8a-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-16T23:09:43.937Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -697,16 +697,16 @@ "negate": false, "params": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -723,16 +723,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "auditd.summary.object.type": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -750,7 +750,7 @@ "index": "auditbeat-*", "key": "auditd.summary.object.primary", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } }, @@ -764,7 +764,7 @@ "index": "auditbeat-*", "key": "query", "negate": false, - "type": "custom", + "winlog.api": "custom", "value": "{\"terms\":{\"auditd.data.syscall\":[\"accept\",\"accept4\",\"recvfrom\",\"recvmsg\"]}}" }, "query": { @@ -785,7 +785,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -793,12 +793,12 @@ "desc" ], "title": "Socket Accept / Recvfrom [Auditbeat Auditd] ECS", - "version": 1 + "winlog.version": 1 }, "id": "e8734160-c24c-11e7-8692-232bd1143e8a-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-16T23:20:51.403Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -812,7 +812,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -840,8 +840,8 @@ }, "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "embeddableConfig": { @@ -863,8 +863,8 @@ }, "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "embeddableConfig": { @@ -886,8 +886,8 @@ }, "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -899,8 +899,8 @@ }, "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -912,19 +912,19 @@ }, "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" } ], "timeRestore": false, "title": "[Auditbeat Auditd] Sockets ECS", - "version": 1 + "winlog.version": 1 }, "id": "693a5f40-c243-11e7-8692-232bd1143e8a-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-16T23:24:37.521Z", - "version": 4 + "winlog.version": 4 } ], - "version": "6.2.4" + "winlog.version": "6.2.4" } \ No newline at end of file diff --git a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json index 3031ed319413..d2c5e5c7a115 100644 --- a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json +++ b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json @@ -28,7 +28,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -38,7 +38,7 @@ "customLabel": "" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -51,7 +51,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -91,20 +91,20 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": true }, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Actions [Auditbeat File Integrity] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "AV0tVcg6g1PYniApZa-v-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -128,7 +128,7 @@ "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "title": "Events Over Time [Auditbeat File Integrity] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -136,7 +136,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -149,7 +149,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -162,7 +162,7 @@ "size": 10 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -178,14 +178,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 5 minutes" }, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -205,12 +205,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -225,25 +225,25 @@ "scale": { "defaultYExtents": true, "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Events Over Time [Auditbeat File Integrity] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "AV0tV05vg1PYniApZbA2-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -267,7 +267,7 @@ "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "title": "Top owners [Auditbeat File Integrity] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -275,7 +275,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -288,7 +288,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -296,16 +296,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top owners [Auditbeat File Integrity] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "AV0tWL-Yg1PYniApZbCs-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -329,7 +329,7 @@ "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "title": "Top groups [Auditbeat File Integrity] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -337,7 +337,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -350,7 +350,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -358,16 +358,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top groups [Auditbeat File Integrity] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "AV0tWSdXg1PYniApZbDU-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -391,7 +391,7 @@ "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "title": "Top updated [Auditbeat File Integrity] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -399,7 +399,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -412,7 +412,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -420,16 +420,16 @@ "addTooltip": true, "isDonut": false, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top updated [Auditbeat File Integrity] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "AV0tW0djg1PYniApZbGL-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -440,7 +440,7 @@ "index": "auditbeat-*", "query": { "language": "lucene", - "query": "file.mode:/0..[2367]/ NOT file.type:symlink" + "query": "file.mode:/0..[2367]/ NOT file.winlog.api:symlink" } } }, @@ -453,7 +453,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -464,7 +464,7 @@ "field": "file.inode" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -494,16 +494,16 @@ }, "useRange": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "World Writable File Count [Auditbeat File Integrity] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "AV0tY6jwg1PYniApZbRY-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T17:48:29.232Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -523,16 +523,16 @@ "negate": false, "params": { "query": "file", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "file" }, "query": { "match": { "file.type": { "query": "file", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -554,7 +554,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -564,7 +564,7 @@ "customLabel": "Most changed file by count" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -577,7 +577,7 @@ "size": 1 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -616,20 +616,20 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Most changed file by count [Auditbeat File Integrity] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "AV0tav8Ag1PYniApZbbK-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -659,7 +659,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -669,7 +669,7 @@ "customLabel": "Most common mode by count" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -682,7 +682,7 @@ "size": 1 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -721,20 +721,20 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Most common mode by count [Auditbeat File Integrity] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "AV0tbcUdg1PYniApZbe1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -767,7 +767,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -777,7 +777,7 @@ "customLabel": "Total Events" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -790,7 +790,7 @@ "size": 50 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -804,7 +804,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" } ], "params": { @@ -819,13 +819,13 @@ "totalFunc": "sum" }, "title": "File Event Summary By Host [Auditbeat File Integrity] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "AV0tc_xZg1PYniApZbnL-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -849,7 +849,7 @@ "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "title": "Top deleted [Auditbeat File Integrity] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -857,7 +857,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -870,7 +870,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -878,16 +878,16 @@ "addTooltip": true, "isDonut": false, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top deleted [Auditbeat File Integrity] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "AV0tes4Eg1PYniApZbwV-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -911,7 +911,7 @@ "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "title": "Top created [Auditbeat File Integrity] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -919,7 +919,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -932,7 +932,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -940,16 +940,16 @@ "addTooltip": true, "isDonut": false, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top created [Auditbeat File Integrity] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "AV0te0TCg1PYniApZbw9-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -974,16 +974,16 @@ "negate": false, "params": { "query": "file_integrity", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "file_integrity" }, "query": { "match": { "event.module": { "query": "file_integrity", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -995,7 +995,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1003,12 +1003,12 @@ "desc" ], "title": "File Integrity Events [Auditbeat File Integrity] ECS", - "version": 1 + "winlog.version": 1 }, "id": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -1027,7 +1027,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1045,8 +1045,8 @@ }, "id": "AV0tVcg6g1PYniApZa-v-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1058,8 +1058,8 @@ }, "id": "AV0tV05vg1PYniApZbA2-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1071,8 +1071,8 @@ }, "id": "AV0tWL-Yg1PYniApZbCs-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1084,8 +1084,8 @@ }, "id": "AV0tWSdXg1PYniApZbDU-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1097,8 +1097,8 @@ }, "id": "AV0tW0djg1PYniApZbGL-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1110,8 +1110,8 @@ }, "id": "AV0tY6jwg1PYniApZbRY-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1123,8 +1123,8 @@ }, "id": "AV0tav8Ag1PYniApZbbK-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1136,8 +1136,8 @@ }, "id": "AV0tbcUdg1PYniApZbe1-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1149,8 +1149,8 @@ }, "id": "AV0tc_xZg1PYniApZbnL-ecs", "panelIndex": "9", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1162,8 +1162,8 @@ }, "id": "AV0tes4Eg1PYniApZbwV-ecs", "panelIndex": "10", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1175,8 +1175,8 @@ }, "id": "AV0te0TCg1PYniApZbw9-ecs", "panelIndex": "11", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "columns": [ @@ -1196,19 +1196,19 @@ "@timestamp", "desc" ], - "type": "search", - "version": "6.2.4" + "winlog.api": "search", + "winlog.version": "6.2.4" } ], "timeRestore": false, "title": "[Auditbeat File Integrity] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "AV0tXkjYg1PYniApZbKP-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-22T15:54:25.278Z", - "version": 6 + "winlog.version": 6 } ], - "version": "6.1.2" + "winlog.version": "6.1.2" } \ No newline at end of file diff --git a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json index 565551631cda..72fe25d6af04 100644 --- a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json +++ b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json @@ -16,7 +16,7 @@ 5.09765625 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -26,7 +26,7 @@ "field": "source.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -36,7 +36,7 @@ "field": "source.geo.location" }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -63,18 +63,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "Apache access unique IPs map ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "Apache-access-unique-IPs-map-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -94,7 +94,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -102,7 +102,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -116,7 +116,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -128,7 +128,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -140,12 +140,12 @@ "shareYAxis": true }, "title": "Apache response codes of top URLs ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Apache-response-codes-of-top-URLs-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -158,7 +158,7 @@ "savedSearchId": "Apache-access-logs-ecs", "title": "Browsers breakdown [Filebeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -168,7 +168,7 @@ "field": "source.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -180,7 +180,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -192,7 +192,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -204,12 +204,12 @@ "shareYAxis": true }, "title": "Apache browsers ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Apache-browsers-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -222,7 +222,7 @@ "savedSearchId": "Apache-access-logs-ecs", "title": "Operating systems breakdown [Filebeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -232,7 +232,7 @@ "field": "source.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -244,7 +244,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -256,7 +256,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -268,12 +268,12 @@ "shareYAxis": true }, "title": "Apache operating systems ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Apache-operating-systems-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -286,7 +286,7 @@ "savedSearchId": "Apache-errors-log-ecs", "title": "Error logs over time [Filebeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -294,7 +294,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -307,7 +307,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -319,7 +319,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -337,12 +337,12 @@ "yAxis": {} }, "title": "Apache error logs over time ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Apache-error-logs-over-time-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -362,7 +362,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -370,7 +370,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -383,7 +383,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -395,7 +395,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -413,12 +413,12 @@ "yAxis": {} }, "title": "Apache response codes over time ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Apache-response-codes-over-time-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -460,11 +460,11 @@ "desc" ], "title": "Apache errors log [Filebeat Apache] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Apache-errors-log-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -506,11 +506,11 @@ "desc" ], "title": "Apache access logs [Filebeat Apache] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Apache-access-logs-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -529,7 +529,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -543,7 +543,7 @@ "row": 1, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -552,7 +552,7 @@ "row": 6, "size_x": 8, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -561,7 +561,7 @@ "row": 6, "size_x": 4, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 11, @@ -570,7 +570,7 @@ "row": 4, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -579,7 +579,7 @@ "row": 9, "size_x": 12, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -588,7 +588,7 @@ "row": 4, "size_x": 10, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -607,7 +607,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, @@ -642,12 +642,12 @@ "mapZoom": 2 } }, - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-Apache-Dashboard-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json index 4c8e9d8111c3..f468c725ddfb 100644 --- a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json +++ b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json @@ -17,7 +17,7 @@ }, "title": "Event types breakdown [Filebeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -25,7 +25,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -37,7 +37,7 @@ "size": 50 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -48,12 +48,12 @@ "legendPosition": "right" }, "title": "Audit Event Types ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -65,7 +65,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.action:EXECVE" + "query": "auditd.log.record_winlog.api:EXECVE" } } } @@ -81,7 +81,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -89,7 +89,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -102,7 +102,7 @@ "size": 30 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -118,12 +118,12 @@ "totalFunc": "sum" }, "title": "Audit Top Exec Commands ECS", - "type": "table" + "winlog.api": "table" } }, "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -133,7 +133,7 @@ }, "title": "Event Results [Filebeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -141,12 +141,12 @@ "interval": "auto" }, "title": "Event Results [Filebeat Auditd] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -165,7 +165,7 @@ }, "title": "Event Address Geo Location [Filebeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -173,7 +173,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -184,7 +184,7 @@ "precision": 2 }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -211,18 +211,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "Audit Event Address Geo Location ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -241,7 +241,7 @@ }, "title": "Event Account Tag Cloud [Filebeat Auditd] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -249,7 +249,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -261,7 +261,7 @@ "size": 15 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -273,12 +273,12 @@ "scale": "linear" }, "title": "Audit Event Account Tag Cloud ECS", - "type": "tagcloud" + "winlog.api": "tagcloud" } }, "id": "c5411910-0a87-11e7-8b04-eb22a5669f27-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -300,7 +300,7 @@ "query": "event.dataset:auditd.log" } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -308,11 +308,11 @@ "desc" ], "title": "Audit Events [Filebeat Auditd] ECS", - "version": 1 + "winlog.version": 1 }, "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -331,7 +331,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -345,7 +345,7 @@ "row": 1, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -354,7 +354,7 @@ "row": 1, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -363,7 +363,7 @@ "row": 5, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -372,7 +372,7 @@ "row": 5, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -381,7 +381,7 @@ "row": 1, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -399,7 +399,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, @@ -440,12 +440,12 @@ "mapZoom": 2 } }, - "version": 1 + "winlog.version": 1 }, "id": "dfbb49f0-0a0f-11e7-8a62-2d05eaaac5cb-ecs", - "type": "dashboard", - "version": 4 + "winlog.api": "dashboard", + "winlog.version": 4 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json index bb605e9a680b..37b3fbbad84f 100644 --- a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json +++ b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json @@ -15,7 +15,7 @@ }, "title": "Backend breakdown [Filebeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -39,7 +39,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -53,16 +53,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Backend breakdown [Filebeat HAProxy] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -79,7 +79,7 @@ }, "title": "Frontend breakdown [Filebeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -87,7 +87,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -103,7 +103,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -117,16 +117,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Frontend breakdown [Filebeat HAProxy] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -148,7 +148,7 @@ 5.09765625 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -158,7 +158,7 @@ "field": "source.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -171,7 +171,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -197,19 +197,19 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "IP Geohashes [Filebeat HAProxy] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -236,7 +236,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -244,7 +244,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -257,7 +257,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -273,7 +273,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -289,12 +289,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -314,12 +314,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -333,25 +333,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Response codes over time [Filebeat HAProxy] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -383,8 +383,8 @@ }, "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" }, { "embeddableConfig": {}, @@ -397,8 +397,8 @@ }, "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" }, { "embeddableConfig": {}, @@ -411,8 +411,8 @@ }, "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" }, { "embeddableConfig": {}, @@ -425,19 +425,19 @@ }, "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" } ], "timeRestore": false, "title": "[Filebeat HAProxy] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "3560d580-aa34-11e8-9c06-877f0445e3e0-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-12-06T11:40:40.204Z", - "version": 6 + "winlog.version": 6 } ], - "version": "6.5.2" + "winlog.version": "6.5.2" } diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json index cb05cb4f74ef..58b3bcc32ac2 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json @@ -11,7 +11,7 @@ "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", "title": "Debuglog Facility [Filebeat Icinga] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -60,12 +60,12 @@ "times": [] }, "title": "Icinga Debuglog Facility ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -87,7 +87,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -95,7 +95,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -108,7 +108,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -120,7 +120,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -136,12 +136,12 @@ "times": [] }, "title": "Icinga Debuglog Severity ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -167,16 +167,16 @@ "negate": false, "params": { "query": "icinga", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "icinga" }, "query": { "match": { "event.module": { "query": "icinga", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -193,16 +193,16 @@ "negate": false, "params": { "query": "debug", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "debug" }, "query": { "match": { "fileset.name": { "query": "debug", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -214,7 +214,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -222,11 +222,11 @@ "desc" ], "title": "Debug Log [Filebeat Icinga] ECS", - "version": 1 + "winlog.version": 1 }, "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -245,7 +245,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -259,7 +259,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -268,7 +268,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -286,18 +286,18 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, "title": "[Filebeat Icinga] Debug Log ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "26309570-2419-11e7-a83b-d5f4cebac9ff-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json index 835c015de580..3bd6214ccca5 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json @@ -18,7 +18,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -26,7 +26,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -39,7 +39,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -51,7 +51,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -67,12 +67,12 @@ "times": [] }, "title": "Icinga Mainlog Severity ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -98,16 +98,16 @@ "negate": false, "params": { "query": "icinga", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "icinga" }, "query": { "match": { "event.module": { "query": "icinga", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -124,16 +124,16 @@ "negate": false, "params": { "query": "main", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "main" }, "query": { "match": { "fileset.name": { "query": "main", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -145,7 +145,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -153,11 +153,11 @@ "desc" ], "title": "Main Log [Filebeat Icinga] ECS", - "version": 1 + "winlog.version": 1 }, "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -170,7 +170,7 @@ "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", "title": "Mainlog Facility [Filebeat Icinga] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -178,7 +178,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -191,7 +191,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -203,7 +203,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -219,12 +219,12 @@ "times": [] }, "title": "Icinga Mainlog Facility ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -243,7 +243,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -257,7 +257,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -275,7 +275,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -284,18 +284,18 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, "title": "[Filebeat Icinga] Main Log ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "f693d260-2417-11e7-a83b-d5f4cebac9ff-ecs", - "type": "dashboard", - "version": 4 + "winlog.api": "dashboard", + "winlog.version": 4 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json index 5a4799e70374..d6d71e561b94 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json @@ -17,7 +17,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -25,7 +25,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "listeners": {}, @@ -54,12 +54,12 @@ "times": [] }, "title": "Icinga Startup Errors ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -84,7 +84,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -92,11 +92,11 @@ "desc" ], "title": "Startup Errors [Filebeat Icinga] ECS", - "version": 1 + "winlog.version": 1 }, "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -115,7 +115,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -129,7 +129,7 @@ "row": 1, "size_x": 12, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -147,18 +147,18 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, "title": "[Filebeat Icinga] Startup Errors ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "b9163ea0-2417-11e7-a83b-d5f4cebac9ff-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json index ef507875a556..82089715bb3e 100644 --- a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json +++ b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json @@ -15,7 +15,7 @@ }, "title": "Access map [Filebeat IIS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -59,13 +59,13 @@ } }, "title": "Access map [Filebeat IIS] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-20T18:44:17.162Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -82,7 +82,7 @@ }, "title": "Response codes over time [Filebeat IIS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -90,7 +90,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -103,7 +103,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -115,7 +115,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -131,12 +131,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -156,12 +156,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -175,25 +175,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Response codes over time [Filebeat IIS] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-20T19:05:58.905Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -210,7 +210,7 @@ }, "title": "Browsers breakdown [Filebeat IIS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -218,7 +218,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -230,7 +230,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -242,7 +242,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -256,16 +256,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Browsers breakdown [Filebeat IIS] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-20T18:47:38.312Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -282,7 +282,7 @@ }, "title": "Operating systems breakdown [Filebeat IIS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -290,7 +290,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -302,7 +302,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -314,7 +314,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -328,16 +328,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Operating systems breakdown [Filebeat IIS] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-20T18:51:54.619Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -354,7 +354,7 @@ }, "title": "Error logs over time [Filebeat IIS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -362,7 +362,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -375,7 +375,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -387,7 +387,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -403,12 +403,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -428,12 +428,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -447,25 +447,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Error logs over time [Filebeat IIS] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-20T19:22:30.227Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -482,7 +482,7 @@ }, "title": "Top URLs by response code [Filebeat IIS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -490,7 +490,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -504,7 +504,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -516,7 +516,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -530,16 +530,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top URLs by response code [Filebeat IIS] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-20T19:58:24.005Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -553,7 +553,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -572,8 +572,8 @@ }, "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.1.2" + "winlog.api": "visualization", + "winlog.version": "6.1.2" }, { "gridData": { @@ -585,8 +585,8 @@ }, "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.1.2" + "winlog.api": "visualization", + "winlog.version": "6.1.2" }, { "gridData": { @@ -598,8 +598,8 @@ }, "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.1.2" + "winlog.api": "visualization", + "winlog.version": "6.1.2" }, { "gridData": { @@ -611,8 +611,8 @@ }, "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.1.2" + "winlog.api": "visualization", + "winlog.version": "6.1.2" }, { "gridData": { @@ -624,8 +624,8 @@ }, "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.1.2" + "winlog.api": "visualization", + "winlog.version": "6.1.2" }, { "gridData": { @@ -637,20 +637,20 @@ }, "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.1.2" + "winlog.api": "visualization", + "winlog.version": "6.1.2" } ], "timeRestore": false, "title": "[Filebeat IIS] Access and error logs ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "4278ad30-fe16-11e7-a3b0-d13028918f9f-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-20T19:57:50.287Z", - "version": 4 + "winlog.version": 4 } ], - "version": "6.1.2" + "winlog.version": "6.1.2" } diff --git a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json index 6abfc572c162..e2726fd2b628 100644 --- a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json +++ b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json @@ -11,7 +11,7 @@ "savedSearchId": "Kafka stacktraces-ecs", "title": "Number of stracktraces by class [Filebeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 10 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -60,14 +60,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 minutes" }, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -87,12 +87,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -106,24 +106,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Number of Kafka stracktraces by class [Filebeat Kafka] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "number-of-kafka-stracktraces-by-class-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -143,7 +143,7 @@ "language": "lucene", "query": "_exists_:kafka.log.trace.class" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -151,11 +151,11 @@ "desc" ], "title": "Stacktraces [Filebeat Kafka] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Kafka stacktraces-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -181,16 +181,16 @@ "negate": false, "params": { "query": "kafka", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "kafka" }, "query": { "match": { "event.module": { "query": "kafka", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -207,16 +207,16 @@ "negate": false, "params": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -228,7 +228,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -236,11 +236,11 @@ "desc" ], "title": "All logs [Filebeat Kafka] ECS", - "version": 1 + "winlog.version": 1 }, "id": "All Kafka logs-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -253,7 +253,7 @@ "savedSearchId": "All Kafka logs-ecs", "title": "Log levels over time [Filebeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -261,7 +261,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -274,7 +274,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -287,7 +287,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -303,14 +303,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per day" }, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -330,12 +330,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -349,24 +349,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Log levels over time [Filebeat Kafka] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -380,7 +380,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -394,7 +394,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -412,7 +412,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -430,7 +430,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -439,18 +439,18 @@ "row": 4, "size_x": 12, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, "title": "[Filebeat Kafka] Overview ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "943caca0-87ee-11e7-ad9c-db80de0bf8d3-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json index 7bae7158ff2e..940e4bdb7720 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json @@ -15,7 +15,7 @@ "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "title": "Logs Severity [Filebeat Logstash] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -35,7 +35,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -43,15 +43,15 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Logs Severity [Filebeat Logstash] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -68,7 +68,7 @@ "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "title": "logs over time [Filebeat Logstash] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -76,7 +76,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -89,7 +89,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -101,7 +101,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -117,12 +117,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -142,12 +142,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -161,24 +161,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "logs over time [Filebeat Logstash] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -205,16 +205,16 @@ "negate": false, "params": { "query": "logstash", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "logstash" }, "query": { "match": { "event.module": { "query": "logstash", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -231,16 +231,16 @@ "negate": false, "params": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -252,7 +252,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -260,11 +260,11 @@ "desc" ], "title": "logs [Filebeat Logstash] ECS", - "version": 1 + "winlog.version": 1 }, "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -278,7 +278,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -292,7 +292,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -301,7 +301,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -320,18 +320,18 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, "title": "Logstash Logs [Filebeat Logstash] ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-Logstash-Log-Dashboard-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "6.0.0" + "winlog.version": "6.0.0" } \ No newline at end of file diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json index 9311f33ad242..5e4dbe65ec28 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json @@ -27,16 +27,16 @@ "negate": false, "params": { "query": "logstash", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "logstash" }, "query": { "match": { "event.module": { "query": "logstash", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -53,16 +53,16 @@ "negate": false, "params": { "query": "slowlog", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "slowlog" }, "query": { "match": { "fileset.name": { "query": "slowlog", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -74,7 +74,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -82,11 +82,11 @@ "asc" ], "title": "Slow logs [Filebeat Logstash] ECS", - "version": 1 + "winlog.version": 1 }, "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -103,7 +103,7 @@ "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "title": "Logs Severity [Filebeat Logstash] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -111,7 +111,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -123,7 +123,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -131,15 +131,15 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Logs Severity [Filebeat Logstash] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -156,7 +156,7 @@ "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "title": "logs over time [Filebeat Logstash] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -164,7 +164,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -177,7 +177,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -189,7 +189,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -205,12 +205,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -230,12 +230,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -249,24 +249,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "logs over time [Filebeat Logstash] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -292,7 +292,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -303,7 +303,7 @@ "field": "logstash.slowlog.took_in_millis" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -313,7 +313,7 @@ "field": "logstash.slowlog.took_in_millis" }, "schema": "metric", - "type": "min" + "winlog.api": "min" }, { "enabled": true, @@ -326,7 +326,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -336,7 +336,7 @@ "field": "logstash.slowlog.took_in_millis" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -349,7 +349,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -364,12 +364,12 @@ "totalFunc": "sum" }, "title": "Slowest plugins [Filebeat Logstash] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -396,16 +396,16 @@ "negate": false, "params": { "query": "logstash", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "logstash" }, "query": { "match": { "event.module": { "query": "logstash", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -422,16 +422,16 @@ "negate": false, "params": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -443,7 +443,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -451,11 +451,11 @@ "desc" ], "title": "logs [Filebeat Logstash] ECS", - "version": 1 + "winlog.version": 1 }, "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -469,7 +469,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -495,7 +495,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 7, @@ -504,7 +504,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -513,7 +513,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -522,7 +522,7 @@ "row": 4, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -539,12 +539,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-Logstash-Slowlog-Dashboard-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "6.0.0" + "winlog.version": "6.0.0" } \ No newline at end of file diff --git a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json index bce38f2b3a7b..6e82758edd46 100644 --- a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json +++ b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json @@ -15,7 +15,7 @@ "savedSearchId": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", "title": "Logs Severity [Filebeat MongoDB] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -44,15 +44,15 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Logs Severity [Filebeat MongoDB] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -74,7 +74,7 @@ "language": "lucene", "query": "log.level: F or log.level: W" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -82,11 +82,11 @@ "desc" ], "title": "Error logs [Filebeat MongoDB] ECS", - "version": 1 + "winlog.version": 1 }, "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94-ecs", - "type": "search", - "version": 3 + "winlog.api": "search", + "winlog.version": 3 }, { "attributes": { @@ -108,7 +108,7 @@ "language": "lucene", "query": "log.level: *" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -116,11 +116,11 @@ "asc" ], "title": "All logs [Filebeat MongoDB] ECS", - "version": 1 + "winlog.version": 1 }, "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -134,7 +134,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -148,7 +148,7 @@ "row": 1, "size_x": 4, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -168,7 +168,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -188,18 +188,18 @@ "mongodb.log.timestamp", "asc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, "title": "Overview [Filebeat MongoDB] ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "abcf35b0-0a82-11e8-bffe-ff7d4f68cf94-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0" + "winlog.version": "6.0.0" } \ No newline at end of file diff --git a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json index 8ac1322da081..032d6974eccb 100644 --- a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json +++ b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json @@ -20,7 +20,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -31,7 +31,7 @@ "field": "mysql.slowlog.query_time.sec" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -57,7 +57,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -72,12 +72,12 @@ "totalFunc": "sum" }, "title": "Top slowest queries [Filebeat MySQL] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "MySQL-slowest-queries-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -96,7 +96,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -106,7 +106,7 @@ "customLabel": "Slow queries" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -119,7 +119,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -135,14 +135,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -165,14 +165,14 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -186,25 +186,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Slow queries" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Slow queries over time [Filebeat MySQL] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "MySQL-Slow-queries-over-time-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -224,7 +224,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -234,7 +234,7 @@ "customLabel": "Error logs" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -247,7 +247,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -263,14 +263,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -293,14 +293,14 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -314,25 +314,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Error logs" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Error logs over time [Filebeat MySQL] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "MySQL-error-logs-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -357,16 +357,16 @@ "negate": false, "params": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "mysql" }, "query": { "match": { "event.module": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -383,16 +383,16 @@ "negate": false, "params": { "query": "error", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "error" }, "query": { "match": { "fileset.name": { "query": "error", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -417,7 +417,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -425,11 +425,11 @@ "desc" ], "title": "Error logs [Filebeat MySQL] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-MySQL-error-log-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -450,7 +450,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -458,7 +458,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -470,7 +470,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -479,15 +479,15 @@ "isDonut": false, "legendPosition": "bottom", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "Error logs levels breakdown [Filebeat MySQL] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "MySQL-Error-logs-levels-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -500,7 +500,7 @@ "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", "title": "Slow logs breakdown [Filebeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -508,7 +508,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -520,7 +520,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -529,15 +529,15 @@ "isDonut": false, "legendPosition": "bottom", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "Slow logs breakdown [Filebeat MySQL] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "MySQL-Slow-logs-by-count-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -561,16 +561,16 @@ "negate": false, "params": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "mysql" }, "query": { "match": { "event.module": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -587,16 +587,16 @@ "negate": false, "params": { "query": "slowlog", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "slowlog" }, "query": { "match": { "fileset.name": { "query": "slowlog", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -621,7 +621,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -629,11 +629,11 @@ "desc" ], "title": "Slow logs [Filebeat MySQL] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-MySQL-Slow-log-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -652,7 +652,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -666,7 +666,7 @@ "row": 8, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -675,7 +675,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -684,7 +684,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -701,7 +701,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 7, @@ -710,7 +710,7 @@ "row": 4, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -719,7 +719,7 @@ "row": 4, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -736,12 +736,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-MySQL-Dashboard-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json index 8c75d52dfc52..c597c20519e2 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json @@ -30,7 +30,7 @@ "language": "lucene", "query": "event.module:nginx AND _exists_:message" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -38,11 +38,11 @@ "desc" ], "title": "Nginx error logs [Filebeat Nginx] ECS", - "version": 1 + "winlog.version": 1 }, "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -76,7 +76,7 @@ "language": "lucene", "query": "event.module:nginx AND _exists_:url.original" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -84,11 +84,11 @@ "desc" ], "title": "Nginx access logs [Filebeat Nginx] ECS", - "version": 1 + "winlog.version": 1 }, "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", - "type": "search", - "version": 4 + "winlog.api": "search", + "winlog.version": 4 }, { "attributes": { @@ -98,7 +98,7 @@ }, "title": "Access logs over time [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -138,7 +138,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -158,15 +158,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Access logs over time [Filebeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -176,7 +176,7 @@ }, "title": "Dashboards [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -184,12 +184,12 @@ "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" }, "title": "Dashboards [Filebeat Nginx] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -208,7 +208,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -230,7 +230,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -249,7 +249,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -258,7 +258,7 @@ "row": 2, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -267,18 +267,18 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, "title": "[Filebeat Nginx] Access and error logs ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0-beta2" + "winlog.version": "6.0.0-beta2" } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json index 2841bfcd99ef..8b7148ad99c9 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json @@ -17,7 +17,7 @@ }, "title": "Browsers breakdown [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -25,7 +25,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -37,7 +37,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -49,7 +49,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -61,12 +61,12 @@ "shareYAxis": true }, "title": "Nginx Access Browsers ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Nginx-Access-Browsers-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -85,7 +85,7 @@ }, "title": "Operating systems breakdown [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -93,7 +93,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -105,7 +105,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -117,7 +117,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -129,12 +129,12 @@ "shareYAxis": true }, "title": "Nginx Access OSes ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Nginx-Access-OSes-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -152,7 +152,7 @@ -0.17578125 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -160,7 +160,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -170,7 +170,7 @@ "field": "source.geo.location" }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -197,18 +197,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "Nginx Access Map ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "Nginx-Access-Map-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -218,7 +218,7 @@ }, "title": "Response codes over time [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -242,7 +242,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -282,15 +282,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Response codes over time [Filebeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", - "type": "visualization", - "version": 7 + "winlog.api": "visualization", + "winlog.version": 7 }, { "attributes": { @@ -300,7 +300,7 @@ }, "title": "Top pages [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -327,7 +327,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -342,15 +342,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Top pages [Filebeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -360,7 +360,7 @@ }, "title": "Errors over time [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -383,7 +383,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -397,15 +397,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Errors over time [Filebeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", - "type": "visualization", - "version": 5 + "winlog.api": "visualization", + "winlog.version": 5 }, { "attributes": { @@ -415,7 +415,7 @@ }, "title": "Data Volume [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -440,7 +440,7 @@ { "field": "http.response.body.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" } ], "point_size": 1, @@ -461,15 +461,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Data Volume [Filebeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -479,7 +479,7 @@ }, "title": "Dashboards [Filebeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -487,12 +487,12 @@ "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" }, "title": "Dashboards [Filebeat Nginx] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -532,7 +532,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -540,11 +540,11 @@ "desc" ], "title": "Nginx logs [Filebeat Nginx] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-Nginx-module-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -563,7 +563,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -577,7 +577,7 @@ "row": 12, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -586,7 +586,7 @@ "row": 12, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -595,7 +595,7 @@ "row": 2, "size_x": 12, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -604,7 +604,7 @@ "row": 6, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -613,7 +613,7 @@ "row": 9, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -622,7 +622,7 @@ "row": 9, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -631,7 +631,7 @@ "row": 12, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -640,7 +640,7 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -680,12 +680,12 @@ "mapZoom": 2 } }, - "version": 1 + "winlog.version": 1 }, "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs", - "type": "dashboard", - "version": 6 + "winlog.api": "dashboard", + "winlog.version": 6 } ], - "version": "6.0.0-beta2" + "winlog.version": "6.0.0-beta2" } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json index 9113043e29f6..03736e012fae 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json @@ -13,7 +13,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -21,7 +21,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -34,7 +34,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -46,7 +46,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -63,14 +63,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 5 minutes" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -96,7 +96,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -116,22 +116,22 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "value" + "winlog.api": "value" } ] }, "title": "ML Nginx Access Remote IP Timechart ECS", - "type": "area" + "winlog.api": "area" } }, "id": "ML-Nginx-Access-Remote-IP-Timechart-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -151,7 +151,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -159,7 +159,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -172,7 +172,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -184,7 +184,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -202,12 +202,12 @@ "yAxis": {} }, "title": "ML Nginx Access Response Code Timechart ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -227,7 +227,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -235,7 +235,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -247,7 +247,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -263,12 +263,12 @@ "totalFunc": "sum" }, "title": "ML Nginx Access Top Remote IPs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -286,7 +286,7 @@ -0.17578125 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -294,7 +294,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -304,7 +304,7 @@ "field": "source.geo.location" }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -331,18 +331,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "ML Nginx Access Map ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "ML-Nginx-Access-Map-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -362,7 +362,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -370,7 +370,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -382,7 +382,7 @@ "size": 1000 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -398,12 +398,12 @@ "totalFunc": "sum" }, "title": "ML Nginx Access Top URLs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Nginx-Access-Top-URLs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -442,11 +442,11 @@ "desc" ], "title": "ML Access Data [Filebeat Nginx] ECS", - "version": 1 + "winlog.version": 1 }, "id": "ML-Filebeat-Nginx-Access-ecs", - "type": "search", - "version": 3 + "winlog.api": "search", + "winlog.version": 3 }, { "attributes": { @@ -465,7 +465,7 @@ } ], "highlightAll": true, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -479,7 +479,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -488,7 +488,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -497,7 +497,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -506,7 +506,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -515,7 +515,7 @@ "row": 7, "size_x": 12, "size_y": 9, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -542,12 +542,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "ML-Nginx-Access-Remote-IP-Count-Explorer-ecs", - "type": "dashboard", - "version": 3 + "winlog.api": "dashboard", + "winlog.version": 3 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json index 96dbcefb6862..d5d4c128034c 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json @@ -9,7 +9,7 @@ "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", "title": "Unique Count URL Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "field": "url.original" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "listeners": {}, @@ -49,14 +49,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per day" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -83,7 +83,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -103,24 +103,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Unique count of nginx.access.url" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "ML Nginx Access Unique Count URL Timechart ECS", - "type": "line" + "winlog.api": "line" } }, "id": "ML-Nginx-Access-Unique-Count-URL-Timechart-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -140,7 +140,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -148,7 +148,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -161,7 +161,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -173,7 +173,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -191,12 +191,12 @@ "yAxis": {} }, "title": "ML Nginx Access Response Code Timechart ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -216,7 +216,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -224,7 +224,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -236,7 +236,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -252,12 +252,12 @@ "totalFunc": "sum" }, "title": "ML Nginx Access Top Remote IPs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -275,7 +275,7 @@ -0.17578125 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -283,7 +283,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -293,7 +293,7 @@ "field": "source.geo.location" }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -320,18 +320,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "ML Nginx Access Map ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "ML-Nginx-Access-Map-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -351,7 +351,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -359,7 +359,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -371,7 +371,7 @@ "size": 1000 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -387,12 +387,12 @@ "totalFunc": "sum" }, "title": "ML Nginx Access Top URLs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Nginx-Access-Top-URLs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -431,11 +431,11 @@ "desc" ], "title": "ML Access Data [Filebeat Nginx] ECS", - "version": 1 + "winlog.version": 1 }, "id": "ML-Filebeat-Nginx-Access-ecs", - "type": "search", - "version": 3 + "winlog.api": "search", + "winlog.version": 3 }, { "attributes": { @@ -454,7 +454,7 @@ } ], "highlightAll": true, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -468,7 +468,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -477,7 +477,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -486,7 +486,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -495,7 +495,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -504,7 +504,7 @@ "row": 7, "size_x": 12, "size_y": 8, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -541,12 +541,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "ML-Nginx-Remote-IP-URL-Explorer-ecs", - "type": "dashboard", - "version": 4 + "winlog.api": "dashboard", + "winlog.version": 4 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json index 0642a853b46d..17ee690d034a 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json @@ -24,16 +24,16 @@ "negate": false, "params": { "query": "pack_it-compliance_mounts", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "pack_it-compliance_mounts" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_mounts", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -45,7 +45,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -53,12 +53,12 @@ "desc" ], "title": "Mounts [Osquery results] ECS", - "version": 1 + "winlog.version": 1 }, "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -75,7 +75,7 @@ "savedSearchId": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", "title": "Mounts by type [Osquery Result] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -83,7 +83,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -95,7 +95,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -107,7 +107,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -121,16 +121,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Mounts by type [Osquery Result] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -156,16 +156,16 @@ "negate": false, "params": { "query": "pack_it-compliance_deb_packages", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "pack_it-compliance_deb_packages" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_deb_packages", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -177,7 +177,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -185,12 +185,12 @@ "desc" ], "title": "DEB packages installed [Osquery results] ECS", - "version": 1 + "winlog.version": 1 }, "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -207,7 +207,7 @@ "savedSearchId": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", "title": "OS versions [Osquery result] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -217,7 +217,7 @@ "field": "osquery.result.host_identifier" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -229,7 +229,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -241,7 +241,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -253,7 +253,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -267,16 +267,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "OS versions [Osquery result] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -296,16 +296,16 @@ "negate": false, "params": { "query": "Live", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "Live" }, "query": { "match": { "osquery.result.columns.status": { "query": "Live", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -326,7 +326,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -337,7 +337,7 @@ "field": "osquery.result.columns.name" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -380,20 +380,20 @@ "subText": "", "width": 0.9 }, - "type": "meter", + "winlog.api": "meter", "verticalSplit": false }, "isDisplayWarning": false, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Number of Kernel modules [Osquery Result] ECS", - "type": "gauge" + "winlog.api": "gauge" } }, "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -403,7 +403,7 @@ }, "title": "Navigation [Osquery Result] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -411,13 +411,13 @@ "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" }, "title": "Navigation [Osquery Result] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -441,16 +441,16 @@ "negate": false, "params": { "query": "pack_it-compliance_os_version", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "pack_it-compliance_os_version" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_os_version", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -462,7 +462,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -470,12 +470,12 @@ "desc" ], "title": "OS versions [Osquery results] ECS", - "version": 1 + "winlog.version": 1 }, "id": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -501,16 +501,16 @@ "negate": false, "params": { "query": "pack_it-compliance_kernel_modules", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "pack_it-compliance_kernel_modules" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_kernel_modules", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -522,7 +522,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -530,12 +530,12 @@ "desc" ], "title": "Kernel modules [Osquery results] ECS", - "version": 1 + "winlog.version": 1 }, "id": "f59e21e0-eb03-11e7-8f04-51231daa5b05-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -549,7 +549,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -568,8 +568,8 @@ }, "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", "panelIndex": "1", - "type": "search", - "version": "6.2.4" + "winlog.api": "search", + "winlog.version": "6.2.4" }, { "gridData": { @@ -581,8 +581,8 @@ }, "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -594,8 +594,8 @@ }, "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", "panelIndex": "3", - "type": "search", - "version": "6.2.4" + "winlog.api": "search", + "winlog.version": "6.2.4" }, { "gridData": { @@ -607,8 +607,8 @@ }, "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "embeddableConfig": { @@ -628,8 +628,8 @@ }, "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -641,8 +641,8 @@ }, "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.1.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, @@ -656,13 +656,13 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-08T19:42:15.406Z", - "version": 2 + "winlog.version": 2 } ], - "version": "6.1.0-SNAPSHOT" + "winlog.version": "6.1.0-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json index 17b5b234e559..0a847afa99a4 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json @@ -8,7 +8,7 @@ }, "title": "Info OSSEC rootkit [Osquery Result] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -16,13 +16,13 @@ "markdown": "This dashboard shows data collected by the ossec-rootkit pack from osquery." }, "title": "Info OSSEC rootkit [Osquery Result] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T19:30:49.785Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -39,7 +39,7 @@ "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", "title": "Number of rootkits found [Osquery Result] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -50,7 +50,7 @@ "field": "osquery.result.name" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -79,16 +79,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Number of rootkits found [Osquery Result] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T19:40:05.060Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -105,7 +105,7 @@ "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", "title": "Number of hosts infected [Osquery Result] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -116,7 +116,7 @@ "field": "agent.hostname" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -145,16 +145,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Number of hosts infected [Osquery Result] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T19:39:45.085Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -164,7 +164,7 @@ }, "title": "Navigation [Osquery Result] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -172,13 +172,13 @@ "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" }, "title": "Navigation [Osquery Result] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -202,7 +202,7 @@ "index": "filebeat-*", "key": "query", "negate": false, - "type": "custom", + "winlog.api": "custom", "value": "{\"prefix\":{\"osquery.result.name\":\"pack_ossec-rootkit\"}}" }, "query": { @@ -223,16 +223,16 @@ "negate": false, "params": { "query": "osquery", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "osquery" }, "query": { "match": { "event.module": { "query": "osquery", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -249,16 +249,16 @@ "negate": false, "params": { "query": "result", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "result" }, "query": { "match": { "fileset.name": { "query": "result", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -270,7 +270,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -278,12 +278,12 @@ "desc" ], "title": "OSSEC Rootkits [Osquery Result] ECS", - "version": 1 + "winlog.version": 1 }, "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-01-08T19:38:24.483Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -297,7 +297,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -316,8 +316,8 @@ }, "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.1.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -329,8 +329,8 @@ }, "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.1.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -342,8 +342,8 @@ }, "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.1.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -355,8 +355,8 @@ }, "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.1.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -368,20 +368,20 @@ }, "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", "panelIndex": "5", - "type": "search", - "version": "6.1.0-SNAPSHOT" + "winlog.api": "search", + "winlog.version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Osquery Result] OSSEC rootkit pack ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-08T19:40:16.304Z", - "version": 6 + "winlog.version": 6 } ], - "version": "6.1.0-SNAPSHOT" + "winlog.version": "6.1.0-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json index 375fc4d56d17..a80a79b070c3 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json @@ -20,7 +20,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -28,7 +28,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -40,7 +40,7 @@ "size": 12 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -55,12 +55,12 @@ "totalFunc": "sum" }, "title": "Log Level Count [Filebeat PostgreSQL] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "PostgreSQL Log Level Count-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -88,16 +88,16 @@ "negate": false, "params": { "query": "postgresql", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "postgresql" }, "query": { "match": { "event.module": { "query": "postgresql", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -109,7 +109,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -117,11 +117,11 @@ "desc" ], "title": "All Logs [Filebeat PostgreSQL] ECS", - "version": 1 + "winlog.version": 1 }, "id": "PostgreSQL All Logs-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -134,7 +134,7 @@ "savedSearchId": "PostgreSQL All Logs-ecs", "title": "Logs by level over time [Filebeat PostgreSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -142,7 +142,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -155,7 +155,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -167,7 +167,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -183,14 +183,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per month" }, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -210,12 +210,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -229,24 +229,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Logs by level over time [Filebeat PostgreSQL] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -260,7 +260,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -274,7 +274,7 @@ "row": 1, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -294,7 +294,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 4, @@ -303,7 +303,7 @@ "row": 1, "size_x": 9, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -320,12 +320,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "158be870-87f4-11e7-ad9c-db80de0bf8d3-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json index d2a49c416d2b..30467847826d 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json @@ -22,7 +22,7 @@ "legendOpen": true } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -45,7 +45,7 @@ "customLabel": "Number of queries" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -55,7 +55,7 @@ "field": "postgresql.log.duration" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" } ], "params": { @@ -71,14 +71,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 3 hours" }, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -100,7 +100,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" }, { @@ -114,12 +114,12 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -133,24 +133,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Query count and cumulated duration [Filebeat PostgreSQL] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "PostgreSQL Query Count and Duration-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -171,7 +171,7 @@ "language": "lucene", "query": "postgresql.log.duration:>30" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -179,11 +179,11 @@ "desc" ], "title": "Slow Queries [Filebeat PostgreSQL] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Slow PostgreSQL Queries-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -204,7 +204,7 @@ "language": "lucene", "query": "postgresql.log.duration:*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -212,11 +212,11 @@ "desc" ], "title": "Query Durations [Filebeat PostgreSQL] ECS", - "version": 1 + "winlog.version": 1 }, "id": "PostgreSQL Query Durations-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -230,7 +230,7 @@ "language": "lucene", "query": "postgresql.log.query:*" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -244,7 +244,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -263,7 +263,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -282,18 +282,18 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, "title": "[Filebeat PostgreSQL] Query Duration Overview ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "e4c5f230-87f3-11e7-ad9c-db80de0bf8d3-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json index 4cd6acabd6e1..560182ade37e 100644 --- a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json +++ b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json @@ -17,12 +17,12 @@ } } }, - "version": true + "winlog.version": true } }, "title": "Log levels and roles breakdown [Filebeat Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -30,7 +30,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -42,7 +42,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -55,7 +55,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -63,15 +63,15 @@ "addTooltip": true, "isDonut": false, "legendPosition": "bottom", - "type": "pie" + "winlog.api": "pie" }, "title": "Log levels and roles breakdown [Filebeat Redis] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -90,7 +90,7 @@ } } }, - "version": true + "winlog.version": true } }, "title": "Logs over time [Filebeat Redis] ECS", @@ -102,7 +102,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -110,7 +110,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -123,7 +123,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -135,7 +135,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -151,14 +151,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per month" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -183,14 +183,14 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "showCircles": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -204,24 +204,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Logs over time [Filebeat Redis] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "d2864600-478f-11e7-be88-2ddb32f3df97-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -248,16 +248,16 @@ "negate": false, "params": { "query": "redis", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "redis" }, "query": { "match": { "event.module": { "query": "redis", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -274,16 +274,16 @@ "negate": false, "params": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -295,7 +295,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -303,11 +303,11 @@ "desc" ], "title": "Logs [Filebeat Redis] ECS", - "version": 1 + "winlog.version": 1 }, "id": "73613570-4791-11e7-be88-2ddb32f3df97-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -320,7 +320,7 @@ "savedSearchId": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", "title": "Top slowest commands [Filebeat Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -331,7 +331,7 @@ "field": "redis.slowlog.duration.us" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -344,7 +344,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -362,14 +362,14 @@ }, "position": "left", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Duration (microseconds)" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -394,14 +394,14 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "showCircles": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -415,24 +415,24 @@ "position": "bottom", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Command" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Top slowest commands [Filebeat Redis] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -458,7 +458,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -466,11 +466,11 @@ "desc" ], "title": "Slow logs [Filebeat Redis] ECS", - "version": 1 + "winlog.version": 1 }, "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -489,7 +489,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -503,7 +503,7 @@ "row": 5, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 4, @@ -512,7 +512,7 @@ "row": 5, "size_x": 9, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -531,7 +531,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 7, @@ -540,7 +540,7 @@ "row": 1, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -559,7 +559,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, @@ -571,12 +571,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "7fea2930-478e-11e7-b1f0-cb29bac6bf8b-ecs", - "type": "dashboard", - "version": 4 + "winlog.api": "dashboard", + "winlog.version": 4 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json index aa2f1c29c37e..378f06402723 100644 --- a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json +++ b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json @@ -1,4 +1,3 @@ -<<<<<<< HEAD { "objects": [ { @@ -13,9 +12,9 @@ } } }, - "title": "Description [Filebeat Santa]", + "title": "Description [Filebeat Santa] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -23,14 +22,14 @@ "markdown": "![Santa Icon](https://raw.githubusercontent.com/google/santa/master/Source/SantaGUI/Resources/Images.xcassets/AppIcon.appiconset/santa-hat-icon-128.png)\n\nGoogle Santa is a binary whitelisting/blacklisting system for macOS that monitors process executions.", "openLinksInNewTab": false }, - "title": "Description [Filebeat Santa]", - "type": "markdown" + "title": "Description [Filebeat Santa] ECS", + "winlog.api": "markdown" } }, - "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307", - "type": "visualization", + "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "visualization", "updated_at": "2018-12-14T06:31:14.285Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -44,9 +43,9 @@ } } }, - "title": "Decisions [Filebeat Santa]", + "title": "Decisions [Filebeat Santa] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -70,7 +69,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -83,16 +82,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, - "title": "Decisions [Filebeat Santa]", - "type": "metrics" + "title": "Decisions [Filebeat Santa] ECS", + "winlog.api": "metrics" } }, - "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307", - "type": "visualization", + "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "visualization", "updated_at": "2018-12-14T06:40:02.169Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -106,10 +105,10 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Total Events [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Total Events [Filebeat Santa] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -119,7 +118,7 @@ "customLabel": "Total Events" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -148,16 +147,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Total Events [Filebeat Santa]", - "type": "metric" + "title": "Total Events [Filebeat Santa] ECS", + "winlog.api": "metric" } }, - "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307", - "type": "visualization", + "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "visualization", "updated_at": "2018-12-14T06:41:42.712Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -171,8 +170,8 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Decision and Reason [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Decision and Reason [Filebeat Santa] ECS", "uiStateJSON": { "vis": { "colors": { @@ -180,7 +179,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -188,7 +187,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -205,7 +204,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -222,7 +221,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -236,16 +235,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Decision and Reason [Filebeat Santa]", - "type": "pie" + "title": "Decision and Reason [Filebeat Santa] ECS", + "winlog.api": "pie" } }, - "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307", - "type": "visualization", + "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "visualization", "updated_at": "2018-12-14T06:47:57.150Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -259,10 +258,10 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Num of Hosts Reporting [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Num of Hosts Reporting [Filebeat Santa] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -273,7 +272,7 @@ "field": "agent.hostname" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -302,16 +301,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Num of Hosts Reporting [Filebeat Santa]", - "type": "metric" + "title": "Num of Hosts Reporting [Filebeat Santa] ECS", + "winlog.api": "metric" } }, - "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307", - "type": "visualization", + "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "visualization", "updated_at": "2018-12-14T06:51:31.622Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -325,10 +324,10 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Code Signers [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Code Signers [Filebeat Santa] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -336,7 +335,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -352,7 +351,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -362,14 +361,14 @@ "scale": "linear", "showLabel": true }, - "title": "Code Signers [Filebeat Santa]", - "type": "tagcloud" + "title": "Code Signers [Filebeat Santa] ECS", + "winlog.api": "tagcloud" } }, - "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307", - "type": "visualization", + "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "visualization", "updated_at": "2018-12-14T06:57:58.885Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -396,16 +395,16 @@ "negate": false, "params": { "query": "santa", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "santa" }, "query": { "match": { "event.module": { "query": "santa", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -422,16 +421,16 @@ "negate": false, "params": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "log" }, "query": { "match": { "event.dataset": { "query": "log", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -443,20 +442,20 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Santa Logs Search [Filebeat Santa]", - "version": 1 + "title": "Santa Logs Search [Filebeat Santa] ECS", + "winlog.version": 1 }, - "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "type": "search", + "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "search", "updated_at": "2018-12-14T06:57:11.037Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -486,10 +485,10 @@ "x": 0, "y": 0 }, - "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307", + "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -500,10 +499,10 @@ "x": 10, "y": 0 }, - "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307", + "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -514,10 +513,10 @@ "x": 8, "y": 12 }, - "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307", + "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -528,10 +527,10 @@ "x": 36, "y": 12 }, - "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307", + "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -542,10 +541,10 @@ "x": 0, "y": 12 }, - "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307", + "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -556,10 +555,10 @@ "x": 18, "y": 12 }, - "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307", + "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -570,24 +569,21 @@ "x": 0, "y": 22 }, - "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "7", - "type": "search", - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.api": "search", + "winlog.version": "7.0.0-alpha1-SNAPSHOT" } ], "timeRestore": false, - "title": "[Filebeat Santa] Overview", - "version": 1 + "title": "[Filebeat Santa] Overview ECS", + "winlog.version": 1 }, - "id": "161855f0-ff6a-11e8-93c5-d5ecd1b3e307", - "type": "dashboard", + "id": "161855f0-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "winlog.api": "dashboard", "updated_at": "2018-12-14T06:58:23.367Z", - "version": 5 + "winlog.version": 5 } ], - "version": "7.0.0-alpha1-SNAPSHOT" + "winlog.version": "7.0.0-alpha1-SNAPSHOT" } -======= -{"objects":[{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"title":"Description [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[],"params":{"fontSize":12,"markdown":"![Santa Icon](https://raw.githubusercontent.com/google/santa/master/Source/SantaGUI/Resources/Images.xcassets/AppIcon.appiconset/santa-hat-icon-128.png)\n\nGoogle Santa is a binary whitelisting/blacklisting system for macOS that monitors process executions.","openLinksInNewTab":false},"title":"Description [Filebeat Santa] ECS","type":"markdown"}},"id":"dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:31:14.285Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"title":"Decisions [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[],"params":{"axis_formatter":"number","axis_position":"left","axis_scale":"normal","filter":"event.module:santa AND event.dataset:log","id":"61ca57f0-469d-11e7-af02-69e470af7417","index_pattern":"filebeat-*","interval":"auto","series":[{"axis_position":"right","chart_type":"line","color":"#68BC00","fill":0.5,"formatter":"number","id":"61ca57f1-469d-11e7-af02-69e470af7417","label":"Decision","line_width":1,"metrics":[{"id":"61ca57f2-469d-11e7-af02-69e470af7417","type":"count"}],"point_size":1,"separate_axis":0,"split_mode":"terms","stacked":"none","terms_field":"santa.decision"}],"show_grid":1,"show_legend":1,"time_field":"@timestamp","type":"timeseries"},"title":"Decisions [Filebeat Santa] ECS","type":"metrics"}},"id":"1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:40:02.169Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Total Events [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{"customLabel":"Total Events"},"schema":"metric","type":"count"}],"params":{"addLegend":false,"addTooltip":true,"metric":{"colorSchema":"Green to Red","colorsRange":[{"from":0,"to":10000}],"invertColors":false,"labels":{"show":true},"metricColorMode":"None","percentageMode":false,"style":{"bgColor":false,"bgFill":"#000","fontSize":60,"labelColor":false,"subText":""},"useRanges":false},"type":"metric"},"title":"Total Events [Filebeat Santa] ECS","type":"metric"}},"id":"51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:41:42.712Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Decision and Reason [Filebeat Santa] ECS","uiStateJSON":{"vis":{"colors":{"ALLOW":"#7EB26D"}}},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{},"schema":"metric","type":"count"},{"enabled":true,"id":"2","params":{"customLabel":"Decision","field":"santa.decision","missingBucket":false,"missingBucketLabel":"Missing","order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","size":5},"schema":"segment","type":"terms"},{"enabled":true,"id":"3","params":{"customLabel":"Reason","field":"santa.reason","missingBucket":false,"missingBucketLabel":"Missing","order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","size":5},"schema":"segment","type":"terms"}],"params":{"addLegend":true,"addTooltip":true,"isDonut":true,"labels":{"last_level":true,"show":false,"truncate":100,"values":true},"legendPosition":"right","type":"pie"},"title":"Decision and Reason [Filebeat Santa] ECS","type":"pie"}},"id":"30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:47:57.150Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Num of Hosts Reporting [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{"customLabel":"Hosts Reporting","field":"agent.hostname"},"schema":"metric","type":"cardinality"}],"params":{"addLegend":false,"addTooltip":true,"metric":{"colorSchema":"Green to Red","colorsRange":[{"from":0,"to":10000}],"invertColors":false,"labels":{"show":true},"metricColorMode":"None","percentageMode":false,"style":{"bgColor":false,"bgFill":"#000","fontSize":60,"labelColor":false,"subText":""},"useRanges":false},"type":"metric"},"title":"Num of Hosts Reporting [Filebeat Santa] ECS","type":"metric"}},"id":"b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:51:31.622Z","version":1},{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"savedSearchId":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","title":"Code Signers [Filebeat Santa] ECS","uiStateJSON":{},"version":1,"visState":{"aggs":[{"enabled":true,"id":"1","params":{},"schema":"metric","type":"count"},{"enabled":true,"id":"2","params":{"field":"certificate.common_name","missingBucket":false,"missingBucketLabel":"Missing","order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","size":5},"schema":"segment","type":"terms"}],"params":{"maxFontSize":39,"minFontSize":12,"orientation":"single","scale":"linear","showLabel":true},"title":"Code Signers [Filebeat Santa] ECS","type":"tagcloud"}},"id":"11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs","type":"visualization","updated_at":"2018-12-14T06:57:58.885Z","version":2},{"attributes":{"columns":["agent.hostname","process.executable","user.name","certificate.common_name"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"filebeat-*","key":"event.module","negate":false,"params":{"query":"santa","type":"phrase"},"type":"phrase","value":"santa"},"query":{"match":{"event.module":{"query":"santa","type":"phrase"}}}},{"$state":{"store":"appState"},"meta":{"alias":null,"disabled":false,"index":"filebeat-*","key":"event.dataset","negate":false,"params":{"query":"log","type":"phrase"},"type":"phrase","value":"log"},"query":{"match":{"event.dataset":{"query":"log","type":"phrase"}}}}],"highlightAll":true,"index":"filebeat-*","query":{"language":"kuery","query":""},"version":true}},"sort":["@timestamp","desc"],"title":"Santa Logs Search [Filebeat Santa] ECS","version":1},"id":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","type":"search","updated_at":"2018-12-14T06:57:11.037Z","version":2},{"attributes":{"description":"Process executions on macOS monitored by Google Santa.","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":{"filter":[],"query":{"language":"kuery","query":""}}},"optionsJSON":{"darkTheme":false,"hidePanelTitles":false,"useMargins":true},"panelsJSON":[{"embeddableConfig":{},"gridData":{"h":12,"i":"1","w":10,"x":0,"y":0},"id":"dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"1","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":12,"i":"2","w":38,"x":10,"y":0},"id":"1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"2","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"3","w":10,"x":8,"y":12},"id":"51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"3","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"4","w":12,"x":36,"y":12},"id":"30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"4","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"5","w":8,"x":0,"y":12},"id":"b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"5","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"6","w":18,"x":18,"y":12},"id":"11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"6","type":"visualization","version":"7.0.0-alpha1-SNAPSHOT"},{"embeddableConfig":{},"gridData":{"h":10,"i":"7","w":48,"x":0,"y":22},"id":"6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs","panelIndex":"7","type":"search","version":"7.0.0-alpha1-SNAPSHOT"}],"timeRestore":false,"title":"[Filebeat Santa] Overview ECS","version":1},"id":"161855f0-ff6a-11e8-93c5-d5ecd1b3e307-ecs","type":"dashboard","updated_at":"2018-12-14T06:58:23.367Z","version":5}],"version":"7.0.0-alpha1-SNAPSHOT"} ->>>>>>> Introduce migration script for data in Kibana files diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json index d17f7526b2e3..4467af3d3099 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json @@ -11,7 +11,7 @@ "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", "title": "Sudo commands by user [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -60,12 +60,12 @@ "times": [] }, "title": "Sudo commands by user ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -85,7 +85,7 @@ }, "title": "Sudo errors [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -93,7 +93,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -106,7 +106,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -118,7 +118,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -134,12 +134,12 @@ "times": [] }, "title": "Sudo errors ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -161,7 +161,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -169,7 +169,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -181,7 +181,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -193,7 +193,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -209,12 +209,12 @@ "totalFunc": "sum" }, "title": "Top sudo commands ECS", - "type": "table" + "winlog.api": "table" } }, "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -224,7 +224,7 @@ }, "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -232,12 +232,12 @@ "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, "title": "Dashboards [Filebeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -267,11 +267,11 @@ "desc" ], "title": "Sudo commands [Filebeat System] ECS", - "version": 1 + "winlog.version": 1 }, "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -290,7 +290,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -304,7 +304,7 @@ "row": 6, "size_x": 12, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -313,7 +313,7 @@ "row": 10, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -322,7 +322,7 @@ "row": 2, "size_x": 12, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -331,7 +331,7 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -348,12 +348,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs", - "type": "dashboard", - "version": 6 + "winlog.api": "dashboard", + "winlog.version": 6 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json index 327a4e3c093e..751cac78ec83 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json @@ -20,7 +20,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -28,7 +28,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -41,7 +41,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -54,7 +54,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -67,7 +67,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -80,7 +80,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -93,7 +93,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -106,7 +106,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -122,12 +122,12 @@ "totalFunc": "sum" }, "title": "New users ECS", - "type": "table" + "winlog.api": "table" } }, "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -140,7 +140,7 @@ "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", "title": "New users over time [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -148,7 +148,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -161,7 +161,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -173,7 +173,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -189,12 +189,12 @@ "times": [] }, "title": "New users over time ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -216,7 +216,7 @@ "legendOpen": true } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -224,7 +224,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -236,7 +236,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -248,7 +248,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -259,12 +259,12 @@ "legendPosition": "right" }, "title": "New users by shell ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -287,7 +287,7 @@ "legendOpen": true } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -295,7 +295,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -307,7 +307,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -319,7 +319,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -330,12 +330,12 @@ "legendPosition": "right" }, "title": "New users by home directory ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -357,7 +357,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -365,7 +365,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -377,7 +377,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -389,7 +389,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -405,12 +405,12 @@ "totalFunc": "sum" }, "title": "New groups ECS", - "type": "table" + "winlog.api": "table" } }, "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -423,7 +423,7 @@ "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", "title": "New groups over time [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -431,7 +431,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -444,7 +444,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -456,7 +456,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -472,12 +472,12 @@ "times": [] }, "title": "New groups over time ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -487,7 +487,7 @@ }, "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -495,12 +495,12 @@ "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, "title": "Dashboards [Filebeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -531,11 +531,11 @@ "desc" ], "title": "useradd logs [Filebeat System] ECS", - "version": 1 + "winlog.version": 1 }, "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -563,11 +563,11 @@ "desc" ], "title": "groupadd logs [Filebeat System] ECS", - "version": 1 + "winlog.version": 1 }, "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -586,7 +586,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -600,7 +600,7 @@ "row": 2, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -609,7 +609,7 @@ "row": 2, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -618,7 +618,7 @@ "row": 5, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -627,7 +627,7 @@ "row": 5, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -636,7 +636,7 @@ "row": 8, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -645,7 +645,7 @@ "row": 8, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -654,7 +654,7 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -681,12 +681,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs", - "type": "dashboard", - "version": 6 + "winlog.api": "dashboard", + "winlog.version": 6 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json index 0a7b456771ce..02704e79514b 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json @@ -28,7 +28,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -36,7 +36,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -49,7 +49,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -61,7 +61,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -77,12 +77,12 @@ "times": [] }, "title": "Successful SSH logins ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -104,7 +104,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -112,7 +112,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -125,7 +125,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -137,7 +137,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -153,12 +153,12 @@ "times": [] }, "title": "SSH login attempts ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -178,7 +178,7 @@ }, "title": "SSH users of failed login attempts [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -186,7 +186,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -198,7 +198,7 @@ "size": 50 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -209,12 +209,12 @@ "scale": "linear" }, "title": "SSH users of failed login attempts ECS", - "type": "tagcloud" + "winlog.api": "tagcloud" } }, "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -240,7 +240,7 @@ ], "mapZoom": 2 }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -248,7 +248,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -259,7 +259,7 @@ "precision": 2 }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -286,18 +286,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "SSH failed login attempts source locations ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -328,11 +328,11 @@ "desc" ], "title": "SSH login attempts [Filebeat System] ECS", - "version": 1 + "winlog.version": 1 }, "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -342,7 +342,7 @@ }, "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -350,12 +350,12 @@ "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, "title": "Dashboards [Filebeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -374,7 +374,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -388,7 +388,7 @@ "row": 5, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -397,7 +397,7 @@ "row": 2, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -406,7 +406,7 @@ "row": 8, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -415,7 +415,7 @@ "row": 8, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -435,7 +435,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -444,7 +444,7 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -479,12 +479,12 @@ "mapZoom": 3 } }, - "version": 1 + "winlog.version": 1 }, "id": "5517a150-f9ce-11e6-8115-a7c18106d86a-ecs", - "type": "dashboard", - "version": 7 + "winlog.api": "dashboard", + "winlog.version": 7 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json index cd137b4c4102..9c1c1871c004 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json @@ -11,7 +11,7 @@ "savedSearchId": "Syslog-system-logs-ecs", "title": "Syslog events by hostname [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -62,12 +62,12 @@ "yAxis": {} }, "title": "Syslog events by hostname ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Syslog-events-by-hostname-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -80,7 +80,7 @@ "savedSearchId": "Syslog-system-logs-ecs", "title": "Syslog hostnames and processes [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -88,7 +88,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -100,7 +100,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -112,7 +112,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -124,12 +124,12 @@ "shareYAxis": true }, "title": "Syslog hostnames and processes ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Syslog-hostnames-and-processes-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -171,11 +171,11 @@ "desc" ], "title": "Syslog logs [Filebeat System] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Syslog-system-logs-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -185,7 +185,7 @@ }, "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -193,12 +193,12 @@ "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, "title": "Dashboards [Filebeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -217,7 +217,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -231,7 +231,7 @@ "row": 2, "size_x": 8, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -240,7 +240,7 @@ "row": 2, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -258,7 +258,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" }, { "col": 1, @@ -267,18 +267,18 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, "title": "[Filebeat System] Syslog dashboard ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-syslog-dashboard-ecs", - "type": "dashboard", - "version": 6 + "winlog.api": "dashboard", + "winlog.version": 6 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json index 7edb0d63278a..ec9b5d475362 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json @@ -17,7 +17,7 @@ }, "title": "Browsers breakdown [Filebeat Traefik] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -25,7 +25,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -37,7 +37,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -49,7 +49,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -61,12 +61,12 @@ "shareYAxis": true }, "title": "Traefik Access Browsers ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Traefik-Access-Browsers-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -85,7 +85,7 @@ }, "title": "Operating systems breakdown [Filebeat Traefik] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -93,7 +93,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -105,7 +105,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -117,7 +117,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -129,12 +129,12 @@ "shareYAxis": true }, "title": "Traefik Access OSes ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Traefik-Access-OSes-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -154,7 +154,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -162,7 +162,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -175,7 +175,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -187,7 +187,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -205,12 +205,12 @@ "yAxis": {} }, "title": "New Visualization ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "New-Visualization-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -236,7 +236,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -244,7 +244,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -257,7 +257,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -269,7 +269,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -281,12 +281,12 @@ "shareYAxis": true }, "title": "Traefik Access Response codes by top URLs ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Traefik-Access-Response-codes-by-top-URLs-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -318,7 +318,7 @@ }, "title": "Sent Byte Size [Filebeat Traefik] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -329,7 +329,7 @@ "field": "http.response.body.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -342,14 +342,14 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, "id": "3", "params": {}, "schema": "radius", - "type": "count" + "winlog.api": "count" } ], "listeners": {}, @@ -371,12 +371,12 @@ "yAxis": {} }, "title": "Sent sizes ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Sent-sizes-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -394,7 +394,7 @@ -0.17578125 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -402,7 +402,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -412,7 +412,7 @@ "field": "source.geo.location" }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -439,18 +439,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "Traefik Access Map ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "Traefik-Access-Map-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -489,11 +489,11 @@ "desc" ], "title": "Traefik logs [Filebeat Traefik] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-Traefik-module-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -524,7 +524,7 @@ "row": 10, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -533,7 +533,7 @@ "row": 10, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -542,7 +542,7 @@ "row": 4, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -551,7 +551,7 @@ "row": 7, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -560,7 +560,7 @@ "row": 10, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -569,7 +569,7 @@ "row": 1, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -587,12 +587,12 @@ ] } }, - "version": 1 + "winlog.version": 1 }, "id": "Filebeat-Traefik-Dashboard-ecs", - "type": "dashboard", - "version": 3 + "winlog.api": "dashboard", + "winlog.version": 3 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json index 51cbb1a2312e..f00806c86066 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json @@ -13,7 +13,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -21,7 +21,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -34,7 +34,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -46,7 +46,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -63,14 +63,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 5 minutes" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -96,7 +96,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -116,22 +116,22 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "value" + "winlog.api": "value" } ] }, "title": "ML Traefik Access Remote IP Timechart ECS", - "type": "area" + "winlog.api": "area" } }, "id": "ML-Traefik-Access-Remote-IP-Timechart-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -151,7 +151,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -159,7 +159,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -172,7 +172,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -184,7 +184,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -202,12 +202,12 @@ "yAxis": {} }, "title": "ML Traefik Access Response Code Timechart ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -227,7 +227,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -235,7 +235,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -247,7 +247,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -263,12 +263,12 @@ "totalFunc": "sum" }, "title": "ML Traefik Access Top Remote IPs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -286,7 +286,7 @@ -0.17578125 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -294,7 +294,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -304,7 +304,7 @@ "field": "source.geo.location" }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -331,18 +331,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "ML Traefik Access Map ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "ML-Traefik-Access-Map-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -362,7 +362,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -370,7 +370,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -382,7 +382,7 @@ "size": 1000 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -398,12 +398,12 @@ "totalFunc": "sum" }, "title": "ML Traefik Access Top URLs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Traefik-Access-Top-URLs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -442,11 +442,11 @@ "desc" ], "title": "ML Access Data [Filebeat Traefik] ECS", - "version": 1 + "winlog.version": 1 }, "id": "ML-Filebeat-Traefik-Access-ecs", - "type": "search", - "version": 3 + "winlog.api": "search", + "winlog.version": 3 }, { "attributes": { @@ -465,7 +465,7 @@ } ], "highlightAll": true, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -479,7 +479,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -488,7 +488,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -497,7 +497,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -506,7 +506,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -515,7 +515,7 @@ "row": 7, "size_x": 12, "size_y": 9, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -542,12 +542,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "ML-Traefik-Access-Remote-IP-Count-Explorer-ecs", - "type": "dashboard", - "version": 3 + "winlog.api": "dashboard", + "winlog.version": 3 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json index d406a5c90f14..8e8367896bed 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json @@ -9,7 +9,7 @@ "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", "title": "Unique Count URL Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "field": "url.original" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "listeners": {}, @@ -49,14 +49,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per day" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -83,7 +83,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -103,24 +103,24 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Unique count of traefik.access.url" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "ML Traefik Access Unique Count URL Timechart ECS", - "type": "line" + "winlog.api": "line" } }, "id": "ML-Traefik-Access-Unique-Count-URL-Timechart-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -140,7 +140,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -148,7 +148,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -161,7 +161,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -173,7 +173,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -191,12 +191,12 @@ "yAxis": {} }, "title": "ML Traefik Access Response Code Timechart ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -216,7 +216,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -224,7 +224,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -236,7 +236,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -252,12 +252,12 @@ "totalFunc": "sum" }, "title": "ML Traefik Access Top Remote IPs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -275,7 +275,7 @@ -0.17578125 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -283,7 +283,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -293,7 +293,7 @@ "field": "source.geo.location" }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "listeners": {}, @@ -320,18 +320,18 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, "title": "ML Traefik Access Map ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "ML-Traefik-Access-Map-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -351,7 +351,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -359,7 +359,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -371,7 +371,7 @@ "size": 1000 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -387,12 +387,12 @@ "totalFunc": "sum" }, "title": "ML Traefik Access Top URLs Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ML-Traefik-Access-Top-URLs-Table-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -431,11 +431,11 @@ "desc" ], "title": "ML Access Data [Filebeat Traefik] ECS", - "version": 1 + "winlog.version": 1 }, "id": "ML-Filebeat-Traefik-Access-ecs", - "type": "search", - "version": 3 + "winlog.api": "search", + "winlog.version": 3 }, { "attributes": { @@ -454,7 +454,7 @@ } ], "highlightAll": true, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -468,7 +468,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -477,7 +477,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -486,7 +486,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -495,7 +495,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -504,7 +504,7 @@ "row": 7, "size_x": 12, "size_y": 8, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -541,12 +541,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "ML-Traefik-Remote-IP-URL-Explorer-ecs", - "type": "dashboard", - "version": 4 + "winlog.api": "dashboard", + "winlog.version": 4 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json index 86a18d6ccbe9..05d6542a9010 100644 --- a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json +++ b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json @@ -29,7 +29,7 @@ }, "panelIndex": "1", "panelRefName": "panel_0", - "version": "7.0.0" + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -42,7 +42,7 @@ }, "panelIndex": "2", "panelRefName": "panel_1", - "version": "7.0.0" + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -55,12 +55,12 @@ }, "panelIndex": "3", "panelRefName": "panel_2", - "version": "7.0.0" + "winlog.version": "7.0.0" } ], "timeRestore": false, "title": "[Journalbeat] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "effdfcd0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { @@ -70,22 +70,22 @@ { "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_0", - "type": "search" + "winlog.api": "search" }, { "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_1", - "type": "search" + "winlog.api": "search" }, { "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_2", - "type": "search" + "winlog.api": "search" } ], - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-02-04T12:25:20.413Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -106,7 +106,7 @@ "language": "lucene", "query": "syslog.facility:0 AND syslog.priority:\\u003c4" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -114,7 +114,7 @@ "desc" ], "title": "[Journalbeat] Kernel errors ECS", - "version": 1 + "winlog.version": 1 }, "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { @@ -124,12 +124,12 @@ { "id": "33c018b0-2876-11e9-bc7e-af96a8fe0ddd", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" + "winlog.api": "index-pattern" } ], - "type": "search", + "winlog.api": "search", "updated_at": "2019-02-04T12:19:40.092Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -150,7 +150,7 @@ "language": "lucene", "query": "syslog.facility:4" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -158,7 +158,7 @@ "desc" ], "title": "[Journalbeat] Authorization ECS", - "version": 1 + "winlog.version": 1 }, "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { @@ -168,12 +168,12 @@ { "id": "33c018b0-2876-11e9-bc7e-af96a8fe0ddd", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" + "winlog.api": "index-pattern" } ], - "type": "search", + "winlog.api": "search", "updated_at": "2019-02-04T12:20:56.412Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -193,7 +193,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -201,7 +201,7 @@ "desc" ], "title": "[Journalbeat] Systemd messages ECS", - "version": 1 + "winlog.version": 1 }, "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { @@ -211,13 +211,13 @@ { "id": "33c018b0-2876-11e9-bc7e-af96a8fe0ddd", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" + "winlog.api": "index-pattern" } ], - "type": "search", + "winlog.api": "search", "updated_at": "2019-02-04T12:22:19.508Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json index 05fd491afe0e..1dea6873772d 100644 --- a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json +++ b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json @@ -11,7 +11,7 @@ "savedSearchId": "Apache-HTTPD-ecs", "title": "CPU usage [Metricbeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -21,7 +21,7 @@ "field": "apache.status.cpu.load" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "2", @@ -33,7 +33,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "id": "3", @@ -45,7 +45,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "id": "4", @@ -54,7 +54,7 @@ "field": "apache.status.cpu.user" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "5", @@ -63,7 +63,7 @@ "field": "apache.status.cpu.system" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "6", @@ -72,7 +72,7 @@ "field": "apache.status.cpu.children_user" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "7", @@ -81,7 +81,7 @@ "field": "apache.status.cpu.children_system" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "listeners": {}, @@ -102,12 +102,12 @@ "yAxis": {} }, "title": "Apache HTTPD - CPU ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Apache-HTTPD-CPU-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -129,7 +129,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -138,7 +138,7 @@ "customLabel": "Events count" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -150,7 +150,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -164,12 +164,12 @@ } }, "title": "Apache HTTPD - Hostname list ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Apache-HTTPD-Hostname-list-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -182,7 +182,7 @@ "savedSearchId": "Apache-HTTPD-ecs", "title": "Load1/5/15 [Metricbeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -192,7 +192,7 @@ "field": "apache.status.load.5" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "2", @@ -204,7 +204,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "id": "3", @@ -213,7 +213,7 @@ "field": "apache.status.load.1" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "4", @@ -222,7 +222,7 @@ "field": "apache.status.load.15" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "5", @@ -235,7 +235,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -256,12 +256,12 @@ "yAxis": {} }, "title": "Apache HTTPD - Load1/5/15 ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Apache-HTTPD-Load1-slash-5-slash-15-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -274,7 +274,7 @@ "savedSearchId": "Apache-HTTPD-ecs", "title": "Scoreboard [Metricbeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -284,7 +284,7 @@ "field": "apache.status.scoreboard.closing_connection" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "2", @@ -296,7 +296,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "id": "3", @@ -309,7 +309,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "id": "4", @@ -318,7 +318,7 @@ "field": "apache.status.scoreboard.dns_lookup" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "5", @@ -327,7 +327,7 @@ "field": "apache.status.scoreboard.gracefully_finishing" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "6", @@ -336,7 +336,7 @@ "field": "apache.status.scoreboard.idle_cleanup" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "7", @@ -345,7 +345,7 @@ "field": "apache.status.scoreboard.keepalive" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "8", @@ -354,7 +354,7 @@ "field": "apache.status.scoreboard.logging" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "9", @@ -363,7 +363,7 @@ "field": "apache.status.scoreboard.open_slot" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "10", @@ -372,7 +372,7 @@ "field": "apache.status.scoreboard.reading_request" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "11", @@ -381,7 +381,7 @@ "field": "apache.status.scoreboard.sending_reply" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "12", @@ -390,7 +390,7 @@ "field": "apache.status.scoreboard.starting_up" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "13", @@ -399,7 +399,7 @@ "field": "apache.status.scoreboard.total" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "14", @@ -408,7 +408,7 @@ "field": "apache.status.scoreboard.waiting_for_connection" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "listeners": {}, @@ -429,12 +429,12 @@ "yAxis": {} }, "title": "Apache HTTPD - Scoreboard ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Apache-HTTPD-Scoreboard-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -447,7 +447,7 @@ "savedSearchId": "Apache-HTTPD-ecs", "title": "Total accesses and kbytes [Metricbeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -457,7 +457,7 @@ "field": "apache.status.total_kbytes" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "id": "2", @@ -466,7 +466,7 @@ "field": "apache.status.total_accesses" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "listeners": {}, @@ -475,12 +475,12 @@ "handleNoResults": true }, "title": "Apache HTTPD - Total accesses and kbytes ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "Apache-HTTPD-Total-accesses-and-kbytes-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -493,7 +493,7 @@ "savedSearchId": "Apache-HTTPD-ecs", "title": "Uptime [Metricbeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -503,7 +503,7 @@ "field": "apache.status.uptime.uptime" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "id": "2", @@ -512,7 +512,7 @@ "field": "apache.status.uptime.server_uptime" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "listeners": {}, @@ -521,12 +521,12 @@ "handleNoResults": true }, "title": "Apache HTTPD - Uptime ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "Apache-HTTPD-Uptime-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -539,7 +539,7 @@ "savedSearchId": "Apache-HTTPD-ecs", "title": "Workers [Metricbeat Apache] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -549,7 +549,7 @@ "field": "apache.status.workers.busy" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "id": "2", @@ -561,7 +561,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "id": "3", @@ -574,7 +574,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "id": "4", @@ -583,7 +583,7 @@ "field": "apache.status.workers.idle" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "listeners": {}, @@ -604,12 +604,12 @@ "yAxis": {} }, "title": "Apache HTTPD - Workers ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Apache-HTTPD-Workers-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -648,11 +648,11 @@ "desc" ], "title": "Apache HTTPD ECS", - "version": 1 + "winlog.version": 1 }, "id": "Apache-HTTPD-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -671,7 +671,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -685,7 +685,7 @@ "row": 10, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -694,7 +694,7 @@ "row": 1, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -703,7 +703,7 @@ "row": 10, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -712,7 +712,7 @@ "row": 7, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -721,7 +721,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 4, @@ -730,7 +730,7 @@ "row": 1, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -739,7 +739,7 @@ "row": 4, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -770,12 +770,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat-Apache-HTTPD-server-status-ecs", - "type": "dashboard", - "version": 3 + "winlog.api": "dashboard", + "winlog.version": 3 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json index 1d8faa43ed75..7b753cf42728 100644 --- a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json +++ b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json @@ -20,7 +20,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -34,7 +34,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -44,7 +44,7 @@ "field": "docker.cpu.total.pct" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -54,7 +54,7 @@ "field": "docker.diskio.total" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -64,7 +64,7 @@ "field": "docker.memory.usage.pct" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -74,7 +74,7 @@ "field": "docker.memory.rss.total" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -84,7 +84,7 @@ "field": "container.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "listeners": {}, @@ -100,7 +100,7 @@ "totalFunc": "sum" }, "title": "Docker containers [Metricbeat Docker] ECS", - "type": "table" + "winlog.api": "table" } }, "col": 1, @@ -109,8 +109,8 @@ "row": 1, "size_x": 7, "size_y": 5, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -129,7 +129,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -140,7 +140,7 @@ "field": "docker.info.containers.running" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -150,7 +150,7 @@ "field": "docker.info.containers.paused" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -160,7 +160,7 @@ "field": "docker.info.containers.stopped" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "listeners": {}, @@ -200,15 +200,15 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, "handleNoResults": true, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Number of Containers [Metricbeat Docker] ECS", - "type": "metric" + "winlog.api": "metric" } }, "col": 8, @@ -217,8 +217,8 @@ "row": 1, "size_x": 5, "size_y": 2, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -231,7 +231,7 @@ "savedSearchId": "Metricbeat-Docker-ecs", "title": "Docker containers per host [Metricbeat Docker] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -242,7 +242,7 @@ "field": "container.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -255,7 +255,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -267,7 +267,7 @@ "shareYAxis": true }, "title": "Docker containers per host [Metricbeat Docker] ECS", - "type": "pie" + "winlog.api": "pie" } }, "col": 8, @@ -276,8 +276,8 @@ "row": 3, "size_x": 2, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -290,7 +290,7 @@ "savedSearchId": "Metricbeat-Docker-ecs", "title": "Docker images and names [Metricbeat Docker] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -298,7 +298,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -310,7 +310,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -322,7 +322,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -334,7 +334,7 @@ "shareYAxis": true }, "title": "Docker images and names [Metricbeat Docker] ECS", - "type": "pie" + "winlog.api": "pie" } }, "col": 10, @@ -343,8 +343,8 @@ "row": 3, "size_x": 3, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -376,7 +376,7 @@ }, "title": "CPU usage [Metricbeat Docker] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -390,7 +390,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -403,7 +403,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -416,7 +416,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -433,12 +433,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -463,7 +463,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -484,20 +484,20 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "CPU usage [Metricbeat Docker] ECS", - "type": "area" + "winlog.api": "area" } }, "col": 1, @@ -506,8 +506,8 @@ "row": 6, "size_x": 6, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -539,7 +539,7 @@ }, "title": "Memory usage [Metricbeat Docker] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -550,7 +550,7 @@ "field": "docker.memory.usage.total" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -563,7 +563,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -576,7 +576,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -593,12 +593,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -623,7 +623,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -644,20 +644,20 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Memory usage [Metricbeat Docker] ECS", - "type": "area" + "winlog.api": "area" } }, "col": 7, @@ -666,8 +666,8 @@ "row": 6, "size_x": 6, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -699,7 +699,7 @@ }, "title": "Network IO [Metricbeat Docker] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -710,7 +710,7 @@ "field": "docker.network.in.bytes" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -723,7 +723,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -736,7 +736,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -746,7 +746,7 @@ "field": "docker.network.out.bytes" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "listeners": {}, @@ -763,12 +763,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -793,7 +793,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -814,20 +814,20 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Network IO [Metricbeat Docker] ECS", - "type": "area" + "winlog.api": "area" } }, "col": 1, @@ -836,8 +836,8 @@ "row": 9, "size_x": 12, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -876,11 +876,11 @@ "desc" ], "title": "Metricbeat Docker ECS", - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat-Docker-ecs", - "type": "search", - "version": 4 + "winlog.api": "search", + "winlog.version": 4 }, { "attributes": { @@ -899,7 +899,7 @@ } ], "highlightAll": true, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -913,7 +913,7 @@ "row": 1, "size_x": 7, "size_y": 5, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 8, @@ -922,7 +922,7 @@ "row": 1, "size_x": 5, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 8, @@ -931,7 +931,7 @@ "row": 3, "size_x": 2, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 10, @@ -940,7 +940,7 @@ "row": 3, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -949,7 +949,7 @@ "row": 6, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -958,7 +958,7 @@ "row": 6, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -967,7 +967,7 @@ "row": 9, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -1006,12 +1006,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "AV4REOpp5NkDleZmzKkE-ecs", - "type": "dashboard", - "version": 3 + "winlog.api": "dashboard", + "winlog.version": 3 } ], - "version": "5.6.0-SNAPSHOT" + "winlog.version": "5.6.0-SNAPSHOT" } diff --git a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json index 8761996a3266..0b569dc16b93 100644 --- a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json +++ b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json @@ -19,7 +19,7 @@ }, "title": "Heap Summary [Metricbeat Golang] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -27,12 +27,12 @@ "interval": "10s" }, "title": "Heap Summary [Metricbeat Golang] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "58000780-f529-11e6-844d-b170e2f0a07e-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -53,7 +53,7 @@ }, "title": "Heap [Metricbeat Golang] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -61,12 +61,12 @@ "interval": "10s" }, "title": "Heap [Metricbeat Golang] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "95388680-f52a-11e6-969c-518c48c913e4-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -87,7 +87,7 @@ }, "title": "Objects [Metricbeat Golang] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -95,12 +95,12 @@ "interval": "10s" }, "title": "Objects [Metricbeat Golang] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "b59a5200-f52a-11e6-969c-518c48c913e4-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -121,7 +121,7 @@ }, "title": "System [Metricbeat Golang] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -129,12 +129,12 @@ "interval": "10s" }, "title": "System [Metricbeat Golang] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -155,7 +155,7 @@ }, "title": "GC count [Metricbeat Golang] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -163,12 +163,12 @@ "interval": "10s" }, "title": "GC count [Metricbeat Golang] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "b046cb80-f52a-11e6-969c-518c48c913e4-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -189,7 +189,7 @@ }, "title": "GC durations [Metricbeat Golang] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -197,12 +197,12 @@ "interval": "10s" }, "title": "GC durations [Metricbeat Golang] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "ab226b50-f52a-11e6-969c-518c48c913e4-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -221,7 +221,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -235,7 +235,7 @@ "row": 1, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -244,7 +244,7 @@ "row": 4, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -253,7 +253,7 @@ "row": 4, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -262,7 +262,7 @@ "row": 4, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -271,7 +271,7 @@ "row": 8, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -280,18 +280,18 @@ "row": 8, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, "title": "[Metricbeat Golang] Overview ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "f2dc7320-f519-11e6-a3c9-9d1f7c42b045-ecs", - "type": "dashboard", - "version": 3 + "winlog.api": "dashboard", + "winlog.version": 3 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json index 8e63c868b7be..0c19495a0342 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -31,8 +31,8 @@ }, "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -44,8 +44,8 @@ }, "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -57,8 +57,8 @@ }, "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -70,8 +70,8 @@ }, "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -83,8 +83,8 @@ }, "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -96,19 +96,19 @@ }, "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" } ], "timeRestore": false, "title": "[Metricbeat HAProxy] Backend ECS", - "version": 1 + "winlog.version": 1 }, "id": "9151c900-471d-11e8-bc13-1397384faad3-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-04-24T18:31:25.838Z", - "version": 15 + "winlog.version": 15 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json index 83f91be2ecd2..91f7345cd7cd 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -31,8 +31,8 @@ }, "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -44,19 +44,19 @@ }, "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" } ], "timeRestore": false, "title": "[Metricbeat HAProxy] Frontend ECS", - "version": 1 + "winlog.version": 1 }, "id": "d5878d00-47c5-11e8-bc13-1397384faad3-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-04-24T18:32:51.945Z", - "version": 5 + "winlog.version": 5 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json index 24a8cd5f4488..31a3c8c7a13b 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -31,8 +31,8 @@ }, "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -44,8 +44,8 @@ }, "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -57,8 +57,8 @@ }, "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -70,8 +70,8 @@ }, "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -83,8 +83,8 @@ }, "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -96,8 +96,8 @@ }, "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -109,8 +109,8 @@ }, "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -122,19 +122,19 @@ }, "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" } ], "timeRestore": false, "title": "[Metricbeat HAProxy] HTTP backend ECS", - "version": 1 + "winlog.version": 1 }, "id": "0836a4b0-47bd-11e8-bc13-1397384faad3-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-04-24T18:33:28.791Z", - "version": 6 + "winlog.version": 6 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json index 8be2d4cced9d..12079bfbbd04 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -31,8 +31,8 @@ }, "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -44,8 +44,8 @@ }, "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -57,19 +57,19 @@ }, "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" } ], "timeRestore": false, "title": "[Metricbeat HAProxy] HTTP frontend ECS", - "version": 1 + "winlog.version": 1 }, "id": "e9057ae0-47c5-11e8-bc13-1397384faad3-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-04-24T18:34:15.954Z", - "version": 5 + "winlog.version": 5 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json index 5d59ab730990..d297538157cf 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -31,8 +31,8 @@ }, "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -44,8 +44,8 @@ }, "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -57,8 +57,8 @@ }, "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -70,8 +70,8 @@ }, "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -83,8 +83,8 @@ }, "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", "panelIndex": "10", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -96,19 +96,19 @@ }, "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", "panelIndex": "11", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" } ], "timeRestore": false, "title": "[Metricbeat HAProxy] HTTP server ECS", - "version": 1 + "winlog.version": 1 }, "id": "8cc50a50-47e0-11e8-bc13-1397384faad3-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-04-24T18:34:50.803Z", - "version": 9 + "winlog.version": 9 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json index 3a0af4d69f22..ef155375a54f 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -32,8 +32,8 @@ "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "title": "Servers", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -46,8 +46,8 @@ "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "title": "Backends", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -60,8 +60,8 @@ "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "title": "Frontends", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -73,19 +73,19 @@ }, "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" } ], "timeRestore": false, "title": "[Metricbeat HAProxy] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "4b555c30-47dd-11e8-bc13-1397384faad3-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-04-24T18:31:56.356Z", - "version": 3 + "winlog.version": 3 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json index 56dc83d07d3d..0517aa4bd534 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json @@ -8,7 +8,7 @@ }, "title": "Connections [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -24,7 +24,7 @@ "id": "69899960-4719-11e8-a520-3f46123ab5eb" } ], - "filter": "haproxy.stat.component_type:(0 OR 1)", + "filter": "haproxy.stat.component_winlog.api:(0 OR 1)", "gauge_color_rules": [ { "id": "6f171ba0-4719-11e8-a520-3f46123ab5eb" @@ -51,18 +51,18 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "41ff3940-4719-11e8-a520-3f46123ab5eb", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "41ff3940-4719-11e8-a520-3f46123ab5eb", "id": "456a5fa0-4738-11e8-8633-8f8b3acf1566", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -84,16 +84,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy connections ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-23T20:54:01.082Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -103,7 +103,7 @@ }, "title": "Active servers in backend [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -122,7 +122,7 @@ "id": "297160c0-471d-11e8-9876-09cc6c85f5f2" } ], - "filter": "haproxy.stat.component_type:(2 OR 3)", + "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", "gauge_color_rules": [ { "gauge": "rgba(255,0,5,1)", @@ -164,7 +164,7 @@ "metric_agg": "count", "numerator": "*", "script": "params.up / (params.down + params.up)", - "type": "cardinality", + "winlog.api": "cardinality", "variables": [ { "field": "61ca57f2-469d-11e7-af02-69e470af7417", @@ -198,7 +198,7 @@ { "field": "haproxy.stat.server.id", "id": "2cba9421-4724-11e8-b854-2f6d2b452362", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -210,16 +210,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "HAProxy active servers in backend ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-23T21:36:57.634Z", - "version": 8 + "winlog.version": 8 }, { "attributes": { @@ -229,7 +229,7 @@ }, "title": "Connections per server [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -240,8 +240,8 @@ "id": "978f2660-4735-11e8-b619-8f82b8185e96" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'process.name:\"{{ key }}\"'))", - "filter": "haproxy.stat.component_type:(2 OR 3)", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -259,12 +259,12 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "3ea29000-4735-11e8-b619-8f82b8185e96", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -272,22 +272,22 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "process.name" + "terms_field": "haproxy.stat.service_name" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "HAProxy connections per server ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T17:12:35.298Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -297,7 +297,7 @@ }, "title": "Downtime seconds [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -308,7 +308,7 @@ "id": "c86b8e00-4739-11e8-8953-55bbe33e1362" } ], - "filter": "haproxy.stat.component_type:1", + "filter": "haproxy.stat.component_winlog.api:1", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -326,19 +326,19 @@ { "field": "haproxy.stat.downtime", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "91aa6a20-473a-11e8-8953-55bbe33e1362", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "91aa6a20-473a-11e8-8953-55bbe33e1362", "id": "a8ce7ca0-473a-11e8-8953-55bbe33e1362", "sigma": "", - "type": "sum_bucket" + "winlog.api": "sum_bucket" } ], "point_size": 1, @@ -352,16 +352,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "HAProxy downtime seconds ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-23T21:29:04.708Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -371,7 +371,7 @@ }, "title": "Average time in queue [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -394,7 +394,7 @@ { "field": "haproxy.stat.queue.time.avg", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -406,16 +406,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy average time in queue ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T09:27:25.783Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -425,7 +425,7 @@ }, "title": "Traffic volume [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -448,12 +448,12 @@ { "field": "haproxy.stat.in.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "9814c420-47c4-11e8-994c-81d2daeb7c86", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -475,12 +475,12 @@ { "field": "haproxy.stat.out.bytes", "id": "c89d6340-47c4-11e8-994c-81d2daeb7c86", - "type": "sum" + "winlog.api": "sum" }, { "field": "c89d6340-47c4-11e8-994c-81d2daeb7c86", "id": "c89d6341-47c4-11e8-994c-81d2daeb7c86", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -494,16 +494,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy traffic volume ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T14:43:27.616Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -513,7 +513,7 @@ }, "title": "HTTP response codes [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -536,18 +536,18 @@ { "field": "haproxy.stat.response.http.2xx", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "973a6de0-47bd-11e8-b7ab-dff70b15977c", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "973a6de0-47bd-11e8-b7ab-dff70b15977c", "id": "4971d580-47e5-11e8-b45e-f10c3845381c", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -569,12 +569,12 @@ { "field": "haproxy.stat.response.http.3xx", "id": "aafd05e1-47bd-11e8-b7ab-dff70b15977c", - "type": "sum" + "winlog.api": "sum" }, { "field": "aafd05e1-47bd-11e8-b7ab-dff70b15977c", "id": "aafd05e2-47bd-11e8-b7ab-dff70b15977c", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -596,12 +596,12 @@ { "field": "haproxy.stat.response.http.4xx", "id": "c77191a1-47bd-11e8-b7ab-dff70b15977c", - "type": "sum" + "winlog.api": "sum" }, { "field": "c77191a1-47bd-11e8-b7ab-dff70b15977c", "id": "c77191a2-47bd-11e8-b7ab-dff70b15977c", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -623,12 +623,12 @@ { "field": "haproxy.stat.response.http.5xx", "id": "d574e901-47bd-11e8-b7ab-dff70b15977c", - "type": "sum" + "winlog.api": "sum" }, { "field": "d574e901-47bd-11e8-b7ab-dff70b15977c", "id": "d5753720-47bd-11e8-b7ab-dff70b15977c", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -650,12 +650,12 @@ { "field": "haproxy.stat.response.http.other", "id": "e3b8a4c1-47bd-11e8-b7ab-dff70b15977c", - "type": "sum" + "winlog.api": "sum" }, { "field": "e3b8a4c1-47bd-11e8-b7ab-dff70b15977c", "id": "e3b8a4c2-47bd-11e8-b7ab-dff70b15977c", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -677,12 +677,12 @@ { "field": "haproxy.stat.response.errors", "id": "f9217d41-47be-11e8-b7ab-dff70b15977c", - "type": "sum" + "winlog.api": "sum" }, { "field": "f9217d41-47be-11e8-b7ab-dff70b15977c", "id": "1b7d4400-47bf-11e8-b7ab-dff70b15977c", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -695,16 +695,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy HTTP response codes ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T17:31:30.169Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -714,7 +714,7 @@ }, "title": "Average response time [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -737,7 +737,7 @@ { "field": "haproxy.stat.response.time.avg", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -750,16 +750,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy average response time ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T13:01:49.811Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -769,7 +769,7 @@ }, "title": "Requests [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -792,18 +792,18 @@ { "field": "haproxy.stat.request.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "max" + "winlog.api": "max" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "ad38e2c0-47d6-11e8-994c-81d2daeb7c86", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "ad38e2c0-47d6-11e8-994c-81d2daeb7c86", "id": "b1ca03a0-47d6-11e8-994c-81d2daeb7c86", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -825,18 +825,18 @@ { "field": "haproxy.stat.request.errors", "id": "c2f30501-47d6-11e8-994c-81d2daeb7c86", - "type": "max" + "winlog.api": "max" }, { "field": "c2f30501-47d6-11e8-994c-81d2daeb7c86", "id": "c2f30502-47d6-11e8-994c-81d2daeb7c86", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "c2f30502-47d6-11e8-994c-81d2daeb7c86", "id": "c2f30503-47d6-11e8-994c-81d2daeb7c86", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -858,18 +858,18 @@ { "field": "haproxy.stat.request.denied", "id": "11968ce1-47d7-11e8-994c-81d2daeb7c86", - "type": "max" + "winlog.api": "max" }, { "field": "11968ce1-47d7-11e8-994c-81d2daeb7c86", "id": "11968ce2-47d7-11e8-994c-81d2daeb7c86", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "11968ce2-47d7-11e8-994c-81d2daeb7c86", "id": "11968ce3-47d7-11e8-994c-81d2daeb7c86", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -882,16 +882,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy requests ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T15:50:19.344Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -901,7 +901,7 @@ }, "title": "Average connection time [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -947,7 +947,7 @@ "value": "50" } ], - "type": "percentile" + "winlog.api": "percentile" } ], "point_size": 1, @@ -955,22 +955,22 @@ "split_color_mode": "gradient", "split_mode": "everything", "stacked": "none", - "terms_field": "process.name" + "terms_field": "haproxy.stat.service_name" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy average connection time ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T08:51:34.252Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -980,7 +980,7 @@ }, "title": "Number of server connections [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -995,7 +995,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_type:(2 OR 3)", + "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Number of connections", @@ -1004,18 +1004,18 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "22668d40-47e1-11e8-96ee-d767c73d008a", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "22668d40-47e1-11e8-96ee-d767c73d008a", "id": "2a1d0a00-47e1-11e8-96ee-d767c73d008a", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -1023,22 +1023,22 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "process.name" + "terms_field": "haproxy.stat.service_name" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy number of server connections ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T17:05:00.128Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1048,7 +1048,7 @@ }, "title": "Healthcheck [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1071,25 +1071,25 @@ { "field": "haproxy.stat.downtime", "id": "198f56e1-47e4-11e8-b45e-f10c3845381c", - "type": "sum" + "winlog.api": "sum" }, { "field": "198f56e1-47e4-11e8-b45e-f10c3845381c", "id": "dbf38560-47e6-11e8-b45e-f10c3845381c", "sigma": "", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "dbf38560-47e6-11e8-b45e-f10c3845381c", "id": "62274b80-47e7-11e8-b45e-f10c3845381c", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { "id": "7b7a7300-47e7-11e8-b45e-f10c3845381c", "script": "(params.down > 0) ? 1 : 0", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "62274b80-47e7-11e8-b45e-f10c3845381c", @@ -1117,7 +1117,7 @@ { "field": "haproxy.stat.check.duration", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -1129,16 +1129,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "HAProxy healthcheck ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T17:49:15.393Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -1148,7 +1148,7 @@ }, "title": "Servers per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1159,7 +1159,7 @@ "id": "50830800-47d9-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'process.name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", "filter": "", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "ignore_global_filter": 0, @@ -1172,7 +1172,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_type:(2 OR 3)", + "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Servers", @@ -1181,14 +1181,14 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" } ], "point_size": 1, "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "process.name", + "terms_field": "haproxy.stat.service_name", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417", "terms_size": "20", "var_name": "" @@ -1197,16 +1197,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "HAProxy servers per connection ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T17:11:53.619Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -1216,7 +1216,7 @@ }, "title": "Backends per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1237,7 +1237,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_type:1", + "filter": "haproxy.stat.component_winlog.api:1", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Backends", @@ -1246,7 +1246,7 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" } ], "point_size": 1, @@ -1261,16 +1261,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "HAProxy backends per connection ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T16:46:24.802Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1280,7 +1280,7 @@ }, "title": "Frontends per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1301,7 +1301,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_type:0", + "filter": "haproxy.stat.component_winlog.api:0", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Frontends", @@ -1310,7 +1310,7 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" } ], "point_size": 1, @@ -1325,17 +1325,17 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "HAProxy frontends per connection ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-04-24T16:54:16.639Z", - "version": 3 + "winlog.version": 3 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json index c86935cd7a43..54cae3418154 100644 --- a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json +++ b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json @@ -8,7 +8,7 @@ }, "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -38,7 +38,7 @@ { "field": "kafka.partition.offset.newest", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" } ], "point_size": "0", @@ -64,7 +64,7 @@ { "field": "kafka.consumergroup.offset", "id": "d43034c1-8f1e-11e8-8784-cd0acd161a28", - "type": "sum" + "winlog.api": "sum" } ], "point_size": "1.5", @@ -86,16 +86,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "version": 9 + "winlog.version": 9 }, { "attributes": { @@ -105,7 +105,7 @@ }, "title": "Kafka Controls [Metricbeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -119,10 +119,10 @@ "multiselect": true, "order": "desc", "size": 10, - "type": "terms" + "winlog.api": "terms" }, "parent": "", - "type": "list" + "winlog.api": "list" }, { "fieldName": "kafka.partition.id", @@ -133,10 +133,10 @@ "multiselect": true, "order": "desc", "size": 5, - "type": "terms" + "winlog.api": "terms" }, "parent": "1532342651170", - "type": "list" + "winlog.api": "list" } ], "pinFilters": false, @@ -144,13 +144,13 @@ "useTimeFilter": false }, "title": "Kafka Controls [Metricbeat Kafka] ECS", - "type": "input_control_vis" + "winlog.api": "input_control_vis" } }, "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "version": 10 + "winlog.version": 10 }, { "attributes": { @@ -160,7 +160,7 @@ }, "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -184,17 +184,17 @@ { "field": "kafka.partition.offset.newest", "id": "0dcb8021-8e6d-11e8-bfab-6f29bad3a6f2", - "type": "max" + "winlog.api": "max" }, { "field": "kafka.consumergroup.offset", "id": "4bd11db0-8e6f-11e8-bfab-6f29bad3a6f2", - "type": "max" + "winlog.api": "max" }, { "id": "e0742d50-8e78-11e8-abb3-cf57ca7a810c", "script": "def lag = params.partition - params.consumergroup; if (lag < 0) { return 0 } return lag", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "0dcb8021-8e6d-11e8-bfab-6f29bad3a6f2", @@ -220,16 +220,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "version": 8 + "winlog.version": 8 }, { "attributes": { @@ -249,16 +249,16 @@ "negate": false, "params": { "query": "partition", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "partition" }, "query": { "match": { "metricset.name": { "query": "partition", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -275,16 +275,16 @@ "negate": true, "params": { "query": "__consumer_offsets", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "__consumer_offsets" }, "query": { "match": { "kafka.topic.name": { "query": "__consumer_offsets", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -299,7 +299,7 @@ }, "title": "Kafka Metrics [Metricbeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -310,7 +310,7 @@ "field": "kafka.topic.name" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -320,7 +320,7 @@ "field": "kafka.partition.broker.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -330,7 +330,7 @@ "field": "kafka.partition.topic_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -340,7 +340,7 @@ "field": "kafka.partition.topic_broker_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -369,16 +369,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Kafka Metrics [Metricbeat Kafka] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "version": 12 + "winlog.version": 12 }, { "attributes": { @@ -388,7 +388,7 @@ }, "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -415,18 +415,18 @@ { "field": "kafka.consumergroup.partition", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "6b69c760-8f20-11e8-8927-d7e991b5b6ab", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "id": "976f9d80-8f20-11e8-8927-d7e991b5b6ab", "script": "if (params.sum_partition < 0) { return -1 } else if (params.sum_partition > 0) { return 1 }", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "6b69c760-8f20-11e8-8927-d7e991b5b6ab", @@ -448,16 +448,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "version": 8 + "winlog.version": 8 }, { "attributes": { @@ -477,16 +477,16 @@ "negate": true, "params": { "query": "__consumer_offsets", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "__consumer_offsets" }, "query": { "match": { "kafka.topic.name": { "query": "__consumer_offsets", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -501,7 +501,7 @@ }, "title": "Consumer Metrics [Metricbeat Kafka] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -512,7 +512,7 @@ "field": "kafka.consumergroup.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -541,16 +541,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Consumer Metrics [Metricbeat Kafka] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "version": 8 + "winlog.version": 8 }, { "attributes": { @@ -576,7 +576,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -587,7 +587,7 @@ "field": "kafka.consumergroup.offset" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -604,7 +604,7 @@ "size": 64 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -621,7 +621,7 @@ "size": 64 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -638,7 +638,7 @@ "size": 256 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -653,13 +653,13 @@ "totalFunc": "sum" }, "title": "Kafka Consumer Group Clients [Metricbeat Kafka] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -676,7 +676,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -708,7 +708,7 @@ { "field": "kafka.topic.name", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -737,7 +737,7 @@ { "field": "kafka.partition.topic_id", "id": "b38eb8b0-d2ec-11e8-88c8-af5b2a9ee6b2", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -764,7 +764,7 @@ { "field": "kafka.partition.topic_broker_id", "id": "cf09f050-d2ec-11e8-88c8-af5b2a9ee6b2", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -776,16 +776,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "table" + "winlog.api": "table" }, "title": "Kafka Broker Details [Metricbeat Kafka] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:28:30.809Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -802,7 +802,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -839,7 +839,7 @@ { "field": "kafka.broker.id", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -866,7 +866,7 @@ { "field": "kafka.partition.id", "id": "7d640441-d2f4-11e8-9dd4-c5f03280d7b0", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -893,7 +893,7 @@ { "field": "kafka.partition.topic_broker_id", "id": "ad26e261-d2f4-11e8-9dd4-c5f03280d7b0", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -920,7 +920,7 @@ { "field": "kafka.consumergroup.client.id", "id": "26d2cd91-d2f5-11e8-9dd4-c5f03280d7b0", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -947,7 +947,7 @@ { "field": "kafka.partition.offset.newest", "id": "dc393530-d2f4-11e8-9dd4-c5f03280d7b0", - "type": "max" + "winlog.api": "max" } ], "point_size": 1, @@ -974,7 +974,7 @@ { "field": "kafka.partition.offset.oldest", "id": "11366c81-d2f5-11e8-9dd4-c5f03280d7b0", - "type": "min" + "winlog.api": "min" } ], "point_size": 1, @@ -986,16 +986,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "table" + "winlog.api": "table" }, "title": "Kafka Topic Details [Metricbeat Kafka] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-10-18T16:51:33.352Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -1009,7 +1009,7 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1029,8 +1029,8 @@ "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "1", "title": "Kafka Topic & Consumer Offsets", - "type": "visualization", - "version": "6.3.1" + "winlog.api": "visualization", + "winlog.version": "6.3.1" }, { "gridData": { @@ -1043,8 +1043,8 @@ "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "3", "title": "Kafka Controls", - "type": "visualization", - "version": "6.3.1" + "winlog.api": "visualization", + "winlog.version": "6.3.1" }, { "gridData": { @@ -1057,8 +1057,8 @@ "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "6", "title": "Consumer Group Lag by Topic", - "type": "visualization", - "version": "6.3.1" + "winlog.api": "visualization", + "winlog.version": "6.3.1" }, { "embeddableConfig": { @@ -1074,8 +1074,8 @@ "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "10", "title": "Kafka Metrics", - "type": "visualization", - "version": "6.3.1" + "winlog.api": "visualization", + "winlog.version": "6.3.1" }, { "embeddableConfig": {}, @@ -1089,8 +1089,8 @@ "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "12", "title": "Consumer Partition Reassignments", - "type": "visualization", - "version": "6.3.1" + "winlog.api": "visualization", + "winlog.version": "6.3.1" }, { "embeddableConfig": {}, @@ -1104,8 +1104,8 @@ "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "13", "title": "Consumer Metrics", - "type": "visualization", - "version": "6.3.1" + "winlog.api": "visualization", + "winlog.version": "6.3.1" }, { "embeddableConfig": { @@ -1129,8 +1129,8 @@ "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "14", "title": "Kafka Consumer Group Clients", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -1144,8 +1144,8 @@ "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "15", "title": "Kafka Brokers", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": { @@ -1166,19 +1166,19 @@ "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "16", "title": "Kafka Topic Details", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" } ], "timeRestore": false, "title": "[Metricbeat Kafka] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "ea488d90-8e63-11e8-8fa2-3d5f811fbd0f-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-10-18T17:11:35.895Z", - "version": 23 + "winlog.version": 23 } ], - "version": "6.3.0" + "winlog.version": "6.3.0" } diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json index ae02bfe3ea95..d51b4e8f6ef4 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json @@ -8,7 +8,7 @@ }, "title": "Kubernetes API Server: Top clients by number of requests ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -37,12 +37,12 @@ { "field": "kubernetes.apiserver.request.count", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "0e6ff4a0-5792-11e8-8bd0-2180975e72dd", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -64,16 +64,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Kubernetes API Server: Top clients by number of requests ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-05-14T18:23:10.501Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -83,7 +83,7 @@ }, "title": "Kubernetes API Server: Requests ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -107,17 +107,17 @@ { "field": "kubernetes.apiserver.request.latency.sum", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "kubernetes.apiserver.request.count", "id": "a2185e50-57a0-11e8-af57-a1d645d2b569", - "type": "sum" + "winlog.api": "sum" }, { "id": "b09133d0-57a0-11e8-af57-a1d645d2b569", "script": "params.sum / params.count", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "61ca57f2-469d-11e7-af02-69e470af7417", @@ -151,12 +151,12 @@ { "field": "kubernetes.apiserver.request.count", "id": "c001ba50-57a1-11e8-a049-ff54cef064a2", - "type": "sum" + "winlog.api": "sum" }, { "field": "c001ba50-57a1-11e8-a049-ff54cef064a2", "id": "dc83b390-57a1-11e8-a049-ff54cef064a2", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -169,16 +169,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Kubernetes API Server: Requests ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-05-14T18:21:27.515Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -188,7 +188,7 @@ }, "title": "Kubernetes API Server: Top clients by resource ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -217,12 +217,12 @@ { "field": "kubernetes.apiserver.request.count", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "0e6ff4a0-5792-11e8-8bd0-2180975e72dd", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -246,16 +246,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Kubernetes API Server: Top clients by resource ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-05-14T18:23:50.093Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -269,7 +269,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -289,8 +289,8 @@ }, "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -303,8 +303,8 @@ }, "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -317,19 +317,19 @@ }, "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" } ], "timeRestore": false, "title": "[Metricbeat Kubernetes] API server ECS", - "version": 1 + "winlog.version": 1 }, "id": "af7225b0-5794-11e8-afa2-e9067ea62228-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-05-14T18:23:55.202Z", - "version": 5 + "winlog.version": 5 } ], - "version": "6.3.0" + "winlog.version": "6.3.0" } diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json index 788394b8111c..148a7e3e8077 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json @@ -18,7 +18,7 @@ }, "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -42,7 +42,7 @@ { "field": "kubernetes.deployment.replicas.available", "id": "64456841-30df-11e7-8df8-6d3604a72912", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -62,16 +62,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-11T20:59:01.845Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -88,7 +88,7 @@ }, "title": "CPU usage by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -130,7 +130,7 @@ { "field": "kubernetes.container.cpu.usage.nanocores", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "type": "sum" + "winlog.api": "sum" } ], "override_index_pattern": 0, @@ -159,12 +159,12 @@ { "field": "kubernetes.node.cpu.capacity.cores", "id": "22f65d41-31a7-11e7-84cc-096d2b38e6e5", - "type": "avg" + "winlog.api": "avg" }, { "id": "4af4c390-34d6-11e7-be88-cb6a123dc1bb", "script": "params.cores * 1000000000", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "22f65d41-31a7-11e7-84cc-096d2b38e6e5", @@ -189,16 +189,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "CPU usage by node [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -215,7 +215,7 @@ }, "title": "Kubernetes - Deployments ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -258,7 +258,7 @@ { "field": "kubernetes.deployment.name", "id": "4c4690b2-30e0-11e7-8df8-6d3604a72912", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -270,16 +270,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Kubernetes - Deployments ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -296,7 +296,7 @@ }, "title": "Kubernetes - Desired pods ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -340,7 +340,7 @@ { "field": "kubernetes.deployment.replicas.desired", "id": "54cf79a0-30d5-11e7-8df8-6d3604a72912", - "type": "sum" + "winlog.api": "sum" } ], "override_index_pattern": 1, @@ -354,16 +354,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Kubernetes - Desired pods ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -383,7 +383,7 @@ }, "title": "Memory usage by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -424,17 +424,17 @@ { "field": "kubernetes.container.memory.usage.bytes", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "type": "sum" + "winlog.api": "sum" }, { "field": "0d5c9221-2bf2-11e7-859b-f78b612cde28", "id": "9f0cf900-1ffb-11e8-81f2-43be86397500", - "type": "cumulative_sum" + "winlog.api": "cumulative_sum" }, { "field": "9f0cf900-1ffb-11e8-81f2-43be86397500", "id": "a926e130-1ffb-11e8-81f2-43be86397500", - "type": "derivative", + "winlog.api": "derivative", "unit": "10s" } ], @@ -460,17 +460,17 @@ { "field": "kubernetes.node.memory.capacity.bytes", "id": "8ba3b271-31a7-11e7-84cc-096d2b38e6e5", - "type": "sum" + "winlog.api": "sum" }, { "field": "8ba3b271-31a7-11e7-84cc-096d2b38e6e5", "id": "d1fb2670-1ffb-11e8-81f2-43be86397500", - "type": "cumulative_sum" + "winlog.api": "cumulative_sum" }, { "field": "d1fb2670-1ffb-11e8-81f2-43be86397500", "id": "dc8b01f0-1ffb-11e8-81f2-43be86397500", - "type": "derivative", + "winlog.api": "derivative", "unit": "10s" } ], @@ -486,16 +486,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Memory usage by node [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-04T23:15:29.035Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -512,7 +512,7 @@ }, "title": "Network in by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -555,18 +555,18 @@ { "field": "kubernetes.pod.network.rx.bytes", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "type": "sum" + "winlog.api": "sum" }, { "field": "0d5c9221-2bf2-11e7-859b-f78b612cde28", "id": "494fc310-2bf7-11e7-859b-f78b612cde28", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "494fc310-2bf7-11e7-859b-f78b612cde28", "id": "37c72a70-3598-11e7-aa4a-8313a0c92a88", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -581,16 +581,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Network in by node [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -607,7 +607,7 @@ }, "title": "Network out by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -650,18 +650,18 @@ { "field": "kubernetes.pod.network.tx.bytes", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "type": "sum" + "winlog.api": "sum" }, { "field": "0d5c9221-2bf2-11e7-859b-f78b612cde28", "id": "494fc310-2bf7-11e7-859b-f78b612cde28", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "494fc310-2bf7-11e7-859b-f78b612cde28", "id": "244c70e0-3598-11e7-aa4a-8313a0c92a88", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -676,16 +676,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Network out by node [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -702,7 +702,7 @@ }, "title": "Kubernetes - Nodes ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -745,7 +745,7 @@ { "field": "kubernetes.node.name", "id": "4c4690b2-30e0-11e7-8df8-6d3604a72912", - "type": "cardinality" + "winlog.api": "cardinality" } ], "point_size": 1, @@ -757,16 +757,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Kubernetes - Nodes ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -783,7 +783,7 @@ }, "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -812,18 +812,18 @@ { "field": "kubernetes.container.cpu.usage.core.ns", "id": "5d3692a2-2bfc-11e7-859b-f78b612cde28", - "type": "sum" + "winlog.api": "sum" }, { "field": "5d3692a2-2bfc-11e7-859b-f78b612cde28", "id": "6c905240-2bfc-11e7-859b-f78b612cde28", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "6c905240-2bfc-11e7-859b-f78b612cde28", "id": "9a51f710-359d-11e7-aa4a-8313a0c92a88", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -840,16 +840,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -869,7 +869,7 @@ }, "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -897,17 +897,17 @@ { "field": "kubernetes.container.memory.usage.bytes", "id": "5d3692a2-2bfc-11e7-859b-f78b612cde28", - "type": "sum" + "winlog.api": "sum" }, { "field": "5d3692a2-2bfc-11e7-859b-f78b612cde28", "id": "3972e9f0-256f-11e8-84e6-87221f87ae3b", - "type": "cumulative_sum" + "winlog.api": "cumulative_sum" }, { "field": "3972e9f0-256f-11e8-84e6-87221f87ae3b", "id": "3e9fd5a0-256f-11e8-84e6-87221f87ae3b", - "type": "derivative", + "winlog.api": "derivative", "unit": "10s" } ], @@ -926,16 +926,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-11T21:00:49.028Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -952,7 +952,7 @@ }, "title": "Kubernetes - Unavailable pods ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -996,7 +996,7 @@ { "field": "kubernetes.deployment.replicas.unavailable", "id": "54cf79a0-30d5-11e7-8df8-6d3604a72912", - "type": "sum" + "winlog.api": "sum" } ], "override_index_pattern": 1, @@ -1009,16 +1009,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Kubernetes - Unavailable pods ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -1038,7 +1038,7 @@ }, "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1062,7 +1062,7 @@ { "field": "kubernetes.deployment.replicas.unavailable", "id": "64456841-30df-11e7-8df8-6d3604a72912", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -1082,16 +1082,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-11T20:59:18.668Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -1108,7 +1108,7 @@ }, "title": "Kubernetes - Available pods ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -1152,7 +1152,7 @@ { "field": "kubernetes.deployment.replicas.available", "id": "54cf79a0-30d5-11e7-8df8-6d3604a72912", - "type": "sum" + "winlog.api": "sum" } ], "override_index_pattern": 1, @@ -1167,16 +1167,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Kubernetes - Available pods ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -1195,7 +1195,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1213,8 +1213,8 @@ }, "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1226,8 +1226,8 @@ }, "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1239,8 +1239,8 @@ }, "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1252,8 +1252,8 @@ }, "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1265,8 +1265,8 @@ }, "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1278,8 +1278,8 @@ }, "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1291,8 +1291,8 @@ }, "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "9", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1304,8 +1304,8 @@ }, "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "10", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1317,8 +1317,8 @@ }, "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "11", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1330,8 +1330,8 @@ }, "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", "panelIndex": "12", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1343,8 +1343,8 @@ }, "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", "panelIndex": "13", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1356,8 +1356,8 @@ }, "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", "panelIndex": "14", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" }, { "gridData": { @@ -1369,19 +1369,19 @@ }, "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", "panelIndex": "15", - "type": "visualization", - "version": "6.2.2" + "winlog.api": "visualization", + "winlog.version": "6.2.2" } ], "timeRestore": false, "title": "[Metricbeat Kubernetes] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "AV4RGUqo5NkDleZmzKuZ-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-03-11T21:00:58.354Z", - "version": 4 + "winlog.version": 4 } ], - "version": "6.2.2" + "winlog.version": "6.2.2" } diff --git a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json index c7e78a012219..ffbc1a51d27a 100644 --- a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json +++ b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json @@ -20,7 +20,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -31,7 +31,7 @@ "field": "mongodb.status.connections.current" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -43,7 +43,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -53,7 +53,7 @@ "field": "mongodb.status.memory.bits" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -63,7 +63,7 @@ "field": "mongodb.status.memory.resident.mb" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -73,7 +73,7 @@ "field": "mongodb.status.memory.virtual.mb" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -88,12 +88,12 @@ "totalFunc": "sum" }, "title": "Hosts [Metricbeat MongoDB] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "MongoDB-hosts-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -106,7 +106,7 @@ "savedSearchId": "MongoDB-search-ecs", "title": "Engine & Version [Metricbeat MongoDB] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -116,7 +116,7 @@ "field": "service.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -129,7 +129,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -142,7 +142,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -151,15 +151,15 @@ "isDonut": true, "legendPosition": "bottom", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "Engine & Version [Metricbeat MongoDB] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "MongoDB-Engine-ampersand-Version-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -172,7 +172,7 @@ "savedSearchId": "MongoDB-search-ecs", "title": "Operation counters [Metricbeat MongoDB] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -183,7 +183,7 @@ "field": "mongodb.status.ops.counters.command" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -196,7 +196,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -206,7 +206,7 @@ "field": "mongodb.status.ops.counters.delete" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -216,7 +216,7 @@ "field": "mongodb.status.ops.counters.getmore" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -226,7 +226,7 @@ "field": "mongodb.status.ops.counters.insert" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -236,7 +236,7 @@ "field": "mongodb.status.ops.counters.query" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -246,7 +246,7 @@ "field": "mongodb.status.ops.replicated.update" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -262,12 +262,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -292,7 +292,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -300,7 +300,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -314,25 +314,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Operation counters [Metricbeat MongoDB] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MongoDB-operation-counters-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -352,7 +352,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -363,7 +363,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.read.available" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -376,7 +376,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -386,7 +386,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.read.out" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -402,12 +402,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -432,7 +432,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -440,7 +440,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -454,25 +454,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Concurrent transactions Read [Metricbeat MongoDB] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MongoDB-Concurrent-transactions-Read-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -492,7 +492,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -503,7 +503,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.write.available" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -516,7 +516,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -526,7 +526,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.write.out" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -542,12 +542,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -572,7 +572,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -580,7 +580,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -594,25 +594,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Concurrent transactions Write [Metricbeat MongoDB] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MongoDB-Concurrent-transactions-Write-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -625,7 +625,7 @@ "savedSearchId": "MongoDB-search-ecs", "title": "Memory stats [Metricbeat MongoDB] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -636,7 +636,7 @@ "field": "mongodb.status.memory.mapped.mb" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -649,7 +649,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -659,7 +659,7 @@ "field": "mongodb.status.memory.mapped_with_journal.mb" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -669,7 +669,7 @@ "field": "mongodb.status.memory.resident.mb" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -679,7 +679,7 @@ "field": "mongodb.status.memory.virtual.mb" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -695,12 +695,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -725,7 +725,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -734,7 +734,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -748,25 +748,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Memory stats [Metricbeat MongoDB] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "MongoDB-memory-stats-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -779,7 +779,7 @@ "savedSearchId": "MongoDB-search-ecs", "title": "Asserts [Metricbeat MongoDB] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -790,7 +790,7 @@ "field": "mongodb.status.asserts.msg" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -803,7 +803,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -813,7 +813,7 @@ "field": "mongodb.status.asserts.regular" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -823,7 +823,7 @@ "field": "mongodb.status.asserts.rollovers" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -833,7 +833,7 @@ "field": "mongodb.status.asserts.user" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -843,7 +843,7 @@ "field": "mongodb.status.asserts.warning" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "params": { @@ -859,12 +859,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -889,7 +889,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -897,7 +897,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -911,25 +911,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Asserts [Metricbeat MongoDB] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MongoDB-asserts-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -942,7 +942,7 @@ "savedSearchId": "MongoDB-search-ecs", "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -953,7 +953,7 @@ "field": "mongodb.status.wired_tiger.cache.maximum.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -966,7 +966,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -976,7 +976,7 @@ "field": "mongodb.status.wired_tiger.cache.used.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -986,7 +986,7 @@ "field": "mongodb.status.wired_tiger.cache.dirty.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -1002,12 +1002,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -1032,7 +1032,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -1040,7 +1040,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -1054,25 +1054,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MongoDB-WiredTiger-Cache-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -1111,11 +1111,11 @@ "desc" ], "title": "MongoDB search ECS", - "version": 1 + "winlog.version": 1 }, "id": "MongoDB-search-ecs", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -1134,7 +1134,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1148,7 +1148,7 @@ "row": 1, "size_x": 8, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -1157,7 +1157,7 @@ "row": 1, "size_x": 4, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1166,7 +1166,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -1175,7 +1175,7 @@ "row": 4, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 10, @@ -1184,7 +1184,7 @@ "row": 4, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1193,7 +1193,7 @@ "row": 10, "size_x": 12, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -1202,7 +1202,7 @@ "row": 7, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1211,7 +1211,7 @@ "row": 7, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -1228,12 +1228,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat-MongoDB-ecs", - "type": "dashboard", - "version": 3 + "winlog.api": "dashboard", + "winlog.version": 3 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json index 93f84529c016..6aa95bd018ab 100644 --- a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json +++ b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json @@ -8,7 +8,7 @@ }, "title": "Connections rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -32,12 +32,12 @@ { "field": "mysql.status.connections", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "aee9bbf0-f1f3-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -50,16 +50,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Connections rate [Metricbeat MySQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -69,7 +69,7 @@ }, "title": "Command rates [Metricbeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -92,12 +92,12 @@ { "field": "mysql.status.command.select", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "2d149f90-f1f4-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -119,12 +119,12 @@ { "field": "mysql.status.command.insert", "id": "3c2a2a41-f1f4-11e7-a752-236fe3270d99", - "type": "avg" + "winlog.api": "avg" }, { "field": "3c2a2a41-f1f4-11e7-a752-236fe3270d99", "id": "3c2a2a42-f1f4-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -146,12 +146,12 @@ { "field": "mysql.status.command.update", "id": "485ce051-f1f4-11e7-a752-236fe3270d99", - "type": "avg" + "winlog.api": "avg" }, { "field": "485ce051-f1f4-11e7-a752-236fe3270d99", "id": "485ce052-f1f4-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -173,12 +173,12 @@ { "field": "mysql.status.command.delete", "id": "543a4a71-f1f4-11e7-a752-236fe3270d99", - "type": "avg" + "winlog.api": "avg" }, { "field": "543a4a71-f1f4-11e7-a752-236fe3270d99", "id": "543a4a72-f1f4-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -191,16 +191,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Command rates [Metricbeat MySQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -210,7 +210,7 @@ }, "title": "Running threads [Metricbeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -234,7 +234,7 @@ { "field": "mysql.status.threads.running", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -246,16 +246,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Running threads [Metricbeat MySQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -265,7 +265,7 @@ }, "title": "Opened tables rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -289,12 +289,12 @@ { "field": "mysql.status.opened_tables", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "9972d250-f1f5-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -307,16 +307,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Opened tables rate [Metricbeat MySQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -326,7 +326,7 @@ }, "title": "Threads created rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -350,12 +350,12 @@ { "field": "mysql.status.threads.created", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "9972d250-f1f5-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -368,16 +368,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Threads created rate [Metricbeat MySQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -387,7 +387,7 @@ }, "title": "Open files [Metricbeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -411,7 +411,7 @@ { "field": "mysql.status.open.files", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -423,16 +423,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Open files [Metricbeat MySQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -442,7 +442,7 @@ }, "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -466,12 +466,12 @@ { "field": "mysql.status.bytes.received", "id": "2b1c2391-f1f7-11e7-a752-236fe3270d99", - "type": "avg" + "winlog.api": "avg" }, { "field": "2b1c2391-f1f7-11e7-a752-236fe3270d99", "id": "2b1c2392-f1f7-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -493,12 +493,12 @@ { "field": "mysql.status.bytes.sent", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "23cfda50-f1f7-11e7-a752-236fe3270d99", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -511,16 +511,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-05T09:15:49.714Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -539,7 +539,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -557,8 +557,8 @@ }, "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "10", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -570,8 +570,8 @@ }, "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "11", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -583,8 +583,8 @@ }, "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "13", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -596,8 +596,8 @@ }, "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "14", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -609,8 +609,8 @@ }, "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "15", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -622,8 +622,8 @@ }, "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "16", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -635,19 +635,19 @@ }, "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "17", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" } ], "timeRestore": false, "title": "[Metricbeat MySQL] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "66881e90-0006-11e7-bf7f-c9acc3d3e306-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-05T09:14:45.934Z", - "version": 3 + "winlog.version": 3 } ], - "version": "6.2.4" + "winlog.version": "6.2.4" } diff --git a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json index da25f98f3186..2571c12ebefd 100644 --- a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json +++ b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json @@ -24,7 +24,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -35,7 +35,7 @@ "field": "nats.subscriptions.cache.fanout.avg" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -45,7 +45,7 @@ "field": "nats.subscriptions.cache.fanout.max" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -55,7 +55,7 @@ "field": "nats.subscriptions.cache.hit_rate" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -65,7 +65,7 @@ "field": "nats.subscriptions.cache.size" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -75,7 +75,7 @@ "field": "nats.subscriptions.inserts" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -85,7 +85,7 @@ "field": "nats.subscriptions.matches" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -95,7 +95,7 @@ "field": "nats.subscriptions.removes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -105,7 +105,7 @@ "field": "nats.subscriptions.total" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -121,13 +121,13 @@ "totalFunc": "sum" }, "title": "Subscriptions Info [Metricbeat NATS] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:54:30.301Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -144,7 +144,7 @@ }, "title": "Current Memory Usage [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -155,7 +155,7 @@ "field": "nats.stats.mem.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -184,16 +184,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Current Memory Usage [Metricbeat NATS] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:56:32.097Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -210,7 +210,7 @@ }, "title": "Server Uptime [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -221,7 +221,7 @@ "field": "nats.stats.uptime" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -250,16 +250,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Server Uptime [Metricbeat NATS] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:57:04.084Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -276,7 +276,7 @@ }, "title": "Total Connections [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -287,7 +287,7 @@ "field": "nats.stats.total_connections" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -316,16 +316,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Total Connections [Metricbeat NATS] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:57:32.006Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -342,7 +342,7 @@ }, "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -353,7 +353,7 @@ "field": "nats.connections.total" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -366,7 +366,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -376,7 +376,7 @@ "field": "nats.routes.total" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -386,7 +386,7 @@ "field": "nats.stats.remotes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -396,7 +396,7 @@ "field": "nats.subscriptions.total" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -412,12 +412,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -438,7 +438,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" }, { @@ -451,7 +451,7 @@ "mode": "stacked", "show": true, "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" }, { @@ -464,7 +464,7 @@ "mode": "stacked", "show": true, "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" }, { @@ -477,12 +477,12 @@ "mode": "stacked", "show": true, "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -496,25 +496,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Connections" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:53:31.785Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -531,7 +531,7 @@ }, "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -542,7 +542,7 @@ "field": "nats.subscriptions.cache.fanout.avg" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -555,7 +555,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -565,7 +565,7 @@ "field": "nats.subscriptions.cache.fanout.max" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -575,7 +575,7 @@ "field": "nats.subscriptions.inserts" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -585,7 +585,7 @@ "field": "nats.subscriptions.removes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -595,7 +595,7 @@ "field": "nats.subscriptions.matches" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -611,12 +611,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -636,7 +636,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -648,7 +648,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -660,7 +660,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -672,7 +672,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -684,12 +684,12 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -703,25 +703,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Cache Fanout Avg" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T14:55:04.899Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -738,7 +738,7 @@ }, "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -749,7 +749,7 @@ "field": "nats.stats.slow_consumers" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -762,7 +762,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -778,12 +778,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -803,12 +803,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -822,25 +822,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Slow Consumers" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T14:53:57.137Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -857,7 +857,7 @@ }, "title": "IO Bytes Stats [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -868,7 +868,7 @@ "field": "nats.stats.in.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -878,7 +878,7 @@ "field": "nats.stats.out.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -891,7 +891,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -907,12 +907,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -932,7 +932,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -944,12 +944,12 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -963,25 +963,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "IO Bytes" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "IO Bytes Stats [Metricbeat NATS] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:48:22.914Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -998,7 +998,7 @@ }, "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1009,7 +1009,7 @@ "field": "nats.stats.mem.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -1022,7 +1022,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -1038,12 +1038,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1063,12 +1063,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1082,25 +1082,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Memory Avg (Bytes)" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:52:55.445Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -1117,7 +1117,7 @@ }, "title": "IO Messages Stats [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1128,7 +1128,7 @@ "field": "nats.stats.in.messages" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -1138,7 +1138,7 @@ "field": "nats.stats.out.messages" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -1151,7 +1151,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -1167,12 +1167,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1192,7 +1192,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -1204,12 +1204,12 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1223,25 +1223,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "IO Messages" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "IO Messages Stats [Metricbeat NATS] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:47:25.774Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1258,7 +1258,7 @@ }, "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1269,7 +1269,7 @@ "field": "nats.stats.cpu" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -1282,7 +1282,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -1298,12 +1298,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1323,12 +1323,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1342,25 +1342,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "CPU Avg (%)" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T07:51:51.767Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1377,7 +1377,7 @@ }, "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1388,7 +1388,7 @@ "field": "nats.subscriptions.cache.hit_rate" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -1401,7 +1401,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -1417,12 +1417,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1442,12 +1442,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1461,25 +1461,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Cache Hit Rate (%)" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T14:57:20.994Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1493,7 +1493,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1513,8 +1513,8 @@ }, "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1527,8 +1527,8 @@ }, "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1541,8 +1541,8 @@ }, "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1555,8 +1555,8 @@ }, "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "9", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1569,8 +1569,8 @@ }, "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "11", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1583,8 +1583,8 @@ }, "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "12", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1597,8 +1597,8 @@ }, "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "13", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1611,8 +1611,8 @@ }, "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "14", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": { @@ -1629,8 +1629,8 @@ }, "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "15", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -1643,8 +1643,8 @@ }, "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "16", - "type": "visualization", - "version": "6.3.2" + "winlog.api": "visualization", + "winlog.version": "6.3.2" }, { "embeddableConfig": {}, @@ -1657,8 +1657,8 @@ }, "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "17", - "type": "visualization", - "version": "6.3.2" + "winlog.api": "visualization", + "winlog.version": "6.3.2" }, { "embeddableConfig": {}, @@ -1671,19 +1671,19 @@ }, "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "18", - "type": "visualization", - "version": "6.3.2" + "winlog.api": "visualization", + "winlog.version": "6.3.2" } ], "timeRestore": false, "title": "[Metricbeat NATS] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat-Nats-Dashboard-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-24T08:13:29.732Z", - "version": 4 + "winlog.version": 4 } ], - "version": "6.3.2" + "winlog.version": "6.3.2" } diff --git a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json index 6bcb92193532..ed4742d6b609 100644 --- a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json +++ b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json @@ -8,7 +8,7 @@ }, "title": "Request Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -32,12 +32,12 @@ { "field": "nginx.stubstatus.requests", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "396ec980-f1a1-11e7-95d0-8ddf041d42a2", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -50,16 +50,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Request Rate [Metricbeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-04T22:48:58.542Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -69,7 +69,7 @@ }, "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -104,12 +104,12 @@ { "field": "nginx.stubstatus.accepts", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "396ec980-f1a1-11e7-95d0-8ddf041d42a2", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -132,12 +132,12 @@ { "field": "nginx.stubstatus.handled", "id": "56dd33b1-f1a3-11e7-95d0-8ddf041d42a2", - "type": "avg" + "winlog.api": "avg" }, { "field": "56dd33b1-f1a3-11e7-95d0-8ddf041d42a2", "id": "56dd33b2-f1a3-11e7-95d0-8ddf041d42a2", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -150,16 +150,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-04T23:07:23.056Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -169,7 +169,7 @@ }, "title": "Drops Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -193,12 +193,12 @@ { "field": "nginx.stubstatus.dropped", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "396ec980-f1a1-11e7-95d0-8ddf041d42a2", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -211,16 +211,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Drops Rate [Metricbeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-04T22:51:46.375Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -230,7 +230,7 @@ }, "title": "Active connections [Metricbeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -253,7 +253,7 @@ { "field": "nginx.stubstatus.active", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -265,16 +265,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Active connections [Metricbeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-04T23:09:55.944Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -284,7 +284,7 @@ }, "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -308,7 +308,7 @@ { "field": "nginx.stubstatus.reading", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -329,7 +329,7 @@ { "field": "nginx.stubstatus.writing", "id": "b1773681-f1a4-11e7-95d0-8ddf041d42a2", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -350,7 +350,7 @@ { "field": "nginx.stubstatus.waiting", "id": "b68aa6c1-f1a4-11e7-95d0-8ddf041d42a2", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -362,16 +362,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-01-04T23:13:23.859Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -385,7 +385,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -404,8 +404,8 @@ }, "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -417,8 +417,8 @@ }, "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -430,8 +430,8 @@ }, "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -443,8 +443,8 @@ }, "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -456,19 +456,19 @@ }, "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" } ], "timeRestore": false, "title": "[Metricbeat Nginx] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-01-04T23:14:26.755Z", - "version": 1 + "winlog.version": 1 } ], - "version": "6.2.4" + "winlog.version": "6.2.4" } diff --git a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json index bfc42629f112..f6d3370186f9 100644 --- a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json +++ b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json @@ -11,7 +11,7 @@ "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", "title": "Memory Usage [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "json": "" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -49,7 +49,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -71,12 +71,12 @@ "yAxis": {} }, "title": "RabbitMQ Memory Usage ECS", - "type": "line" + "winlog.api": "line" } }, "id": "RabbitMQ-Memory-Usage-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -89,7 +89,7 @@ "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", "title": "Number of Nodes [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -100,7 +100,7 @@ "field": "rabbitmq.node.name" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "listeners": {}, @@ -109,12 +109,12 @@ "handleNoResults": true }, "title": "Rabbitmq-Number-of-Nodes-ecs ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "Rabbitmq-Number-of-Nodes-ecs ECS", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -127,7 +127,7 @@ "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", "title": "Erlang Process Usage [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -138,7 +138,7 @@ "field": "rabbitmq.node.proc.used" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -151,7 +151,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -164,7 +164,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -186,12 +186,12 @@ "yAxis": {} }, "title": "RabbitMQ Erlang Process Usage ECS", - "type": "line" + "winlog.api": "line" } }, "id": "RabbitMQ-Erlang-Process-Usage-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -204,7 +204,7 @@ "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -215,7 +215,7 @@ "field": "rabbitmq.node.queue.index.read.count" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -228,7 +228,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -238,7 +238,7 @@ "field": "rabbitmq.node.queue.index.journal_write.count" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -248,7 +248,7 @@ "field": "rabbitmq.node.queue.index.write.count" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "params": { @@ -264,12 +264,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -294,7 +294,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -303,7 +303,7 @@ "showCircles": false, "smoothLines": false, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -317,25 +317,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "RabbitMQ-Queue-Index-Operations-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -371,11 +371,11 @@ "desc" ], "title": "Metricbeat-Rabbitmq-ecs ECS", - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat-Rabbitmq-ecs ECS", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -394,7 +394,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -408,7 +408,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 8, @@ -417,7 +417,7 @@ "row": 1, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -426,7 +426,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -435,7 +435,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -449,12 +449,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "AV4YobKIge1VCbKU_qVo-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0-beta1-SNAPSHOT" + "winlog.version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json index d39771ae8bfc..e659d2bc8e1e 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json @@ -14,7 +14,7 @@ }, "title": "Keyspace selector [Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -29,10 +29,10 @@ "multiselect": true, "order": "desc", "size": 5, - "type": "terms" + "winlog.api": "terms" }, "parent": "", - "type": "list" + "winlog.api": "list" } ], "pinFilters": false, @@ -40,13 +40,13 @@ "useTimeFilter": false }, "title": "Keyspace selector [Redis] ECS", - "type": "input_control_vis" + "winlog.api": "input_control_vis" } }, "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-21T11:19:04.179Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -66,16 +66,16 @@ "negate": false, "params": { "query": "list", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "list" }, "query": { "match": { "redis.key.type": { "query": "list", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -90,7 +90,7 @@ }, "title": "Lists length [Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -101,7 +101,7 @@ "field": "redis.key.length" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -118,7 +118,7 @@ "size": 16 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -135,7 +135,7 @@ "size": 20 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -156,7 +156,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -172,12 +172,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -198,12 +198,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -217,25 +217,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Number of elements" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Lists length [Redis] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-21T11:22:12.807Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -256,7 +256,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -267,7 +267,7 @@ "field": "redis.key.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -284,7 +284,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -306,7 +306,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -322,12 +322,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -347,12 +347,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -366,25 +366,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Number of keys" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Keys by type [Redis] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-21T11:23:46.207Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -404,16 +404,16 @@ "negate": false, "params": { "query": "string", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "string" }, "query": { "match": { "redis.key.type": { "query": "string", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -428,7 +428,7 @@ }, "title": "Average string key size [Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -439,7 +439,7 @@ "field": "redis.key.length" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -456,7 +456,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -477,7 +477,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -493,12 +493,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -518,12 +518,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -537,25 +537,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Average key size" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Average string key size [Redis] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-21T11:28:20.970Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -577,7 +577,7 @@ "gte": 0, "lt": null }, - "type": "range", + "winlog.api": "range", "value": "0 to +∞" }, "range": { @@ -597,7 +597,7 @@ }, "title": "Average keys TTL [Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -608,7 +608,7 @@ "field": "redis.key.expire.ttl" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -625,7 +625,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -642,7 +642,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -663,7 +663,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -679,12 +679,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -704,12 +704,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -723,25 +723,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Average TTL" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Average keys TTL [Redis] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-21T11:34:03.597Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -765,7 +765,7 @@ "db0", "db1" ], - "type": "phrases", + "winlog.api": "phrases", "value": "db0, db1" }, "query": { @@ -811,8 +811,8 @@ "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "1", "title": "Keyspace selector", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" }, { "embeddableConfig": {}, @@ -826,8 +826,8 @@ "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "2", "title": "Lists length", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" }, { "embeddableConfig": { @@ -845,8 +845,8 @@ "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "3", "title": "Keys by type", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" }, { "embeddableConfig": {}, @@ -860,8 +860,8 @@ "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "4", "title": "Average size of string keys", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" }, { "embeddableConfig": {}, @@ -875,19 +875,19 @@ "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "5", "title": "Average keys TTL", - "type": "visualization", - "version": "6.5.2" + "winlog.api": "visualization", + "winlog.version": "6.5.2" } ], "timeRestore": false, "title": "[Metricbeat Redis] Keys ECS", - "version": 1 + "winlog.version": 1 }, "id": "28969190-0511-11e9-9c60-d582a238e2c5-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-12-21T11:39:13.143Z", - "version": 4 + "winlog.version": 4 } ], - "version": "6.5.2" + "winlog.version": "6.5.2" } diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json index 1efa33513f0f..d4a8a8c10ef5 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json @@ -17,7 +17,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -28,7 +28,7 @@ "field": "redis.info.clients.connected" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "listeners": {}, @@ -68,15 +68,15 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, "handleNoResults": true, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Clients [Metricbeat Redis] ECS", - "type": "metric" + "winlog.api": "metric" } }, "col": 1, @@ -85,8 +85,8 @@ "row": 1, "size_x": 3, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -105,7 +105,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -116,7 +116,7 @@ "field": "redis.info.clients.connected" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -129,7 +129,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -139,7 +139,7 @@ "field": "redis.info.clients.blocked" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "listeners": {}, @@ -156,12 +156,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -184,7 +184,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], @@ -204,20 +204,20 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Connected clients [Metricbeat Redis] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "col": 4, @@ -226,8 +226,8 @@ "row": 1, "size_x": 5, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -249,7 +249,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -262,7 +262,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -272,7 +272,7 @@ "field": "redis.info.server.uptime" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -282,7 +282,7 @@ "field": "process.pid" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -292,7 +292,7 @@ "field": "redis.info.memory.used.peak" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -302,7 +302,7 @@ "field": "redis.info.cpu.used.user" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -312,7 +312,7 @@ "field": "redis.info.cpu.used.sys" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "listeners": {}, @@ -328,7 +328,7 @@ "totalFunc": "sum" }, "title": "Hosts [Metricbeat Redis] ECS", - "type": "table" + "winlog.api": "table" } }, "col": 1, @@ -337,8 +337,8 @@ "row": 4, "size_x": 12, "size_y": 2, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -351,7 +351,7 @@ "savedSearchId": "Metricbeat-Redis-ecs", "title": "Server Versions [Metricbeat Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -362,7 +362,7 @@ "field": "service.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -375,7 +375,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -387,7 +387,7 @@ "shareYAxis": true }, "title": "Server Versions [Metricbeat Redis] ECS", - "type": "pie" + "winlog.api": "pie" } }, "col": 1, @@ -396,8 +396,8 @@ "row": 6, "size_x": 4, "size_y": 2, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -410,7 +410,7 @@ "savedSearchId": "Metricbeat-Redis-ecs", "title": "Server mode [Metricbeat Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -421,7 +421,7 @@ "field": "service.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -434,7 +434,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -446,7 +446,7 @@ "shareYAxis": true }, "title": "Server mode [Metricbeat Redis] ECS", - "type": "pie" + "winlog.api": "pie" } }, "col": 5, @@ -455,8 +455,8 @@ "row": 6, "size_x": 4, "size_y": 2, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -469,7 +469,7 @@ "savedSearchId": "Metricbeat-Redis-ecs", "title": "Multiplexing API [Metricbeat Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -480,7 +480,7 @@ "field": "service.address" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -493,7 +493,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -505,7 +505,7 @@ "shareYAxis": true }, "title": "Multiplexing API [Metricbeat Redis] ECS", - "type": "pie" + "winlog.api": "pie" } }, "col": 9, @@ -514,8 +514,8 @@ "row": 6, "size_x": 3, "size_y": 2, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -528,7 +528,7 @@ "savedSearchId": "Metricbeat-Redis-ecs", "title": "Keyspaces [Metricbeat Redis] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -539,7 +539,7 @@ "field": "redis.keyspace.keys" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -552,7 +552,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -565,7 +565,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -582,12 +582,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -612,7 +612,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -633,20 +633,20 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Keyspaces [Metricbeat Redis] ECS", - "type": "area" + "winlog.api": "area" } }, "col": 9, @@ -655,8 +655,8 @@ "row": 1, "size_x": 4, "size_y": 3, - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -695,11 +695,11 @@ "desc" ], "title": "Metricbeat Redis ECS", - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat-Redis-ecs", - "type": "search", - "version": 7 + "winlog.api": "search", + "winlog.version": 7 }, { "attributes": { @@ -718,7 +718,7 @@ } ], "highlightAll": true, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -732,7 +732,7 @@ "row": 1, "size_x": 3, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 4, @@ -741,7 +741,7 @@ "row": 1, "size_x": 5, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -750,7 +750,7 @@ "row": 4, "size_x": 12, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -759,7 +759,7 @@ "row": 6, "size_x": 4, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -768,7 +768,7 @@ "row": 6, "size_x": 4, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -777,7 +777,7 @@ "row": 6, "size_x": 3, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -786,7 +786,7 @@ "row": 1, "size_x": 4, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -815,12 +815,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "AV4YjZ5pux-M-tCAunxK-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "5.6.0-SNAPSHOT" + "winlog.version": "5.6.0-SNAPSHOT" } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json index af1286660722..6e560643627f 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json @@ -29,7 +29,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -40,7 +40,7 @@ "field": "system.process.cgroup.cpuacct.stats.user.ns" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -50,7 +50,7 @@ "field": "system.process.cgroup.cpu.cfs.quota.us" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -63,7 +63,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -73,7 +73,7 @@ "field": "system.process.cgroup.cpu.stats.throttled.ns" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -83,7 +83,7 @@ "field": "system.process.cgroup.cpuacct.stats.system.ns" }, "schema": "metric", - "type": "max" + "winlog.api": "max" }, { "enabled": true, @@ -96,7 +96,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -111,12 +111,12 @@ "totalFunc": "sum" }, "title": "Container CPU usage [Metricbeat System] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Container-CPU-usage-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -137,7 +137,7 @@ }, "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -145,12 +145,12 @@ "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, "title": "System Navigation [Metricbeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "System-Navigation-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -181,7 +181,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -192,7 +192,7 @@ "field": "system.process.cgroup.memory.mem.usage.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -202,7 +202,7 @@ "field": "system.process.cgroup.memory.mem.usage.max.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -212,7 +212,7 @@ "field": "system.process.cgroup.memory.stats.page_faults" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -222,7 +222,7 @@ "field": "system.process.cgroup.memory.stats.pages_in" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -232,7 +232,7 @@ "field": "system.process.cgroup.memory.stats.pages_out" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -245,7 +245,7 @@ "size": 50 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -255,7 +255,7 @@ "field": "system.process.cgroup.memory.stats.inactive_file.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -265,7 +265,7 @@ "field": "system.process.cgroup.memory.stats.major_page_faults" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -278,7 +278,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -288,7 +288,7 @@ "field": "system.process.cgroup.memory.mem.failures" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -298,7 +298,7 @@ "field": "system.process.cgroup.memory.kmem_tcp.usage.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -308,7 +308,7 @@ "field": "system.process.cgroup.memory.stats.rss_huge.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -318,7 +318,7 @@ "field": "system.process.cgroup.memory.stats.rss.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -328,7 +328,7 @@ "field": "system.process.cgroup.memory.stats.swap.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -338,7 +338,7 @@ "field": "system.process.cgroup.blkio.total.ios" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -353,12 +353,12 @@ "totalFunc": "sum" }, "title": "Container Memory stats [Metricbeat System] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Container-Memory-stats-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -389,7 +389,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -400,7 +400,7 @@ "field": "system.process.cgroup.blkio.total.bytes" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -410,7 +410,7 @@ "field": "system.process.cgroup.blkio.total.ios" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -423,7 +423,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -436,7 +436,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -451,12 +451,12 @@ "totalFunc": "sum" }, "title": "Container Block IO [Metricbeat System] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Container-Block-IO-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -475,7 +475,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -489,7 +489,7 @@ "row": 2, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -498,7 +498,7 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -507,7 +507,7 @@ "row": 5, "size_x": 12, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -516,7 +516,7 @@ "row": 8, "size_x": 12, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -553,12 +553,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "CPU-slash-Memory-per-container-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "6.0.0-rc1-SNAPSHOT" + "winlog.version": "6.0.0-rc1-SNAPSHOT" } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json index 3094b6247de0..2adba2d39b8c 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json @@ -15,7 +15,7 @@ }, "title": "Network Traffic (Packets) [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -40,24 +40,24 @@ { "field": "system.network.in.packets", "id": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", - "type": "max" + "winlog.api": "max" }, { "field": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", "id": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", "id": "c0da3d80-1b93-11e7-8ada-3df93aab833e", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { "function": "sum", "id": "ecaad010-2c2c-11e7-be71-3162da85303f", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": "0", @@ -80,18 +80,18 @@ { "field": "system.network.out.packets", "id": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", - "type": "max" + "winlog.api": "max" }, { "field": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", "id": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "id": "17e597a0-faa1-11e6-86b1-cd7735ff7e23", "script": "params.rate != null && params.rate > 0 ? params.rate * -1 : null", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", @@ -103,7 +103,7 @@ { "function": "sum", "id": "fe5fbdc0-2c2c-11e7-be71-3162da85303f", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": "0", @@ -116,15 +116,15 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Mericbeat: Network Traffic (Packets) ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -144,7 +144,7 @@ }, "title": "System Load [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -167,7 +167,7 @@ { "field": "system.load.1", "id": "f62671e1-1b14-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -188,7 +188,7 @@ { "field": "system.load.5", "id": "1c324851-1b15-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -209,7 +209,7 @@ { "field": "system.load.15", "id": "32880e50-1b15-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -221,15 +221,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "System Load [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -246,7 +246,7 @@ }, "title": "Network Traffic (Bytes) [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -271,24 +271,24 @@ { "field": "system.network.in.bytes", "id": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", - "type": "max" + "winlog.api": "max" }, { "field": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", "id": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", "id": "a87398e0-1b93-11e7-8ada-3df93aab833e", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { "function": "sum", "id": "2d533df0-2c2d-11e7-be71-3162da85303f", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": "0", @@ -311,18 +311,18 @@ { "field": "system.network.out.bytes", "id": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", - "type": "max" + "winlog.api": "max" }, { "field": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", "id": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "id": "17e597a0-faa1-11e6-86b1-cd7735ff7e23", "script": "params.rate != null && params.rate > 0 ? params.rate * -1 : null", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", @@ -334,7 +334,7 @@ { "function": "sum", "id": "533da9b0-2c2d-11e7-be71-3162da85303f", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": "0", @@ -347,15 +347,15 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Mericbeat: Network Traffic (Bytes) ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -375,7 +375,7 @@ }, "title": "Memory Usage [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -398,7 +398,7 @@ { "field": "system.memory.actual.used.bytes", "id": "4ff61fd1-1b16-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -419,17 +419,17 @@ { "field": "system.memory.actual.used.bytes", "id": "753a6081-1b16-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" }, { "field": "system.memory.used.bytes", "id": "7c9d3f00-1b16-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" }, { "id": "869cc160-1b16-11e7-b09e-037021c4f8df", "script": "params.actual != null && params.used != null ? params.used - params.actual : null", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "753a6081-1b16-11e7-b09e-037021c4f8df", @@ -462,7 +462,7 @@ { "field": "system.memory.free", "id": "32f46f42-1b16-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -474,15 +474,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Memory Usage [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -502,7 +502,7 @@ }, "title": "Top Processes By CPU [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -534,7 +534,7 @@ { "field": "system.process.cpu.total.pct", "id": "5f5b8d52-1b18-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -548,15 +548,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Top Processes By CPU [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -576,7 +576,7 @@ }, "title": "Processes By Memory [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -620,7 +620,7 @@ { "field": "system.process.memory.rss.pct", "id": "edfceb32-1b18-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -634,15 +634,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Processes By Memory [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -662,7 +662,7 @@ }, "title": "CPU Usage [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -685,7 +685,7 @@ { "field": "system.cpu.user.pct", "id": "80a04952-1b19-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -706,7 +706,7 @@ { "field": "system.cpu.system.pct", "id": "993acf31-1b19-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -727,7 +727,7 @@ { "field": "system.cpu.nice.pct", "id": "65ca5cf0-1b1a-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -748,7 +748,7 @@ { "field": "system.cpu.irq.pct", "id": "741b5f21-1b1a-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -769,7 +769,7 @@ { "field": "system.cpu.softirq.pct", "id": "2efc5d41-1b1a-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -790,7 +790,7 @@ { "field": "system.cpu.iowait.pct", "id": "ae644a31-1b19-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": "0", @@ -802,15 +802,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "CPU Usage [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -830,7 +830,7 @@ }, "title": "Disk IO (Bytes) [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -854,18 +854,18 @@ { "field": "system.diskio.read.bytes", "id": "d3c67db2-1b1a-11e7-b09e-037021c4f8df", - "type": "max" + "winlog.api": "max" }, { "field": "d3c67db2-1b1a-11e7-b09e-037021c4f8df", "id": "f55b9910-1b1a-11e7-b09e-037021c4f8df", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "f55b9910-1b1a-11e7-b09e-037021c4f8df", "id": "dcbbb100-1b93-11e7-8ada-3df93aab833e", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" } ], @@ -888,18 +888,18 @@ { "field": "system.diskio.write.bytes", "id": "144124d1-1b1b-11e7-b09e-037021c4f8df", - "type": "max" + "winlog.api": "max" }, { "field": "144124d1-1b1b-11e7-b09e-037021c4f8df", "id": "144124d2-1b1b-11e7-b09e-037021c4f8df", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "id": "144124d4-1b1b-11e7-b09e-037021c4f8df", "script": "params.rate > 0 ? params.rate * -1 : 0", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "144124d2-1b1b-11e7-b09e-037021c4f8df", @@ -919,15 +919,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Disk IO (Bytes) [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -947,7 +947,7 @@ }, "title": "Load Gauge [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -983,7 +983,7 @@ { "field": "system.load.5", "id": "fdcc6182-1b90-11e7-bec4-a5e9ec5cab8b", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -995,15 +995,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "Load Gauge [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -1023,7 +1023,7 @@ }, "title": "CPU Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1071,22 +1071,22 @@ { "field": "system.cpu.user.pct", "id": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", - "type": "avg" + "winlog.api": "avg" }, { "field": "system.cpu.system.pct", "id": "225c2140-5fd7-11e7-a63a-a937b7c1a7e1", - "type": "avg" + "winlog.api": "avg" }, { "field": "system.cpu.cores", "id": "837a30c0-5fd7-11e7-a63a-a937b7c1a7e1", - "type": "avg" + "winlog.api": "avg" }, { "id": "587aa510-1b91-11e7-bec4-a5e9ec5cab8b", "script": "params.n > 0 ? (params.user+params.system)/params.n : null", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", @@ -1115,15 +1115,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "CPU Usage Gauge [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -1143,7 +1143,7 @@ }, "title": "Memory Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1191,7 +1191,7 @@ { "field": "system.memory.actual.used.pct", "id": "9f51b732-1b91-11e7-bec4-a5e9ec5cab8b", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -1203,15 +1203,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "Memory Usage Gauge [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -1231,7 +1231,7 @@ }, "title": "Inbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1260,24 +1260,24 @@ { "field": "system.network.in.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { "function": "sum", "id": "c40e18f0-2c55-11e7-a0ad-277ce466684d", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -1300,18 +1300,18 @@ { "field": "system.network.in.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { @@ -1319,7 +1319,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -1333,15 +1333,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Inbound Traffic [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -1361,7 +1361,7 @@ }, "title": "Outbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1390,24 +1390,24 @@ { "field": "system.network.out.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { "function": "sum", "id": "a1737470-2c55-11e7-a0ad-277ce466684d", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -1430,18 +1430,18 @@ { "field": "system.network.out.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { @@ -1449,7 +1449,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -1463,15 +1463,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Outbound Traffic [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -1491,7 +1491,7 @@ }, "title": "Disk Usage [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1535,7 +1535,7 @@ { "field": "system.filesystem.used.pct", "id": "9f7e48a2-1b95-11e7-8ada-3df93aab833e", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -1548,15 +1548,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Disk Usage [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -1577,7 +1577,7 @@ }, "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1585,12 +1585,12 @@ "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, "title": "System Navigation [Metricbeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "System-Navigation-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -1610,7 +1610,7 @@ }, "title": "Swap usage [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1658,7 +1658,7 @@ { "field": "system.memory.swap.used.pct", "id": "cee2fd22-4d59-11e7-aee5-fdc812cc3bec", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -1670,15 +1670,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "Swap usage [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -1695,7 +1695,7 @@ }, "title": "Memory usage vs total ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "listeners": {}, @@ -1724,7 +1724,7 @@ { "field": "system.memory.actual.used.bytes", "id": "6bc65722-4d5c-11e7-aa29-87a97a796de6", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -1745,7 +1745,7 @@ { "field": "system.memory.total", "id": "b8fe6821-4d5c-11e7-aa29-87a97a796de6", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -1756,15 +1756,15 @@ ], "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Memory usage vs total ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -1784,7 +1784,7 @@ }, "title": "Disk used [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1832,17 +1832,17 @@ { "field": "system.fsstat.total_size.used", "id": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", - "type": "avg" + "winlog.api": "avg" }, { "field": "system.fsstat.total_size.total", "id": "57c96ee0-4d54-11e7-b5f2-2b7c1895bf32", - "type": "avg" + "winlog.api": "avg" }, { "id": "6304cca0-4d54-11e7-b5f2-2b7c1895bf32", "script": "params.total != null && params.total > 0 ? params.used/params.total : null", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", @@ -1866,15 +1866,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "Disk used [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -1894,7 +1894,7 @@ }, "title": "Packetloss [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1922,7 +1922,7 @@ { "field": "system.network.in.dropped", "id": "6984af12-4d5d-11e7-aa29-87a97a796de6", - "type": "max" + "winlog.api": "max" } ], "point_size": 1, @@ -1943,7 +1943,7 @@ { "field": "system.network.out.dropped", "id": "ac2e6b31-4d5d-11e7-aa29-87a97a796de6", - "type": "max" + "winlog.api": "max" } ], "point_size": 1, @@ -1955,15 +1955,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Packetloss [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -1983,7 +1983,7 @@ }, "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -2011,7 +2011,7 @@ { "field": "system.network.in.bytes", "id": "42ced5a1-4d60-11e7-9a4c-ed99bbcaa42b", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -2025,15 +2025,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -2053,7 +2053,7 @@ }, "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -2081,7 +2081,7 @@ { "field": "system.network.out.bytes", "id": "9cdba912-4d60-11e7-9a4c-ed99bbcaa42b", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -2095,15 +2095,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -2128,7 +2128,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -2139,7 +2139,7 @@ "field": "process.pid" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "listeners": {}, @@ -2179,19 +2179,19 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Number of processes ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -2201,7 +2201,7 @@ }, "title": "Tip [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -2209,12 +2209,12 @@ "markdown": "**TIP:** To select another host, go to the [System Overview](#/dashboard/Metricbeat-system-overview-ecs) dashboard and double-click a host name." }, "title": "Tip [Metricbeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -2228,7 +2228,7 @@ "language": "lucene", "query": "host.name:\"CHANGEME_HOSTNAME\"" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -2242,7 +2242,7 @@ "row": 12, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2251,7 +2251,7 @@ "row": 6, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2260,7 +2260,7 @@ "row": 12, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -2269,7 +2269,7 @@ "row": 9, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2278,7 +2278,7 @@ "row": 15, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -2287,7 +2287,7 @@ "row": 15, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -2296,7 +2296,7 @@ "row": 6, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2305,7 +2305,7 @@ "row": 9, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -2314,7 +2314,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -2323,7 +2323,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 3, @@ -2332,7 +2332,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2341,7 +2341,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -2350,7 +2350,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -2359,7 +2359,7 @@ "row": 4, "size_x": 4, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -2368,7 +2368,7 @@ "row": 1, "size_x": 6, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -2377,7 +2377,7 @@ "row": 4, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 3, @@ -2386,7 +2386,7 @@ "row": 4, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2395,7 +2395,7 @@ "row": 4, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 11, @@ -2404,7 +2404,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -2413,7 +2413,7 @@ "row": 18, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2422,7 +2422,7 @@ "row": 18, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -2431,7 +2431,7 @@ "row": 4, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -2440,7 +2440,7 @@ "row": 1, "size_x": 6, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -2454,12 +2454,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "79ffd6e0-faa0-11e6-947f-177f697178b8-ecs", - "type": "dashboard", - "version": 12 + "winlog.api": "dashboard", + "winlog.version": 12 } ], - "version": "6.0.0-rc1-SNAPSHOT" + "winlog.version": "6.0.0-rc1-SNAPSHOT" } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json index 267175eeb06e..53482452e566 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json @@ -19,7 +19,7 @@ }, "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -27,12 +27,12 @@ "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, "title": "System Navigation [Metricbeat System] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "System-Navigation-ecs", - "type": "visualization", - "version": 3 + "winlog.api": "visualization", + "winlog.version": 3 }, { "attributes": { @@ -60,7 +60,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -71,7 +71,7 @@ "field": "host.name" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -110,19 +110,19 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Number of hosts [Metricbeat System] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -142,7 +142,7 @@ }, "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -186,7 +186,7 @@ { "field": "system.memory.actual.used.pct", "id": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -201,15 +201,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -229,7 +229,7 @@ }, "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -273,7 +273,7 @@ { "field": "system.cpu.user.pct", "id": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -288,15 +288,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "top_n" + "winlog.api": "top_n" }, "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -327,7 +327,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -338,7 +338,7 @@ "field": "system.cpu.user.pct" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -351,7 +351,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -364,7 +364,7 @@ "size": 20 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -379,7 +379,7 @@ "percentageMode": false, "setColorRange": false, "times": [], - "type": "heatmap", + "winlog.api": "heatmap", "valueAxes": [ { "id": "ValueAxis-1", @@ -390,20 +390,20 @@ }, "scale": { "defaultYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": false, - "type": "value" + "winlog.api": "value" } ] }, "title": "Hosts histogram by CPU usage [Metricbeat System] ECS", - "type": "heatmap" + "winlog.api": "heatmap" } }, "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -423,7 +423,7 @@ }, "title": "Inbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -452,24 +452,24 @@ { "field": "system.network.in.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { "function": "sum", "id": "c40e18f0-2c55-11e7-a0ad-277ce466684d", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -492,18 +492,18 @@ { "field": "system.network.in.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { @@ -511,7 +511,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -525,15 +525,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Inbound Traffic [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -553,7 +553,7 @@ }, "title": "Outbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -582,24 +582,24 @@ { "field": "system.network.out.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { "function": "sum", "id": "a1737470-2c55-11e7-a0ad-277ce466684d", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -622,18 +622,18 @@ { "field": "system.network.out.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "max" + "winlog.api": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "type": "derivative", + "winlog.api": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "type": "positive_only", + "winlog.api": "positive_only", "unit": "" }, { @@ -641,7 +641,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "type": "series_agg" + "winlog.api": "series_agg" } ], "point_size": 1, @@ -655,15 +655,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "Outbound Traffic [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -683,7 +683,7 @@ }, "title": "Disk used [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -731,17 +731,17 @@ { "field": "system.fsstat.total_size.used", "id": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", - "type": "avg" + "winlog.api": "avg" }, { "field": "system.fsstat.total_size.total", "id": "57c96ee0-4d54-11e7-b5f2-2b7c1895bf32", - "type": "avg" + "winlog.api": "avg" }, { "id": "6304cca0-4d54-11e7-b5f2-2b7c1895bf32", "script": "params.total != null && params.total > 0 ? params.used/params.total : null", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", @@ -765,15 +765,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "Disk used [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -793,7 +793,7 @@ }, "title": "Memory Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -841,7 +841,7 @@ { "field": "system.memory.actual.used.pct", "id": "9f51b732-1b91-11e7-bec4-a5e9ec5cab8b", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -853,15 +853,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "Memory Usage Gauge [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -881,7 +881,7 @@ }, "title": "CPU Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -929,22 +929,22 @@ { "field": "system.cpu.user.pct", "id": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", - "type": "avg" + "winlog.api": "avg" }, { "field": "system.cpu.system.pct", "id": "225c2140-5fd7-11e7-a63a-a937b7c1a7e1", - "type": "avg" + "winlog.api": "avg" }, { "field": "system.cpu.cores", "id": "837a30c0-5fd7-11e7-a63a-a937b7c1a7e1", - "type": "avg" + "winlog.api": "avg" }, { "id": "587aa510-1b91-11e7-bec4-a5e9ec5cab8b", "script": "params.n > 0 ? (params.user+params.system)/params.n : null", - "type": "calculation", + "winlog.api": "calculation", "variables": [ { "field": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", @@ -973,15 +973,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "gauge" + "winlog.api": "gauge" }, "title": "CPU Usage Gauge [Metricbeat System] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -1000,7 +1000,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1014,7 +1014,7 @@ "row": 1, "size_x": 12, "size_y": 1, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1023,7 +1023,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -1032,7 +1032,7 @@ "row": 4, "size_x": 6, "size_y": 5, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1041,7 +1041,7 @@ "row": 4, "size_x": 6, "size_y": 5, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1050,7 +1050,7 @@ "row": 9, "size_x": 12, "size_y": 6, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -1059,7 +1059,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 11, @@ -1068,7 +1068,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -1077,7 +1077,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -1086,7 +1086,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 3, @@ -1095,7 +1095,7 @@ "row": 2, "size_x": 2, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -1147,12 +1147,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat-system-overview-ecs", - "type": "dashboard", - "version": 2 + "winlog.api": "dashboard", + "winlog.version": 2 } ], - "version": "6.0.0-rc1-SNAPSHOT" + "winlog.version": "6.0.0-rc1-SNAPSHOT" } diff --git a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json index 8be3fc93f428..37444b561f4f 100644 --- a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json +++ b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json @@ -8,19 +8,19 @@ }, "title": "Overview [Metricbeat uWSGI] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "params": { "expression": ".es(metric=avg:uwsgi.status.total.requests).derivative().label('Requests').title('Overview of requests per period'),\n.es(metric=avg:uwsgi.status.total.exceptions).derivative().label('Exceptions'),\n.es(metric=max:uwsgi.status.worker.avg_rt).label('Average response time').yaxis(2)", "interval": "15s" }, "title": "Overview [Metricbeat uWSGI] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -30,19 +30,19 @@ }, "title": "Memory usage [Metricbeat uWSGI] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "params": { "expression": ".es(metric=max:uwsgi.status.worker.rss).label('Currently used (rss)').title('Memory usage'),\n.es(metric=max:uwsgi.status.worker.vsz).label('Assigned (vsz)').yaxis(2)", "interval": "15s" }, "title": "Memory usage [Metricbeat uWSGI] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -52,19 +52,19 @@ }, "title": "Workers [Metricbeat uWSGI] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "params": { "expression": ".es(split=uwsgi.status.core.id:16,metric=max:uwsgi.status.core.requests.total).derivative().bars().title('Requests handled by each thread (core) per period')", "interval": "15s" }, "title": "Workers [Metricbeat uWSGI] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -74,19 +74,19 @@ }, "title": "Errors [Metricbeat uWSGI] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "params": { "expression": ".es(metric=max:uwsgi.status.total.read_errors).label('Read errors').title('Errors'),\n.es(metric=max:uwsgi.status.total.write_errors).label('Write errors'),\n.es(metric=max:uwsgi.status.worker.harakiri_count).label('Timeouted requests')", "interval": "15s" }, "title": "Errors [Metricbeat uWSGI] ECS", - "type": "timelion" + "winlog.api": "timelion" } }, "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -104,7 +104,7 @@ "language": "lucene", "query": "event.module: uwsgi" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -112,11 +112,11 @@ "desc" ], "title": "Metricbeat uWSGI status-ecs ECS", - "version": 1 + "winlog.version": 1 }, "id": "Metricbeat uWSGI status-ecs ECS", - "type": "search", - "version": 1 + "winlog.api": "search", + "winlog.version": 1 }, { "attributes": { @@ -130,7 +130,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -144,7 +144,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -153,7 +153,7 @@ "row": 1, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -162,7 +162,7 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -171,18 +171,18 @@ "row": 4, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, "title": "[Metricbeat uWSGI] Overview ECS", "uiStateJSON": {}, - "version": 1 + "winlog.version": 1 }, "id": "32fca290-f0af-11e7-b9ff-9f96241065de-ecs", - "type": "dashboard", - "version": 1 + "winlog.api": "dashboard", + "winlog.version": 1 } ], - "version": "6.0.0-rc1" + "winlog.version": "6.0.0-rc1" } diff --git a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json index c5d8f012d2f3..83135d353e7b 100644 --- a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json +++ b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json @@ -24,7 +24,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -39,7 +39,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -52,7 +52,7 @@ "size": 100 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -65,7 +65,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -105,13 +105,13 @@ "params": [], "title": "Order Agg" }, - "type": "max" + "winlog.api": "max" }, "orderBy": "custom", "size": 1 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -151,13 +151,13 @@ "params": [], "title": "Order Agg" }, - "type": "max" + "winlog.api": "max" }, "orderBy": "custom", "size": 1 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -172,12 +172,12 @@ "totalFunc": "sum" }, "title": "Service States [Metricbeat Windows] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -203,7 +203,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -214,7 +214,7 @@ "field": "windows.service.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -227,7 +227,7 @@ "size": 100 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -242,12 +242,12 @@ "totalFunc": "sum" }, "title": "Hosts [Metricbeat Windows] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -264,7 +264,7 @@ "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", "title": "Startup States [Metricbeat Windows] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -275,7 +275,7 @@ "field": "windows.service.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -288,7 +288,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -301,7 +301,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -309,15 +309,15 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Startup States [Metricbeat Windows] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "830c45f0-c991-11e7-9835-2f31fe08873b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -340,7 +340,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -351,7 +351,7 @@ "field": "windows.service.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -389,19 +389,19 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Unique Services [Metricbeat Windows] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "35f5ad60-c996-11e7-9835-2f31fe08873b-ecs", - "type": "visualization", - "version": 2 + "winlog.api": "visualization", + "winlog.version": 2 }, { "attributes": { @@ -422,7 +422,7 @@ "index": "metricbeat-*", "key": "windows.service.exit_code", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } }, @@ -438,16 +438,16 @@ "negate": true, "params": { "query": "0", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "0" }, "query": { "match": { "windows.service.exit_code": { "query": "0", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -464,16 +464,16 @@ "negate": true, "params": { "query": "ERROR_SERVICE_NEVER_STARTED", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "ERROR_SERVICE_NEVER_STARTED" }, "query": { "match": { "windows.service.exit_code": { "query": "ERROR_SERVICE_NEVER_STARTED", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -494,7 +494,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -505,7 +505,7 @@ "field": "windows.service.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -543,19 +543,19 @@ "labelColor": false, "subText": "" }, - "type": "simple", + "winlog.api": "simple", "useRange": false, "verticalSplit": false }, - "type": "gauge" + "winlog.api": "gauge" }, "title": "Non-zero Service Exit Codes [Metricbeat Windows] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b-ecs", - "type": "visualization", - "version": 1 + "winlog.api": "visualization", + "winlog.version": 1 }, { "attributes": { @@ -585,16 +585,16 @@ "negate": false, "params": { "query": "windows", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "windows" }, "query": { "match": { "event.module": { "query": "windows", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -611,16 +611,16 @@ "negate": false, "params": { "query": "service", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "service" }, "query": { "match": { "metricset.name": { "query": "service", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -632,7 +632,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -640,11 +640,11 @@ "desc" ], "title": "Services [Metricbeat Windows] ECS", - "version": 1 + "winlog.version": 1 }, "id": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", - "type": "search", - "version": 2 + "winlog.api": "search", + "winlog.version": 2 }, { "attributes": { @@ -658,7 +658,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -672,7 +672,7 @@ "row": 4, "size_x": 9, "size_y": 5, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -681,7 +681,7 @@ "row": 4, "size_x": 3, "size_y": 5, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -690,7 +690,7 @@ "row": 1, "size_x": 4, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 5, @@ -699,7 +699,7 @@ "row": 1, "size_x": 4, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -708,7 +708,7 @@ "row": 1, "size_x": 4, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -749,12 +749,12 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "d9eba730-c991-11e7-9835-2f31fe08873b-ecs", - "type": "dashboard", - "version": 6 + "winlog.api": "dashboard", + "winlog.version": 6 } ], - "version": "6.0.0" + "winlog.version": "6.0.0" } \ No newline at end of file diff --git a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json index b310e8c1aaf2..ed1950a42fb8 100644 --- a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json +++ b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json @@ -14,7 +14,7 @@ }, "title": "Approximate data size [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -39,7 +39,7 @@ { "field": "zookeeper.mntr.approximate_data_size", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -51,16 +51,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Approximate data size [Metricbeat Zookeeper] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-30T13:29:19.163Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -76,7 +76,7 @@ }, "title": "Latency [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -101,7 +101,7 @@ { "field": "zookeeper.mntr.latency.avg", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -113,16 +113,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Latency [Metricbeat Zookeeper] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-30T13:29:05.974Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -138,7 +138,7 @@ }, "title": "Alive Connections [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -163,7 +163,7 @@ { "field": "zookeeper.mntr.num_alive_connections", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -175,16 +175,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Alive Connections [Metricbeat Zookeeper] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-30T13:28:52.034Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -200,7 +200,7 @@ }, "title": "Used file descriptors [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -226,17 +226,17 @@ "field": "zookeeper.mntr.open_file_descriptor_count", "id": "b92e4550-231a-11e9-9e57-679640dc0c7c", "metric_agg": "avg", - "type": "avg" + "winlog.api": "avg" }, { "field": "zookeeper.mntr.max_file_descriptor_count", "id": "918d0c60-231b-11e9-9e57-679640dc0c7c", - "type": "avg" + "winlog.api": "avg" }, { "id": "7e4d11e0-231b-11e9-9e57-679640dc0c7c", "script": "params.a/params.b", - "type": "math", + "winlog.api": "math", "variables": [ { "field": "b92e4550-231a-11e9-9e57-679640dc0c7c", @@ -271,7 +271,7 @@ { "field": "zookeeper.mntr.open_file_descriptor_count", "id": "dffaffe1-23cc-11e9-b1ff-37c851471450", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -283,16 +283,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Used file descriptors [Metricbeat Zookeeper] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-30T13:28:22.583Z", - "version": 5 + "winlog.version": 5 }, { "attributes": { @@ -308,7 +308,7 @@ }, "title": "Packets received / sent [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -333,12 +333,12 @@ { "field": "zookeeper.mntr.packets.received", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "34949540-231c-11e9-9707-f128cdaa3bf2", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -366,12 +366,12 @@ { "field": "zookeeper.mntr.packets.sent", "id": "753b2e61-231c-11e9-9707-f128cdaa3bf2", - "type": "avg" + "winlog.api": "avg" }, { "field": "753b2e61-231c-11e9-9707-f128cdaa3bf2", "id": "7ed33c60-231c-11e9-9707-f128cdaa3bf2", - "type": "derivative", + "winlog.api": "derivative", "unit": "" } ], @@ -384,16 +384,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Packets received / sent [Metricbeat Zookeeper] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-30T13:26:42.583Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -426,8 +426,8 @@ "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "1", "title": "Approximate data size", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -441,8 +441,8 @@ "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "2", "title": "Latency", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -456,8 +456,8 @@ "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "3", "title": "Alive Connections", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -471,8 +471,8 @@ "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "4", "title": "Used file descriptors", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -486,19 +486,19 @@ "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "5", "title": "Packets received / sent", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" } ], "timeRestore": false, "title": "[Metricbeat Zookeeper] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "467207a0-231e-11e9-bb66-8baac426dfd4-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-30T13:34:01.235Z", - "version": 6 + "winlog.version": 6 } ], - "version": "7.0.0-alpha2" + "winlog.version": "7.0.0-alpha2" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json index 1e05fc32df66..1e71f776dd83 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json @@ -18,7 +18,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra ResponseKeyspace [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -26,7 +26,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -50,7 +50,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -62,13 +62,13 @@ "shareYAxis": true }, "title": "Cassandra ResponseKeyspace ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Cassandra-ResponseKeyspace-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -88,7 +88,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra ResponseType [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -96,7 +96,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -108,7 +108,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -120,13 +120,13 @@ "shareYAxis": true }, "title": "Cassandra ResponseType ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Cassandra-ResponseType-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -146,7 +146,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra ResponseTime [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -163,7 +163,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -178,7 +178,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -194,12 +194,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -226,7 +226,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -235,7 +235,7 @@ "showCircles": true, "smoothLines": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -251,26 +251,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "square root" + "winlog.api": "square root" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Cassandra ResponseTime [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Cassandra-ResponseTime-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -290,7 +290,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra RequestCount [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -298,7 +298,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -311,7 +311,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "listeners": {}, @@ -333,13 +333,13 @@ "yAxis": {} }, "title": "Cassandra RequestCount ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Cassandra-RequestCount-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -359,7 +359,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra Ops [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -367,7 +367,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -379,7 +379,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -391,7 +391,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -403,13 +403,13 @@ "shareYAxis": true }, "title": "Cassandra Ops ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "Cassandra-Ops-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -429,7 +429,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra RequestCountStackByType [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -437,7 +437,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -450,7 +450,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -462,7 +462,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -480,13 +480,13 @@ "yAxis": {} }, "title": "Cassandra RequestCountStackByType ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Cassandra-RequestCountStackByType-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -506,7 +506,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra ResponseCountStackByType [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -514,7 +514,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -527,7 +527,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -539,7 +539,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -557,13 +557,13 @@ "yAxis": {} }, "title": "Cassandra ResponseCountStackByType ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Cassandra-ResponseCountStackByType-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -583,7 +583,7 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra RequestCountByType [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -591,7 +591,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -604,7 +604,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -616,14 +616,14 @@ "size": 10 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, "id": "4", "params": {}, "schema": "radius", - "type": "count" + "winlog.api": "count" } ], "listeners": {}, @@ -645,13 +645,13 @@ "yAxis": {} }, "title": "Cassandra RequestCountByType ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Cassandra-RequestCountByType-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -671,14 +671,14 @@ "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "title": "Cassandra ResponseCountByType [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -690,7 +690,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "id": "3", @@ -701,13 +701,13 @@ "size": 10 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "id": "4", "params": {}, "schema": "radius", - "type": "count" + "winlog.api": "count" } ], "listeners": {}, @@ -728,13 +728,13 @@ "yAxis": {} }, "title": "Cassandra: ResponseCountByType ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Cassandra-ResponseCountByType-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -755,7 +755,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -764,13 +764,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -797,16 +797,16 @@ "negate": false, "params": { "query": "QUERY", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "QUERY" }, "query": { "match": { "cassandra.request.headers.op": { "query": "QUERY", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -823,16 +823,16 @@ "negate": true, "params": { "query": "ERROR", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "ERROR" }, "query": { "match": { "cassandra.response.headers.op": { "query": "ERROR", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -862,7 +862,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -870,12 +870,12 @@ "desc" ], "title": "Cassandra Query Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Cassandra-QueryView-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -899,16 +899,16 @@ "negate": false, "params": { "query": "cassandra", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "cassandra" }, "query": { "match": { "event.dataset": { "query": "cassandra", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -920,7 +920,7 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -928,12 +928,12 @@ "desc" ], "title": "Cassandra Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -952,7 +952,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -966,7 +966,7 @@ "row": 3, "size_x": 3, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -975,7 +975,7 @@ "row": 3, "size_x": 3, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -984,7 +984,7 @@ "row": 5, "size_x": 12, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 4, @@ -993,7 +993,7 @@ "row": 1, "size_x": 9, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 4, @@ -1002,7 +1002,7 @@ "row": 3, "size_x": 3, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1011,7 +1011,7 @@ "row": 7, "size_x": 12, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1020,7 +1020,7 @@ "row": 9, "size_x": 12, "size_y": 2, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1029,7 +1029,7 @@ "row": 11, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -1038,7 +1038,7 @@ "row": 11, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1047,7 +1047,7 @@ "row": 1, "size_x": 3, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -1066,7 +1066,7 @@ "@timestamp", "desc" ], - "type": "search" + "winlog.api": "search" } ], "timeRestore": false, @@ -1088,13 +1088,13 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-Cassandra-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:20.964Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json index 07ec987ea889..367adb6e86b4 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json @@ -8,7 +8,7 @@ }, "title": "Message Types over Time [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -20,7 +20,7 @@ } ], "drop_last_bucket": 1, - "filter": "type:dhcpv4", + "filter": "winlog.api:dhcpv4", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "ignore_global_filter": 0, "index_pattern": "packetbeat-*", @@ -31,7 +31,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "NOT dhcpv4.option.message_type:nak NOT dhcpv4.option.message_type:decline", + "filter": "NOT dhcpv4.option.message_winlog.api:nak NOT dhcpv4.option.message_winlog.api:decline", "formatter": "number", "id": "8abe6eb0-8ba9-11e8-ae15-bdcba81344e6", "label": "Response", @@ -39,7 +39,7 @@ "metrics": [ { "id": "8abe6eb1-8ba9-11e8-ae15-bdcba81344e6", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -53,7 +53,7 @@ "chart_type": "line", "color": "rgba(244,78,59,1)", "fill": 0.5, - "filter": "dhcpv4.option.message_type:nak", + "filter": "dhcpv4.option.message_winlog.api:nak", "formatter": "number", "id": "ae5610d0-8ba9-11e8-ae15-bdcba81344e6", "label": "nak", @@ -61,7 +61,7 @@ "metrics": [ { "id": "ae5610d1-8ba9-11e8-ae15-bdcba81344e6", - "type": "count" + "winlog.api": "count" } ], "point_size": "3", @@ -75,7 +75,7 @@ "chart_type": "line", "color": "rgba(244,78,59,1)", "fill": 0.5, - "filter": "dhcpv4.option.message_type:decline", + "filter": "dhcpv4.option.message_winlog.api:decline", "formatter": "number", "id": "cf7ba180-8ba9-11e8-ae15-bdcba81344e6", "label": "decline", @@ -83,7 +83,7 @@ "metrics": [ { "id": "cf7ba181-8ba9-11e8-ae15-bdcba81344e6", - "type": "count" + "winlog.api": "count" } ], "point_size": "3", @@ -96,16 +96,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Message Types over Time [Packetbeat DHCPv4] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -115,14 +115,14 @@ "filter": [], "query": { "language": "kuery", - "query": "dhcpv4.option.message_type:nak OR dhcpv4.option.message_type:decline" + "query": "dhcpv4.option.message_winlog.api:nak OR dhcpv4.option.message_winlog.api:decline" } } }, "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -130,7 +130,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -159,16 +159,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -185,7 +185,7 @@ "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "title": "Message Types [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -193,7 +193,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -210,7 +210,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -227,7 +227,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -241,16 +241,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Message Types [Packetbeat DHCPv4] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -281,16 +281,16 @@ "negate": false, "params": { "query": "dhcpv4", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "dhcpv4" }, "query": { "match": { "event.dataset": { "query": "dhcpv4", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -302,7 +302,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -310,12 +310,12 @@ "desc" ], "title": "DHCPv4 [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -332,7 +332,7 @@ "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "title": "Transaction Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -343,7 +343,7 @@ "field": "dhcpv4.transaction_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -372,16 +372,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Transaction Count [Packetbeat DHCPv4] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -398,7 +398,7 @@ "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "title": "Client Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -409,7 +409,7 @@ "field": "dhcpv4.client_mac" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -438,16 +438,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Client Count [Packetbeat DHCPv4] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -464,7 +464,7 @@ "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "title": "Data Transfer [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -475,7 +475,7 @@ "field": "client.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -485,7 +485,7 @@ "field": "server.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" } ], "params": { @@ -514,16 +514,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Data Transfer [Packetbeat DHCPv4] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -537,7 +537,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -557,8 +557,8 @@ }, "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -571,8 +571,8 @@ }, "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -585,8 +585,8 @@ }, "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -599,8 +599,8 @@ }, "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "panelIndex": "5", - "type": "search", - "version": "6.3.0" + "winlog.api": "search", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -613,8 +613,8 @@ }, "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -627,8 +627,8 @@ }, "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -641,19 +641,19 @@ }, "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" } ], "timeRestore": false, "title": "[Packetbeat] DHCPv4 ECS", - "version": 1 + "winlog.version": 1 }, "id": "a7b35890-8baa-11e8-9676-ef67484126fb-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:22.006Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json index 6e7b98a1d17e..2d514085d2a6 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json @@ -15,7 +15,7 @@ "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "title": "DNS Query Summary [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -33,7 +33,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -43,7 +43,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -53,7 +53,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -84,16 +84,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "DNS Query Summary [Packetbeat] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "DNS-Query-Summary-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -118,7 +118,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -126,7 +126,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -141,7 +141,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -157,7 +157,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -173,12 +173,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -201,7 +201,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -209,7 +209,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -225,26 +225,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "DNS Request Status Over Time [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "DNS-Request-Status-Over-Time-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -267,7 +267,7 @@ "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "title": "DNS Question Types [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -275,7 +275,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -291,7 +291,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -306,16 +306,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "DNS Question Types [Packetbeat] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "DNS-Question-Types-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -335,16 +335,16 @@ "negate": false, "params": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -382,7 +382,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -390,7 +390,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -407,7 +407,7 @@ "size": 30 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -422,13 +422,13 @@ "totalFunc": "sum" }, "title": "DNS Top 10 Questions [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "DNS-Top-10-Questions-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -468,7 +468,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -476,7 +476,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -493,7 +493,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -508,13 +508,13 @@ "totalFunc": "sum" }, "title": "DNS Response Codes [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "DNS-Response-Codes-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -539,7 +539,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -555,7 +555,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -565,7 +565,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "min" + "winlog.api": "min" }, { "enabled": true, @@ -575,7 +575,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -585,7 +585,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "max" + "winlog.api": "max" } ], "params": { @@ -601,12 +601,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -627,7 +627,7 @@ "mode": "stacked", "show": true, "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" }, { @@ -640,7 +640,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" }, { @@ -653,12 +653,12 @@ "mode": "stacked", "show": true, "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -672,25 +672,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Average event.duration" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -707,7 +707,7 @@ "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -715,7 +715,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -732,7 +732,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -749,7 +749,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -763,16 +763,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -799,16 +799,16 @@ "negate": false, "params": { "query": "dns", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "dns" }, "query": { "match": { "network.protocol": { "query": "dns", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -833,7 +833,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -841,12 +841,12 @@ "desc" ], "title": "DNS Protocol [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -878,8 +878,8 @@ }, "id": "DNS-Query-Summary-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -892,8 +892,8 @@ }, "id": "DNS-Request-Status-Over-Time-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -906,8 +906,8 @@ }, "id": "DNS-Question-Types-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -920,8 +920,8 @@ }, "id": "DNS-Top-10-Questions-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -934,8 +934,8 @@ }, "id": "DNS-Response-Codes-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -948,8 +948,8 @@ }, "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -962,19 +962,19 @@ }, "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] DNS Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "65120940-1454-11e9-9de0-f98d1808db8e-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json index 060b6869a00d..6511a8bb887d 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json @@ -18,7 +18,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -29,7 +29,7 @@ "field": "dns.question.name" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -42,7 +42,7 @@ "size": 20 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -60,13 +60,13 @@ "yAxis": {} }, "title": "Unique FQDNs per eTLD+1 ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Unique-FQDNs-per-eTLD 1-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -88,7 +88,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -98,7 +98,7 @@ "customLabel": "" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -111,7 +111,7 @@ "size": 20 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -121,7 +121,7 @@ "field": "dns.question.name" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "listeners": {}, @@ -137,13 +137,13 @@ "totalFunc": "sum" }, "title": "Unique FQDNs per eTLD+1 Table ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -169,7 +169,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -180,7 +180,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -197,7 +197,7 @@ "size": 20 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -207,7 +207,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" } ], "params": { @@ -223,12 +223,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": true, @@ -249,7 +249,7 @@ }, "mode": "normal", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" }, { @@ -259,14 +259,14 @@ }, "mode": "normal", "show": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -282,26 +282,26 @@ "defaultYExtents": true, "mode": "grouped", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Bytes Transferred per Domain ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Bytes-Transferred-per-Domain-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -315,7 +315,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "type:dns" + "query": "winlog.api:dns" } } } @@ -332,7 +332,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -343,7 +343,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -360,7 +360,7 @@ "size": 20 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -370,7 +370,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" } ], "params": { @@ -385,13 +385,13 @@ "totalFunc": "sum" }, "title": "Top Domains by Data Volume ECS", - "type": "table" + "winlog.api": "table" } }, "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -418,16 +418,16 @@ "negate": false, "params": { "query": "dns", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "dns" }, "query": { "match": { "network.protocol": { "query": "dns", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -452,7 +452,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -460,12 +460,12 @@ "desc" ], "title": "DNS Protocol [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -477,9 +477,9 @@ "highlightAll": true, "query": { "language": "lucene", - "query": "NOT dns.question.type:PTR" + "query": "NOT dns.question.winlog.api:PTR" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -512,8 +512,8 @@ }, "id": "Unique-FQDNs-per-eTLD 1-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -535,8 +535,8 @@ }, "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -553,8 +553,8 @@ }, "id": "Bytes-Transferred-per-Domain-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -576,19 +576,19 @@ }, "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] DNS Tunneling ECS", - "version": 1 + "winlog.version": 1 }, "id": "DNS-Unique-Domains-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:23.036Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json index 94457a40ee11..52b48ea3a4bd 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json @@ -15,7 +15,7 @@ "savedSearchId": "Packetbeat-Flows-Search-ecs", "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -26,7 +26,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -41,7 +41,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -58,7 +58,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -74,12 +74,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -102,7 +102,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -110,7 +110,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -126,26 +126,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "Top-hosts-creating-traffic-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -166,7 +166,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -175,13 +175,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -198,7 +198,7 @@ "savedSearchId": "Packetbeat-Flows-Search-ecs", "title": "Connections over time [Packetbeat Flows] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -209,7 +209,7 @@ "field": "flow.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -224,7 +224,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -240,12 +240,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -268,7 +268,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -276,7 +276,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -292,26 +292,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Connections over time [Packetbeat Flows] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "Connections-over-time-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -328,7 +328,7 @@ "savedSearchId": "Packetbeat-Flows-Search-ecs", "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -339,7 +339,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -354,7 +354,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -371,7 +371,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -387,12 +387,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -415,7 +415,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -423,7 +423,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -439,26 +439,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "Top-hosts-receiving-traffic-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -484,7 +484,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -495,7 +495,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -505,7 +505,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -522,7 +522,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -539,7 +539,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -554,18 +554,18 @@ "totalFunc": "sum" }, "title": "Network Traffic Between Hosts [Packetbeat Flows] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Network-traffic-between-your-hosts-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ - "type", + "winlog.api", "event.start", "event.end", "source.ip", @@ -600,11 +600,11 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "type: flow" + "query": "winlog.api: flow" } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -612,12 +612,12 @@ "desc" ], "title": "Flows Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-Flows-Search-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:25.168Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -631,7 +631,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -648,8 +648,8 @@ }, "id": "Top-hosts-creating-traffic-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -661,8 +661,8 @@ }, "id": "Navigation-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -674,8 +674,8 @@ }, "id": "Connections-over-time-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -687,8 +687,8 @@ }, "id": "Top-hosts-receiving-traffic-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -710,19 +710,19 @@ }, "id": "Network-traffic-between-your-hosts-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] Flows ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-Flows-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:25.168Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json index ec5b2bd06358..e5d8911530c8 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json @@ -15,7 +15,7 @@ "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "title": "HTTP Transactions [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -54,12 +54,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -80,14 +80,14 @@ }, "mode": "stacked", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -103,26 +103,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "HTTP Transactions [Packetbeat] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Web-transactions-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -138,20 +138,20 @@ "alias": null, "disabled": false, "index": "packetbeat-*", - "key": "type", + "key": "winlog.api", "negate": false, "params": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -182,17 +182,17 @@ }, "title": "HTTP error codes [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "type" + "field": "winlog.api" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -209,7 +209,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -225,12 +225,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -251,14 +251,14 @@ }, "mode": "stacked", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -274,26 +274,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "HTTP error codes [Packetbeat] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "HTTP-error-codes-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -313,16 +313,16 @@ "negate": false, "params": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -341,7 +341,7 @@ "gte": 200, "lt": 299 }, - "type": "range", + "winlog.api": "range", "value": "200 to 299" }, "range": { @@ -372,7 +372,7 @@ }, "title": "HTTP error codes evolution [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -380,7 +380,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -395,7 +395,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -412,7 +412,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -428,12 +428,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -460,7 +460,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -469,7 +469,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -485,26 +485,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "HTTP error codes evolution [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "HTTP-error-codes-evolution-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -525,7 +525,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -534,13 +534,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -557,7 +557,7 @@ "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "title": "Total number of HTTP transactions [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -565,7 +565,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -596,16 +596,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Total number of HTTP transactions [Packetbeat] ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "Total-number-of-HTTP-transactions-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -622,7 +622,7 @@ "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "title": "HTTP status codes for the top queries [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -630,7 +630,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -648,7 +648,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -665,7 +665,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -680,16 +680,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "HTTP status codes for the top queries [Packetbeat] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "HTTP-codes-for-the-top-queries-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -715,7 +715,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -723,7 +723,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -739,7 +739,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -754,13 +754,13 @@ "totalFunc": "sum" }, "title": "Top 10 HTTP requests [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Top-10-HTTP-requests-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -784,16 +784,16 @@ "negate": false, "params": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -805,7 +805,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -813,12 +813,12 @@ "desc" ], "title": "HTTP Transactions Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-19T00:21:43.886Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -837,7 +837,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -854,8 +854,8 @@ }, "id": "Web-transactions-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -867,8 +867,8 @@ }, "id": "HTTP-error-codes-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -880,8 +880,8 @@ }, "id": "HTTP-error-codes-evolution-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -893,8 +893,8 @@ }, "id": "Navigation-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -913,8 +913,8 @@ }, "id": "Total-number-of-HTTP-transactions-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -926,8 +926,8 @@ }, "id": "HTTP-codes-for-the-top-queries-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -949,19 +949,19 @@ }, "id": "Top-10-HTTP-requests-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] HTTP ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-HTTP-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:26.207Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json index 3059b71ff108..e84ce2d1f935 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json @@ -19,7 +19,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -28,13 +28,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -51,7 +51,7 @@ "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", "title": "MongoDB errors [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -59,7 +59,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -74,7 +74,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -91,7 +91,7 @@ "size": 3 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -107,7 +107,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -123,12 +123,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -155,7 +155,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -165,7 +165,7 @@ "smoothLines": false, "spyPerPage": 10, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -181,26 +181,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MongoDB errors [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "MongoDB-errors-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -217,7 +217,7 @@ "savedSearchId": "MongoDB-transactions-ecs", "title": "MongoDB Commands [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -225,7 +225,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -240,7 +240,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -256,7 +256,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -272,12 +272,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -300,7 +300,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -308,7 +308,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -324,26 +324,26 @@ "defaultYExtents": false, "mode": "silhouette", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MongoDB Commands [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MongoDB-commands-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -360,7 +360,7 @@ "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", "title": "MongoDB errors per collection [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -368,7 +368,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -383,7 +383,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -399,7 +399,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -415,12 +415,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -447,7 +447,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -457,7 +457,7 @@ "smoothLines": false, "spyPerPage": 10, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -473,26 +473,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MongoDB errors per collection [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "MongoDB-errors-per-collection-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -509,7 +509,7 @@ "savedSearchId": "MongoDB-transactions-ecs", "title": "MongoDB in/out throughput [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -519,7 +519,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -534,7 +534,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -543,7 +543,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" } ], "params": { @@ -559,12 +559,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -591,7 +591,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -604,7 +604,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -613,7 +613,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -629,26 +629,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MongoDB in/out throughput [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "MongoDB-in-slash-out-throughput-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -665,7 +665,7 @@ "savedSearchId": "MongoDB-transactions-ecs", "title": "MongoDB response times by collection [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -678,7 +678,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -693,7 +693,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -709,14 +709,14 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, "id": "4", "params": {}, "schema": "radius", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -732,12 +732,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -764,7 +764,7 @@ "radiusRatio": "9", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -773,7 +773,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -789,26 +789,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MongoDB response times by collection [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "MongoDB-response-times-by-collection-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -834,7 +834,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -847,7 +847,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -863,7 +863,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -878,13 +878,13 @@ "totalFunc": "sum" }, "title": "Top slowest MongoDB queries [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Top-slowest-MongoDB-queries-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -901,7 +901,7 @@ "savedSearchId": "MongoDB-transactions-with-write-concern-0-ecs", "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -909,7 +909,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -924,14 +924,14 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, "id": "3", "params": {}, "schema": "radius", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -947,12 +947,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -979,7 +979,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -988,7 +988,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1004,26 +1004,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1043,20 +1043,20 @@ "alias": null, "disabled": false, "index": "packetbeat-*", - "key": "type", + "key": "winlog.api", "negate": false, "params": { "query": "mongodb", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "mongodb" }, "query": { "match": { - "type": { + "winlog.api": { "query": "mongodb", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1073,16 +1073,16 @@ "negate": true, "params": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1094,7 +1094,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1102,18 +1102,18 @@ "desc" ], "title": "MongoDB errors [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status", @@ -1136,16 +1136,16 @@ "negate": false, "params": { "query": "mongodb", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "mongodb" }, "query": { "match": { "event.dataset": { "query": "mongodb", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1174,7 +1174,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1182,18 +1182,18 @@ "desc" ], "title": "MongoDB Transaction Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "MongoDB-transactions-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status", @@ -1216,16 +1216,16 @@ "negate": false, "params": { "query": "mongodb", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "mongodb" }, "query": { "match": { "event.dataset": { "query": "mongodb", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1254,7 +1254,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1262,12 +1262,12 @@ "desc" ], "title": "MongoDB transactions with write concern 0 [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "MongoDB-transactions-with-write-concern-0-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1281,7 +1281,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1298,8 +1298,8 @@ }, "id": "Navigation-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1311,8 +1311,8 @@ }, "id": "MongoDB-errors-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1324,8 +1324,8 @@ }, "id": "MongoDB-commands-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1337,8 +1337,8 @@ }, "id": "MongoDB-errors-per-collection-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1350,8 +1350,8 @@ }, "id": "MongoDB-in-slash-out-throughput-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1363,8 +1363,8 @@ }, "id": "MongoDB-response-times-by-collection-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1386,8 +1386,8 @@ }, "id": "Top-slowest-MongoDB-queries-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1399,19 +1399,19 @@ }, "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] MongoDB ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-MongoDB-performance-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:27.239Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json index 65a0672a8944..500c9a4d49f8 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json @@ -15,7 +15,7 @@ "savedSearchId": "MySQL-errors-ecs", "title": "MySQL Errors [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -54,12 +54,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -82,7 +82,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -90,7 +90,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -106,26 +106,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MySQL Errors [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MySQL-Errors-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -142,7 +142,7 @@ "savedSearchId": "MySQL-Transactions-ecs", "title": "MySQL Methods [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -150,7 +150,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -165,7 +165,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -181,7 +181,7 @@ "size": 20 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -197,12 +197,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -225,7 +225,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -233,7 +233,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -249,26 +249,26 @@ "defaultYExtents": false, "mode": "wiggle", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MySQL Methods [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MySQL-Methods-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -289,7 +289,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -298,13 +298,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -321,7 +321,7 @@ "savedSearchId": "MySQL-Transactions-ecs", "title": "MySQL throughput [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -331,7 +331,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -340,7 +340,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -355,7 +355,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -371,12 +371,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -395,7 +395,7 @@ }, "mode": "normal", "show": "true", - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -405,13 +405,13 @@ }, "mode": "normal", "show": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -427,25 +427,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "MySQL throughput [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "MySQL-throughput-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -458,14 +458,14 @@ "savedSearchId": "MySQL-Transactions-ecs", "title": "Most frequent MySQL queries ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -476,7 +476,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -486,13 +486,13 @@ "showPartialRows": false }, "title": "Most frequent MySQL queries ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Most-frequent-MySQL-queries-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -518,7 +518,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -529,7 +529,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -545,7 +545,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -560,13 +560,13 @@ "totalFunc": "sum" }, "title": "Slowest MySQL queries ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Slowest-MySQL-queries-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -583,7 +583,7 @@ "savedSearchId": "MySQL-Transactions-ecs", "title": "Mysql response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -598,7 +598,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -613,7 +613,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -629,12 +629,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -653,13 +653,13 @@ }, "mode": "normal", "show": "true", - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -675,25 +675,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Mysql response times percentiles [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Mysql-response-times-percentiles-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -710,7 +710,7 @@ "savedSearchId": "MySQL-Transactions-ecs", "title": "MySQL Reads vs Writes [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -718,7 +718,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -733,7 +733,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -758,7 +758,7 @@ ] }, "schema": "group", - "type": "filters" + "winlog.api": "filters" } ], "params": { @@ -774,14 +774,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -806,7 +806,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -814,7 +814,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -828,32 +828,32 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "MySQL Reads vs Writes [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "MySQL-Reads-vs-Writes-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status" @@ -875,16 +875,16 @@ "negate": true, "params": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -901,16 +901,16 @@ "negate": false, "params": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "mysql" }, "query": { "match": { "event.dataset": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -938,7 +938,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -946,18 +946,18 @@ "desc" ], "title": "MySQL Errors Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "MySQL-errors-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status" @@ -975,20 +975,20 @@ "alias": null, "disabled": false, "index": "packetbeat-*", - "key": "type", + "key": "winlog.api", "negate": false, "params": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "mysql" }, "query": { "match": { - "type": { + "winlog.api": { "query": "mysql", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1016,7 +1016,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1024,12 +1024,12 @@ "desc" ], "title": "MySQL Transactions [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "MySQL-Transactions-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1048,7 +1048,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1065,8 +1065,8 @@ }, "id": "MySQL-Errors-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1078,8 +1078,8 @@ }, "id": "MySQL-Methods-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1091,8 +1091,8 @@ }, "id": "Navigation-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1104,8 +1104,8 @@ }, "id": "MySQL-throughput-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1127,8 +1127,8 @@ }, "id": "Most-frequent-MySQL-queries-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1150,8 +1150,8 @@ }, "id": "Slowest-MySQL-queries-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1163,8 +1163,8 @@ }, "id": "Mysql-response-times-percentiles-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1176,19 +1176,19 @@ }, "id": "MySQL-Reads-vs-Writes-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] MySQL performance ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-MySQL-performance-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:28.266Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json index 698cd6f84c20..567f76028fe4 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json @@ -15,7 +15,7 @@ "savedSearchId": "nfs-ecs", "title": "NFS clients pie chart [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -39,7 +39,7 @@ "size": 16 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -54,16 +54,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "NFS clients pie chart [Packetbeat] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "NFS-clients-pie-chart-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -76,14 +76,14 @@ "savedSearchId": "nfs-ecs", "title": "NFS operations area chart ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -94,7 +94,7 @@ "size": 16 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" }, { "id": "3", @@ -106,7 +106,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "listeners": {}, @@ -125,13 +125,13 @@ "yAxis": {} }, "title": "NFS operations area chart ECS", - "type": "area" + "winlog.api": "area" } }, "id": "NFS-operations-area-chart-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -148,7 +148,7 @@ "savedSearchId": "nfs-ecs", "title": "NFS top group pie chart [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -156,7 +156,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -172,7 +172,7 @@ "size": 16 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -187,16 +187,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "NFS top group pie chart [Packetbeat] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "NFS-top-group-pie-chart-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -213,7 +213,7 @@ "savedSearchId": "nfs-ecs", "title": "NFS top users pie chart [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -221,7 +221,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -237,7 +237,7 @@ "size": 16 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -252,16 +252,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, "title": "NFS top users pie chart [Packetbeat] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "NFS-top-users-pie-chart-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -278,7 +278,7 @@ "savedSearchId": "nfs-ecs", "title": "NFS response times [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -291,7 +291,7 @@ ] }, "schema": "metric", - "type": "median" + "winlog.api": "median" }, { "enabled": true, @@ -306,7 +306,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -322,12 +322,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": true, @@ -354,7 +354,7 @@ "radiusRatio": "9", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -363,7 +363,7 @@ "showCircles": true, "smoothLines": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -379,26 +379,26 @@ "defaultYExtents": true, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Median event.duration" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "NFS response times [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "NFS-response-times-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -415,7 +415,7 @@ "savedSearchId": "NFS-errors-search-ecs", "title": "NFS errors [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -423,7 +423,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -438,7 +438,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -454,7 +454,7 @@ "size": 12 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -470,12 +470,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -498,7 +498,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -506,7 +506,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -522,26 +522,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "NFS errors [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "NFS-errors-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -567,7 +567,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -578,7 +578,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -595,14 +595,14 @@ "size": 16 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, "id": "3", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -617,13 +617,13 @@ "totalFunc": "sum" }, "title": "NFS operation table [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "NFS-operation-table-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -646,7 +646,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -657,7 +657,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -667,7 +667,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -682,7 +682,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -698,12 +698,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -730,7 +730,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -743,7 +743,7 @@ "mode": "normal", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -752,7 +752,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -768,26 +768,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "NFS Request / Response Sizes [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "NFS-bytes-in-slash-out-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -808,7 +808,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -817,13 +817,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -847,16 +847,16 @@ "negate": false, "params": { "query": "nfs-ecs", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "nfs-ecs" }, "query": { "match": { "event.dataset": { "query": "nfs-ecs", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -886,7 +886,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -894,12 +894,12 @@ "desc" ], "title": "NFS Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "nfs-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -923,16 +923,16 @@ "negate": true, "params": { "query": "NFSERR_NOENT", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "NFSERR_NOENT" }, "query": { "match": { "nfs.status": { "query": "NFSERR_NOENT", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -949,16 +949,16 @@ "negate": true, "params": { "query": "NFS_OK", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "NFS_OK" }, "query": { "match": { "nfs.status": { "query": "NFS_OK", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -975,16 +975,16 @@ "negate": false, "params": { "query": "nfs-ecs", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "nfs-ecs" }, "query": { "match": { "event.dataset": { "query": "nfs-ecs", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1014,7 +1014,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1022,12 +1022,12 @@ "desc" ], "title": "NFS Error Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "NFS-errors-search-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1041,7 +1041,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1063,8 +1063,8 @@ }, "id": "NFS-clients-pie-chart-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1076,8 +1076,8 @@ }, "id": "NFS-operations-area-chart-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1100,8 +1100,8 @@ }, "id": "NFS-top-group-pie-chart-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1118,8 +1118,8 @@ }, "id": "NFS-top-users-pie-chart-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1136,8 +1136,8 @@ }, "id": "NFS-response-times-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1149,8 +1149,8 @@ }, "id": "NFS-errors-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1172,8 +1172,8 @@ }, "id": "NFS-operation-table-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1190,8 +1190,8 @@ }, "id": "NFS-bytes-in-slash-out-ecs", "panelIndex": "9", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1203,19 +1203,19 @@ }, "id": "Navigation-ecs", "panelIndex": "10", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] NFS ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-NFS-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:29.316Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json index 592341242bee..5b794e94bb09 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json @@ -15,7 +15,7 @@ "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "title": "HTTP Transactions [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -54,12 +54,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -80,14 +80,14 @@ }, "mode": "stacked", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -103,26 +103,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "HTTP Transactions [Packetbeat] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Web-transactions-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -142,16 +142,16 @@ "negate": true, "params": { "query": "flow", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "flow" }, "query": { "match": { "event.type": { "query": "flow", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -166,7 +166,7 @@ }, "title": "Transaction Types [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -174,7 +174,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -189,7 +189,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -205,7 +205,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -221,12 +221,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -247,14 +247,14 @@ }, "mode": "stacked", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -270,26 +270,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Transaction Types [Packetbeat] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "DB-transactions-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:20:54.634Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -306,7 +306,7 @@ "savedSearchId": "Packetbeat-Search-ecs", "title": "Response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -321,7 +321,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -336,7 +336,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -352,12 +352,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -384,7 +384,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], @@ -393,7 +393,7 @@ "showCircles": true, "smoothLines": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -409,26 +409,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Response times percentiles [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Response-times-percentiles-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:01:49.340Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -441,14 +441,14 @@ "savedSearchId": "Transactions-errors-ecs", "title": "Errors count over time ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -460,18 +460,18 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "id": "3", "params": { - "field": "type", + "field": "winlog.api", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -488,13 +488,13 @@ "yAxis": {} }, "title": "New Visualization ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Errors-count-over-time-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:30.350Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -511,7 +511,7 @@ "savedSearchId": "Packetbeat-Search-ecs", "title": "Errors vs successful transactions [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -519,7 +519,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -534,7 +534,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -550,7 +550,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -566,12 +566,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -592,14 +592,14 @@ }, "mode": "stacked", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -615,26 +615,26 @@ "defaultYExtents": false, "mode": "percentage", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Errors vs successful transactions [Packetbeat] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Errors-vs-successful-transactions-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:02:24.071Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -651,7 +651,7 @@ "savedSearchId": "Packetbeat-Search-ecs", "title": "Latency Histogram [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -659,7 +659,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -670,7 +670,7 @@ "interval": 10000000 }, "schema": "segment", - "type": "histogram" + "winlog.api": "histogram" } ], "params": { @@ -686,12 +686,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -714,7 +714,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -722,7 +722,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -738,26 +738,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Latency Histogram [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "Latency-histogram-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:03:54.084Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -784,7 +784,7 @@ -0.17578125 ] }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -792,7 +792,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -820,7 +820,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -848,7 +848,7 @@ "layers": "0", "styles": "", "transparent": true, - "version": "1.3.0" + "winlog.version": "1.3.0" }, "selectedTmsLayer": { "attribution": "\u003cp\u003e\u0026#169; \u003ca href=\"http://www.openstreetmap.org/copyright\"\u003eOpenStreetMap\u003c/a\u003e contributors | \u003ca href=\"https://www.elastic.co/elastic-maps-service\"\u003eElastic Maps Service\u003c/a\u003e\u003c/p\u003e\u0026#10;", @@ -861,13 +861,13 @@ } }, "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "Client-locations-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:52:42.404Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -884,7 +884,7 @@ "savedSearchId": "Packetbeat-Search-ecs", "title": "Response times repartition [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -892,7 +892,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -907,7 +907,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -918,7 +918,7 @@ "interval": 10000000 }, "schema": "group", - "type": "histogram" + "winlog.api": "histogram" } ], "params": { @@ -934,12 +934,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -960,14 +960,14 @@ }, "mode": "stacked", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -983,26 +983,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "Response times repartition [Packetbeat] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Response-times-repartition-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:00:32.530Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1023,7 +1023,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -1032,13 +1032,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -1055,7 +1055,7 @@ "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "title": "DNS Transactions [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1066,7 +1066,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -1081,14 +1081,14 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, "id": "3", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -1104,12 +1104,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1130,7 +1130,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" }, { @@ -1144,12 +1144,12 @@ "mode": "stacked", "show": true, "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-2" } ], "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -1163,14 +1163,14 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Avg Response Time" }, - "type": "value" + "winlog.api": "value" }, { "id": "ValueAxis-2", @@ -1184,25 +1184,25 @@ "position": "right", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "DNS Transactions [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:29:49.161Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -1227,7 +1227,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1235,7 +1235,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -1249,7 +1249,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -1263,7 +1263,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -1279,12 +1279,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1305,12 +1305,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -1324,25 +1324,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "TLS Sessions ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1366,16 +1366,16 @@ "negate": false, "params": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1387,7 +1387,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1395,12 +1395,12 @@ "desc" ], "title": "HTTP Transactions Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-19T00:21:43.886Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -1432,16 +1432,16 @@ "negate": true, "params": { "query": "flow", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "flow" }, "query": { "match": { "event.dataset": { "query": "flow", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1466,7 +1466,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1474,12 +1474,12 @@ "desc" ], "title": "Packetbeat Search ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-Search-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-19T00:01:10.720Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1511,16 +1511,16 @@ "negate": true, "params": { "query": "flow", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "flow" }, "query": { "match": { "event.dataset": { "query": "flow", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1537,16 +1537,16 @@ "negate": true, "params": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1571,7 +1571,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1579,12 +1579,12 @@ "desc" ], "title": "Transactions Errors Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Transactions-errors-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-19T00:05:18.965Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -1611,16 +1611,16 @@ "negate": false, "params": { "query": "dns", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "dns" }, "query": { "match": { "network.protocol": { "query": "dns", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1645,7 +1645,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1653,12 +1653,12 @@ "desc" ], "title": "DNS Protocol [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:24.089Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1683,7 +1683,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -1699,7 +1699,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1707,12 +1707,12 @@ "desc" ], "title": "TLS Sessions [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1726,7 +1726,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1743,8 +1743,8 @@ }, "id": "Web-transactions-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1756,8 +1756,8 @@ }, "id": "DB-transactions-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1769,8 +1769,8 @@ }, "id": "Response-times-percentiles-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1782,8 +1782,8 @@ }, "id": "Errors-count-over-time-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1795,8 +1795,8 @@ }, "id": "Errors-vs-successful-transactions-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1808,8 +1808,8 @@ }, "id": "Latency-histogram-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1845,8 +1845,8 @@ }, "id": "Client-locations-ecs", "panelIndex": "9", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1858,8 +1858,8 @@ }, "id": "Response-times-repartition-ecs", "panelIndex": "10", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1871,8 +1871,8 @@ }, "id": "Navigation-ecs", "panelIndex": "11", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -1885,8 +1885,8 @@ }, "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", "panelIndex": "12", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -1899,19 +1899,19 @@ }, "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "panelIndex": "13", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-Dashboard-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-19T00:31:53.357Z", - "version": 5 + "winlog.version": 5 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json index d33eae639882..d959c09de9a9 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json @@ -19,7 +19,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -28,13 +28,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -51,7 +51,7 @@ "savedSearchId": "PgSQL-errors-ecs", "title": "PgSQL Errors [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -59,7 +59,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -74,7 +74,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -90,12 +90,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -118,7 +118,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -126,7 +126,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -142,26 +142,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "PgSQL Errors [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "PgSQL-Errors-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -178,7 +178,7 @@ "savedSearchId": "PgSQL-transactions-ecs", "title": "PgSQL Methods [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -186,7 +186,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -201,7 +201,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -217,7 +217,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -233,12 +233,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -261,7 +261,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -269,7 +269,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -285,26 +285,26 @@ "defaultYExtents": false, "mode": "wiggle", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "PgSQL Methods [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "PgSQL-Methods-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -321,7 +321,7 @@ "savedSearchId": "PgSQL-transactions-ecs", "title": "PgSQL response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -336,7 +336,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -351,7 +351,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -367,12 +367,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -391,13 +391,13 @@ }, "mode": "normal", "show": "true", - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -413,25 +413,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "PgSQL response times percentiles [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "PgSQL-response-times-percentiles-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -448,7 +448,7 @@ "savedSearchId": "PgSQL-transactions-ecs", "title": "PgSQL Throughput [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -458,7 +458,7 @@ "field": "destination.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -467,7 +467,7 @@ "field": "source.bytes" }, "schema": "metric", - "type": "sum" + "winlog.api": "sum" }, { "enabled": true, @@ -482,7 +482,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -498,12 +498,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -522,7 +522,7 @@ }, "mode": "normal", "show": "true", - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" }, { @@ -532,13 +532,13 @@ }, "mode": "normal", "show": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -554,25 +554,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "PgSQL Throughput [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "PgSQL-throughput-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -589,7 +589,7 @@ "savedSearchId": "PgSQL-transactions-ecs", "title": "PgSQL Reads vs Writes [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -597,7 +597,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -612,7 +612,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -637,7 +637,7 @@ ] }, "schema": "group", - "type": "filters" + "winlog.api": "filters" } ], "params": { @@ -653,14 +653,14 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -685,7 +685,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], @@ -693,7 +693,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -707,26 +707,26 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, "title": "PgSQL Reads vs Writes [Packetbeat] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "PgSQL-Reads-vs-Writes-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -752,7 +752,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -760,7 +760,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -776,7 +776,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -791,13 +791,13 @@ "totalFunc": "sum" }, "title": "Most frequent PgSQL queries [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Most-frequent-PgSQL-queries-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -823,7 +823,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -834,7 +834,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -850,7 +850,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -865,19 +865,19 @@ "totalFunc": "sum" }, "title": "Slowest PgSQL Queries [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Slowest-PgSQL-queries-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status" @@ -899,16 +899,16 @@ "negate": true, "params": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -925,16 +925,16 @@ "negate": false, "params": { "query": "pgsql", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "pgsql" }, "query": { "match": { "event.dataset": { "query": "pgsql", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -957,7 +957,7 @@ "language": "lucene", "query": "*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -965,18 +965,18 @@ "desc" ], "title": "PgSQL Errors Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "PgSQL-errors-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status" @@ -998,16 +998,16 @@ "negate": false, "params": { "query": "pgsql", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "pgsql" }, "query": { "match": { "event.dataset": { "query": "pgsql", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1035,7 +1035,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1043,12 +1043,12 @@ "desc" ], "title": "PgSQL Transactions [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "PgSQL-transactions-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1067,7 +1067,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1084,8 +1084,8 @@ }, "id": "Navigation-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1097,8 +1097,8 @@ }, "id": "PgSQL-Errors-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1110,8 +1110,8 @@ }, "id": "PgSQL-Methods-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1123,8 +1123,8 @@ }, "id": "PgSQL-response-times-percentiles-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1136,8 +1136,8 @@ }, "id": "PgSQL-throughput-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1149,8 +1149,8 @@ }, "id": "PgSQL-Reads-vs-Writes-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1172,8 +1172,8 @@ }, "id": "Most-frequent-PgSQL-queries-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1195,19 +1195,19 @@ }, "id": "Slowest-PgSQL-queries-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Packetbeat] PgSQL performance ECS", - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-PgSQL-performance-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:31.386Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json index 92761197e562..4cd559589e1c 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json @@ -19,7 +19,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -28,13 +28,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -47,14 +47,14 @@ "savedSearchId": "Thrift-transactions-ecs", "title": "Thrift requests per minute [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -66,7 +66,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "listeners": {}, @@ -83,13 +83,13 @@ "yAxis": {} }, "title": "Thrift requests per minute ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Thrift-requests-per-minute-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -102,14 +102,14 @@ "savedSearchId": "Thrift-errors-ecs", "title": "Thrift RPC Errors [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -121,7 +121,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "listeners": {}, @@ -140,13 +140,13 @@ "yAxis": {} }, "title": "Thrift RPC Errors ECS", - "type": "area" + "winlog.api": "area" } }, "id": "Thrift-RPC-Errors-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -172,7 +172,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -182,7 +182,7 @@ "field": "event.duration" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -198,7 +198,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -213,13 +213,13 @@ "totalFunc": "sum" }, "title": "Slowest Thrift RPC methods [Packetbeat] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "Slowest-Thrift-RPC-methods-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -236,7 +236,7 @@ "savedSearchId": "Thrift-transactions-ecs", "title": "Thrift response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -251,7 +251,7 @@ ] }, "schema": "metric", - "type": "percentiles" + "winlog.api": "percentiles" }, { "enabled": true, @@ -266,7 +266,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -282,12 +282,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -306,13 +306,13 @@ }, "mode": "normal", "show": "true", - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -328,25 +328,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Thrift response times percentiles [Packetbeat] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "Thrift-response-times-percentiles-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -359,14 +359,14 @@ "savedSearchId": "Thrift-transactions-ecs", "title": "Top Thrift-RPC methods [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -377,7 +377,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -394,13 +394,13 @@ "yAxis": {} }, "title": "Top Thrift-RPC methods ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Top-Thrift-RPC-methods-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -412,14 +412,14 @@ }, "savedSearchId": "Thrift-errors-ecs", "title": "Top Thrift-RPC calls with errors [Packetbeat] ECS", - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "id": "2", @@ -430,7 +430,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "listeners": {}, @@ -441,19 +441,19 @@ "mode": "stacked", "shareYAxis": true }, - "type": "histogram" + "winlog.api": "histogram" } }, "id": "Top-Thrift-RPC-calls-with-errors-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status" @@ -475,16 +475,16 @@ "negate": false, "params": { "query": "thrift", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "thrift" }, "query": { "match": { "event.dataset": { "query": "thrift", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -508,11 +508,11 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "type: thrift" + "query": "winlog.api: thrift" } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -520,18 +520,18 @@ "desc" ], "title": "Thrift Transactions Search [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Thrift-transactions-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { "columns": [ "method", - "type", + "winlog.api", "path", "event.duration", "status" @@ -553,16 +553,16 @@ "negate": true, "params": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -579,16 +579,16 @@ "negate": false, "params": { "query": "thrift", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "thrift" }, "query": { "match": { "event.dataset": { "query": "thrift", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -612,11 +612,11 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "type: thrift" + "query": "winlog.api: thrift" } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -624,12 +624,12 @@ "desc" ], "title": "Thrift Errors [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "Thrift-errors-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -648,7 +648,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -662,7 +662,7 @@ "row": 1, "size_x": 3, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 4, @@ -671,7 +671,7 @@ "row": 1, "size_x": 5, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 9, @@ -680,7 +680,7 @@ "row": 1, "size_x": 4, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -689,7 +689,7 @@ "row": 5, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -698,7 +698,7 @@ "row": 5, "size_x": 6, "size_y": 3, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 1, @@ -707,7 +707,7 @@ "row": 8, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" }, { "col": 7, @@ -716,7 +716,7 @@ "row": 8, "size_x": 6, "size_y": 4, - "type": "visualization" + "winlog.api": "visualization" } ], "timeRestore": false, @@ -733,13 +733,13 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "Packetbeat-Thrift-performance-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:32.418Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json index a3563dd1f131..2778667d60e6 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json @@ -19,7 +19,7 @@ }, "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -28,13 +28,13 @@ "openLinksInNewTab": false }, "title": "Navigation [Packetbeat] ECS", - "type": "markdown" + "winlog.api": "markdown" } }, "id": "Navigation-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "version": 11 + "winlog.version": 11 }, { "attributes": { @@ -59,7 +59,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -67,7 +67,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -81,7 +81,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -95,7 +95,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -111,12 +111,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -137,12 +137,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -156,25 +156,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "TLS Sessions ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -192,7 +192,7 @@ "index": "packetbeat-*", "key": "query", "negate": false, - "type": "custom", + "winlog.api": "custom", "value": "{\"exists\":{\"field\":\"tls\"}}" }, "query": { @@ -218,7 +218,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -226,7 +226,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -240,7 +240,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -248,16 +248,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "TLS Alerts ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -278,7 +278,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -315,7 +315,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -323,7 +323,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -352,16 +352,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, "title": "Total Number of TLS Sessions ECS", - "type": "metric" + "winlog.api": "metric" } }, "id": "061de380-d361-11e7-9914-4982455b3063-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -378,7 +378,7 @@ "savedSearchId": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", "title": "TLS Server Name Indication [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -386,7 +386,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -399,7 +399,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -410,13 +410,13 @@ "scale": "linear" }, "title": "TLS Server Name Indication ECS", - "type": "tagcloud" + "winlog.api": "tagcloud" } }, "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -433,7 +433,7 @@ "savedSearchId": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", "title": "TLS Versions [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -441,7 +441,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -454,7 +454,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -462,16 +462,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "TLS Versions ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -488,7 +488,7 @@ "savedSearchId": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", "title": "TLS Server Public Key Size [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -496,7 +496,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -509,7 +509,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -517,16 +517,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Server Public Key Size ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -543,7 +543,7 @@ "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", "title": "TLS Session Resume [Packetbeat] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -551,7 +551,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -569,7 +569,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -583,16 +583,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "TLS Session Resume [Packetbeat] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -618,7 +618,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -628,7 +628,7 @@ "customLabel": "" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -641,7 +641,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -654,7 +654,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -669,13 +669,13 @@ "totalFunc": "sum" }, "title": "TLS Server Certificates ECS", - "type": "table" + "winlog.api": "table" } }, "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -701,7 +701,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -709,7 +709,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -722,7 +722,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -736,7 +736,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -751,13 +751,13 @@ "totalFunc": "sum" }, "title": "TLS Client Certificates ECS", - "type": "table" + "winlog.api": "table" } }, "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -783,7 +783,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -791,7 +791,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -804,7 +804,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -819,13 +819,13 @@ "totalFunc": "sum" }, "title": "TLS Cipher ECS", - "type": "table" + "winlog.api": "table" } }, "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -851,7 +851,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -859,7 +859,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -872,7 +872,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -887,13 +887,13 @@ "totalFunc": "sum" }, "title": "TLS Fingerprint ECS", - "type": "table" + "winlog.api": "table" } }, "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -915,7 +915,7 @@ "gte": 0, "lt": 1000000000 }, - "type": "range", + "winlog.api": "range", "value": "0 to 1,000,000,000" }, "range": { @@ -939,7 +939,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -947,7 +947,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -959,7 +959,7 @@ "interval": 2000000 }, "schema": "segment", - "type": "histogram" + "winlog.api": "histogram" } ], "params": { @@ -976,12 +976,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1002,12 +1002,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -1021,25 +1021,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "TLS Handshake Latency ECS", - "type": "area" + "winlog.api": "area" } }, "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1064,7 +1064,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -1080,7 +1080,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1088,12 +1088,12 @@ "desc" ], "title": "TLS Sessions [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1118,7 +1118,7 @@ "index": "packetbeat-*", "key": "tls.client_hello.extensions.server_name_indication", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -1134,7 +1134,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1142,12 +1142,12 @@ "desc" ], "title": "TLS Server Name Indication [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1172,7 +1172,7 @@ "index": "packetbeat-*", "key": "tls.version", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -1188,7 +1188,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1196,12 +1196,12 @@ "desc" ], "title": "TLS Version [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1226,7 +1226,7 @@ "index": "packetbeat-*", "key": "tls.server_certificate.public_key_size", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -1242,7 +1242,7 @@ } } }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1250,12 +1250,12 @@ "desc" ], "title": "Server Public Key Size ECS", - "version": 1 + "winlog.version": 1 }, "id": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1280,7 +1280,7 @@ "index": "packetbeat-*", "key": "tls.fingerprints.ja3.hash", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -1291,7 +1291,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1299,12 +1299,12 @@ "desc" ], "title": "TLS Fingerprint [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1329,7 +1329,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } }, @@ -1346,7 +1346,7 @@ "index": "packetbeat-*", "key": "event.duration", "negate": false, - "type": "exists", + "winlog.api": "exists", "value": "exists" } } @@ -1357,7 +1357,7 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -1365,12 +1365,12 @@ "desc" ], "title": "TLS Handshake Latency [Packetbeat] ECS", - "version": 1 + "winlog.version": 1 }, "id": "8e2af860-d520-11e7-9fff-7b1ebf397ba9-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1389,7 +1389,7 @@ } } }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -1407,8 +1407,8 @@ }, "id": "Navigation-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1420,8 +1420,8 @@ }, "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1433,8 +1433,8 @@ }, "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", "panelIndex": "9", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1446,8 +1446,8 @@ }, "id": "061de380-d361-11e7-9914-4982455b3063-ecs", "panelIndex": "10", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1459,8 +1459,8 @@ }, "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", "panelIndex": "11", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1472,8 +1472,8 @@ }, "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", "panelIndex": "12", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1485,8 +1485,8 @@ }, "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", "panelIndex": "13", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1498,8 +1498,8 @@ }, "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", "panelIndex": "14", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1511,8 +1511,8 @@ }, "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", "panelIndex": "15", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1524,8 +1524,8 @@ }, "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", "panelIndex": "16", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1537,8 +1537,8 @@ }, "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", "panelIndex": "17", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1550,8 +1550,8 @@ }, "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", "panelIndex": "18", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" }, { "gridData": { @@ -1563,8 +1563,8 @@ }, "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", "panelIndex": "19", - "type": "visualization", - "version": "6.2.4" + "winlog.api": "visualization", + "winlog.version": "6.2.4" } ], "timeRestore": false, @@ -1628,13 +1628,13 @@ } } }, - "version": 1 + "winlog.version": 1 }, "id": "tls-sessions-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-18T23:49:33.441Z", - "version": 1 + "winlog.version": 1 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json index 6455d6f8341e..11a83a7f1fcd 100644 --- a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json +++ b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json @@ -29,7 +29,7 @@ }, "panelIndex": "1", "panelRefName": "panel_0", - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -41,7 +41,7 @@ }, "panelIndex": "3", "panelRefName": "panel_1", - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -63,7 +63,7 @@ }, "panelIndex": "4", "panelRefName": "panel_2", - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -75,7 +75,7 @@ }, "panelIndex": "5", "panelRefName": "panel_3", - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -87,48 +87,47 @@ }, "panelIndex": "6", "panelRefName": "panel_4", - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "Winlogbeat Dashboard", - "version": 1 + "title": "Winlogbeat Dashboard ECS", + "winlog.version": 1 }, - "id": "Winlogbeat-Dashboard", + "id": "Winlogbeat-Dashboard-ecs", "migrationVersion": { "dashboard": "7.0.0" }, "references": [ { -<<<<<<< HEAD - "id": "Number-of-Events-Over-Time-By-Event-Log", + "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", "name": "panel_0", - "type": "visualization" + "winlog.api": "visualization" }, { - "id": "Number-of-Events", + "id": "Number-of-Events-ecs", "name": "panel_1", - "type": "visualization" + "winlog.api": "visualization" }, { - "id": "Top-Event-IDs", + "id": "Top-Event-IDs-ecs", "name": "panel_2", - "type": "visualization" + "winlog.api": "visualization" }, { - "id": "Event-Levels", + "id": "Event-Levels-ecs", "name": "panel_3", - "type": "visualization" + "winlog.api": "visualization" }, { - "id": "Sources", + "id": "Sources-ecs", "name": "panel_4", - "type": "visualization" + "winlog.api": "visualization" } ], - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-02-05T19:56:19.932Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -143,9 +142,9 @@ } } }, - "title": "Number of Events Over Time By Channel", + "title": "Number of Events Over Time By Channel ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -153,7 +152,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -174,7 +173,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -191,7 +190,7 @@ "size": 6 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -207,12 +206,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "defaultYExtents": false, @@ -279,14 +278,14 @@ }, "mode": "stacked", "show": "true", - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -302,23 +301,23 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ], "yAxis": {} }, - "title": "Number of Events Over Time By Channel", - "type": "histogram" + "title": "Number of Events Over Time By Channel ECS", + "winlog.api": "histogram" } }, - "id": "Number-of-Events-Over-Time-By-Event-Log", + "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -326,373 +325,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" -======= - "attributes": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "index": "winlogbeat-*", - "query": { - "query_string": { - "analyze_wildcard": true, - "query": "*" - } - } - } - }, - "title": "Number of Events Over Time By Event Log ECS", - "uiStateJSON": {}, - "version": 1, - "visState": { - "aggs": [ - { - "id": "1", - "params": {}, - "schema": "metric", - "type": "count" - }, - { - "id": "2", - "params": { - "customInterval": "2h", - "extended_bounds": {}, - "field": "@timestamp", - "interval": "auto", - "min_doc_count": 1 - }, - "schema": "segment", - "type": "date_histogram" - }, - { - "id": "3", - "params": { - "field": "log_name", - "order": "desc", - "orderBy": "1", - "size": 6 - }, - "schema": "group", - "type": "terms" - } - ], - "listeners": {}, - "params": { - "addLegend": true, - "addTimeMarker": false, - "addTooltip": true, - "defaultYExtents": false, - "mode": "stacked", - "scale": "linear", - "setYExtents": false, - "shareYAxis": true, - "times": [], - "yAxis": {} - }, - "type": "histogram" - } - }, - "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", - "type": "visualization", - "version": 1 - }, - { - "attributes": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "index": "winlogbeat-*", - "query": { - "query_string": { - "analyze_wildcard": true, - "query": "*" - } - } - } - }, - "title": "Number of Events ECS", - "uiStateJSON": {}, - "version": 1, - "visState": { - "aggs": [ - { - "id": "1", - "params": {}, - "schema": "metric", - "type": "count" - } - ], - "listeners": {}, - "params": { - "fontSize": 60 - }, - "type": "metric" - } - }, - "id": "Number-of-Events-ecs", - "type": "visualization", - "version": 1 - }, - { - "attributes": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "index": "winlogbeat-*", - "query": { - "query_string": { - "analyze_wildcard": true, - "query": "*" - } - } - } - }, - "title": "Top Event IDs ECS", - "uiStateJSON": {}, - "version": 1, - "visState": { - "aggs": [ - { - "id": "1", - "params": {}, - "schema": "metric", - "type": "count" - }, - { - "id": "2", - "params": { - "field": "event_id", - "order": "desc", - "orderBy": "1", - "size": 5 - }, - "schema": "bucket", - "type": "terms" - } - ], - "listeners": {}, - "params": { - "perPage": 10, - "showMeticsAtAllLevels": false, - "showPartialRows": false - }, - "type": "table" - } - }, - "id": "Top-Event-IDs-ecs", - "type": "visualization", - "version": 1 - }, - { - "attributes": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "index": "winlogbeat-*", - "query": { - "query_string": { - "analyze_wildcard": true, - "query": "*" - } - } - } - }, - "title": "Event Levels ECS", - "uiStateJSON": { - "vis": { - "params": { - "sort": { - "columnIndex": null, - "direction": null - } - } - } - }, - "version": 1, - "visState": { - "aggs": [ - { - "enabled": true, - "id": "1", - "params": {}, - "schema": "metric", - "type": "count" - }, - { - "enabled": true, - "id": "2", - "params": { - "field": "level", - "order": "desc", - "orderBy": "1", - "size": 5 - }, - "schema": "bucket", - "type": "terms" - } - ], - "listeners": {}, - "params": { - "perPage": 10, - "showMeticsAtAllLevels": false, - "showPartialRows": false, - "showTotal": false, - "sort": { - "columnIndex": null, - "direction": null - }, - "totalFunc": "sum" - }, - "title": "Event Levels ECS", - "type": "table" - } - }, - "id": "Event-Levels-ecs", - "type": "visualization", - "version": 1 - }, - { - "attributes": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "index": "winlogbeat-*", - "query": { - "query_string": { - "analyze_wildcard": true, - "query": "*" - } - } - } - }, - "title": "Sources-ecs ECS", - "uiStateJSON": {}, - "version": 1, - "visState": { - "aggs": [ - { - "enabled": true, - "id": "1", - "params": {}, - "schema": "metric", - "type": "count" - }, - { - "enabled": true, - "id": "2", - "params": { - "field": "source_name", - "order": "desc", - "orderBy": "1", - "size": 7 - }, - "schema": "segment", - "type": "terms" - } - ], - "listeners": {}, - "params": { - "addLegend": true, - "addTooltip": true, - "isDonut": false, - "legendPosition": "right", - "shareYAxis": true - }, - "title": "Sources-ecs ECS", - "type": "pie" - } - }, - "id": "Sources-ecs ECS", - "type": "visualization", - "version": 1 - }, - { - "attributes": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [ - { - "query": { - "query_string": { - "analyze_wildcard": true, - "query": "*" - } - } - } - ] - } - }, - "optionsJSON": { - "darkTheme": false - }, - "panelsJSON": [ - { - "col": 4, - "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", - "panelIndex": 1, - "row": 1, - "size_x": 9, - "size_y": 4, - "type": "visualization" - }, - { - "col": 1, - "id": "Number-of-Events-ecs", - "panelIndex": 3, - "row": 1, - "size_x": 3, - "size_y": 4, - "type": "visualization" - }, - { - "col": 5, - "id": "Top-Event-IDs-ecs", - "panelIndex": 4, - "row": 5, - "size_x": 4, - "size_y": 4, - "type": "visualization" - }, - { - "col": 9, - "id": "Event-Levels-ecs", - "panelIndex": 5, - "row": 5, - "size_x": 4, - "size_y": 4, - "type": "visualization" - }, - { - "col": 1, - "id": "Sources-ecs ECS", - "panelIndex": 6, - "row": 5, - "size_x": 4, - "size_y": 4, - "type": "visualization" - } - ], - "timeRestore": false, - "title": "Winlogbeat Dashboard ECS", - "uiStateJSON": {}, - "version": 1 - }, - "id": "Winlogbeat-Dashboard-ecs", - "type": "dashboard", - "version": 1 ->>>>>>> Introduce migration script for data in Kibana files + "winlog.api": "index-pattern" } ], - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -709,26 +347,26 @@ } } }, - "title": "Number of Events", + "title": "Number of Events ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "listeners": {}, "params": { "fontSize": 60 }, - "type": "metric" + "winlog.api": "metric" } }, - "id": "Number-of-Events", + "id": "Number-of-Events-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -736,12 +374,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" + "winlog.api": "index-pattern" } ], - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -761,7 +399,7 @@ } } }, - "title": "Top Event IDs", + "title": "Top Event IDs ECS", "uiStateJSON": { "vis": { "params": { @@ -772,7 +410,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -780,7 +418,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -797,7 +435,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -838,11 +476,11 @@ }, "totalFunc": "sum" }, - "title": "Top Event IDs", - "type": "table" + "title": "Top Event IDs ECS", + "winlog.api": "table" } }, - "id": "Top-Event-IDs", + "id": "Top-Event-IDs-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -850,12 +488,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" + "winlog.api": "index-pattern" } ], - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -875,7 +513,7 @@ } } }, - "title": "Event Levels", + "title": "Event Levels ECS", "uiStateJSON": { "vis": { "params": { @@ -886,7 +524,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -894,7 +532,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -911,7 +549,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -952,11 +590,11 @@ }, "totalFunc": "sum" }, - "title": "Event Levels", - "type": "table" + "title": "Event Levels ECS", + "winlog.api": "table" } }, - "id": "Event-Levels", + "id": "Event-Levels-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -964,12 +602,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" + "winlog.api": "index-pattern" } ], - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -989,9 +627,9 @@ } } }, - "title": "Sources (Provider Names)", + "title": "Sources (Provider Names) ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -999,7 +637,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -1015,7 +653,7 @@ "size": 7 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -1030,13 +668,13 @@ }, "legendPosition": "right", "shareYAxis": true, - "type": "pie" + "winlog.api": "pie" }, - "title": "Sources (Provider Names)", - "type": "pie" + "title": "Sources (Provider Names) ECS", + "winlog.api": "pie" } }, - "id": "Sources", + "id": "Sources-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -1044,13 +682,13 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" + "winlog.api": "index-pattern" } ], - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "version": 7 + "winlog.version": 7 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json index edd1f575b1f7..5a58e5eef6b0 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Host Count [Auditbeat System]", + "title": "Host Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Host Count [Auditbeat System]", - "type": "metric" + "title": "Host Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", - "type": "visualization", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:37:18.796Z", - "version": 22 + "winlog.version": 22 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -133,9 +133,9 @@ } } }, - "title": "OS Distribution [Auditbeat System]", + "title": "OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -145,7 +145,7 @@ "field": "system.audit.host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -162,7 +162,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -178,7 +178,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -192,16 +192,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "OS Distribution [Auditbeat System]", - "type": "pie" + "title": "OS Distribution [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", - "type": "visualization", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-01-21T11:37:35.796Z", - "version": 24 + "winlog.version": 24 }, { "attributes": { @@ -221,16 +221,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -243,9 +243,9 @@ } } }, - "title": "Average Uptime [Auditbeat System]", + "title": "Average Uptime [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -256,7 +256,7 @@ "field": "system.audit.host.uptime" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" } ], "params": { @@ -285,16 +285,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Average Uptime [Auditbeat System]", - "type": "metric" + "title": "Average Uptime [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "4d0485f0-18da-11e9-9094-c50574723088", - "type": "visualization", + "id": "4d0485f0-18da-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-01-21T11:57:55.023Z", - "version": 23 + "winlog.version": 23 }, { "attributes": { @@ -314,16 +314,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -336,9 +336,9 @@ } } }, - "title": "Host Documents [Auditbeat System]", + "title": "Host Documents [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -348,7 +348,7 @@ "customLabel": "Host States" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -364,7 +364,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -380,12 +380,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -405,12 +405,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -424,25 +424,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Host States" }, - "type": "value" + "winlog.api": "value" } ] }, - "title": "Host Documents [Auditbeat System]", - "type": "histogram" + "title": "Host Documents [Auditbeat System] ECS", + "winlog.api": "histogram" } }, - "id": "eea92ad0-18d7-11e9-9094-c50574723088", - "type": "visualization", + "id": "eea92ad0-18d7-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:26:47.877Z", - "version": 22 + "winlog.version": 22 }, { "attributes": { @@ -462,16 +462,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -484,7 +484,7 @@ } } }, - "title": "Host List [Auditbeat System]", + "title": "Host List [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -495,7 +495,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -513,7 +513,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -527,7 +527,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -541,7 +541,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -555,7 +555,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -569,7 +569,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -583,7 +583,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" } ], "params": { @@ -597,14 +597,14 @@ }, "totalFunc": "sum" }, - "title": "Host List [Auditbeat System]", - "type": "table" + "title": "Host List [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "91962a30-1901-11e9-9094-c50574723088", - "type": "visualization", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-01-21T11:58:22.519Z", - "version": 25 + "winlog.version": 25 }, { "attributes": { @@ -630,16 +630,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -651,20 +651,20 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Host Events [Auditbeat System]", - "version": 1 + "title": "Host Events [Auditbeat System] ECS", + "winlog.version": 1 }, - "id": "abe78cd0-18ca-11e9-9094-c50574723088", - "type": "search", + "id": "abe78cd0-18ca-11e9-9094-c50574723088-ecs", + "winlog.api": "search", "updated_at": "2019-02-04T09:31:20.533Z", - "version": 6 + "winlog.version": 6 }, { "attributes": { @@ -678,24 +678,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", - "type": "markdown" + "title": "Dashboard Links [Auditbeat System] ECS", + "winlog.api": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -725,10 +725,10 @@ "x": 0, "y": 4 }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -739,10 +739,10 @@ "x": 31, "y": 4 }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -753,10 +753,10 @@ "x": 15, "y": 4 }, - "id": "4d0485f0-18da-11e9-9094-c50574723088", + "id": "4d0485f0-18da-11e9-9094-c50574723088-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -767,10 +767,10 @@ "x": 0, "y": 14 }, - "id": "eea92ad0-18d7-11e9-9094-c50574723088", + "id": "eea92ad0-18d7-11e9-9094-c50574723088-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -781,10 +781,10 @@ "x": 0, "y": 21 }, - "id": "91962a30-1901-11e9-9094-c50574723088", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -795,10 +795,10 @@ "x": 0, "y": 33 }, - "id": "abe78cd0-18ca-11e9-9094-c50574723088", + "id": "abe78cd0-18ca-11e9-9094-c50574723088-ecs", "panelIndex": "7", - "type": "search", - "version": "7.0.0" + "winlog.api": "search", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -809,21 +809,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Host Dashboard", - "version": 1 + "title": "[Auditbeat System] Host Dashboard ECS", + "winlog.version": 1 }, - "id": "dfe62590-18da-11e9-9094-c50574723088", - "type": "dashboard", + "id": "dfe62590-18da-11e9-9094-c50574723088-ecs", + "winlog.api": "dashboard", "updated_at": "2019-02-04T11:25:58.146Z", - "version": 28 + "winlog.version": 28 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json index 4125daa9159a..217385972bfc 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Login Count [Auditbeat System]", + "title": "Login Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -52,7 +52,7 @@ "customLabel": "Login Events" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -81,16 +81,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Login Count [Auditbeat System]", - "type": "metric" + "title": "Login Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:44:50.914Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -110,16 +110,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -132,9 +132,9 @@ } } }, - "title": "Login Actions [Auditbeat System]", + "title": "Login Actions [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -142,7 +142,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -158,7 +158,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -172,16 +172,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Login Actions [Auditbeat System]", - "type": "pie" + "title": "Login Actions [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:04:51.914Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -201,16 +201,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -227,16 +227,16 @@ "negate": false, "params": { "query": "success", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "success" }, "query": { "match": { "event.outcome": { "query": "success", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -249,7 +249,7 @@ } } }, - "title": "Login Success Table [Auditbeat System]", + "title": "Login Success Table [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -260,7 +260,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -270,7 +270,7 @@ "customLabel": "Successful Logins" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -287,7 +287,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -301,14 +301,14 @@ }, "totalFunc": "sum" }, - "title": "Login Success Table [Auditbeat System]", - "type": "table" + "title": "Login Success Table [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "5eb5f250-285e-11e9-805f-43bf57dfa519", - "type": "visualization", + "id": "5eb5f250-285e-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:22:44.444Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -328,16 +328,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -354,16 +354,16 @@ "negate": false, "params": { "query": "failure", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "failure" }, "query": { "match": { "event.outcome": { "query": "failure", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -376,7 +376,7 @@ } } }, - "title": "Login Failures Table [Auditbeat System]", + "title": "Login Failures Table [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -387,7 +387,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -397,7 +397,7 @@ "customLabel": "Failed Logins" }, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -414,7 +414,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -428,14 +428,14 @@ }, "totalFunc": "sum" }, - "title": "Login Failures Table [Auditbeat System]", - "type": "table" + "title": "Login Failures Table [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "a1951650-285e-11e9-805f-43bf57dfa519", - "type": "visualization", + "id": "a1951650-285e-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:24:11.445Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -455,16 +455,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -477,9 +477,9 @@ } } }, - "title": "Login Event Histogram [Auditbeat System]", + "title": "Login Event Histogram [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -487,7 +487,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -503,7 +503,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -519,12 +519,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -544,12 +544,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -563,25 +563,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, - "title": "Login Event Histogram [Auditbeat System]", - "type": "histogram" + "title": "Login Event Histogram [Auditbeat System] ECS", + "winlog.api": "histogram" } }, - "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519", - "type": "visualization", + "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:26:04.254Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -608,16 +608,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -629,20 +629,20 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Login Events [Auditbeat System]", - "version": 1 + "title": "Login Events [Auditbeat System] ECS", + "winlog.version": 1 }, - "id": "2e04c720-285f-11e9-805f-43bf57dfa519", - "type": "search", + "id": "2e04c720-285f-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "search", "updated_at": "2019-02-04T09:28:07.058Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -662,16 +662,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -684,9 +684,9 @@ } } }, - "title": "Login OS Distribution [Auditbeat System]", + "title": "Login OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -696,7 +696,7 @@ "field": "host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -713,7 +713,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -729,7 +729,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -743,16 +743,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Login OS Distribution [Auditbeat System]", - "type": "pie" + "title": "Login OS Distribution [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519", - "type": "visualization", + "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:40:30.122Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -766,24 +766,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", - "type": "markdown" + "title": "Dashboard Links [Auditbeat System] ECS", + "winlog.api": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -813,10 +813,10 @@ "x": 0, "y": 4 }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -827,10 +827,10 @@ "x": 8, "y": 4 }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -841,10 +841,10 @@ "x": 28, "y": 4 }, - "id": "5eb5f250-285e-11e9-805f-43bf57dfa519", + "id": "5eb5f250-285e-11e9-805f-43bf57dfa519-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -855,10 +855,10 @@ "x": 38, "y": 4 }, - "id": "a1951650-285e-11e9-805f-43bf57dfa519", + "id": "a1951650-285e-11e9-805f-43bf57dfa519-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -869,10 +869,10 @@ "x": 0, "y": 14 }, - "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519", + "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -883,10 +883,10 @@ "x": 0, "y": 23 }, - "id": "2e04c720-285f-11e9-805f-43bf57dfa519", + "id": "2e04c720-285f-11e9-805f-43bf57dfa519-ecs", "panelIndex": "7", - "type": "search", - "version": "7.0.0" + "winlog.api": "search", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -897,10 +897,10 @@ "x": 18, "y": 4 }, - "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519", + "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -911,21 +911,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "9", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Login Dashboard", - "version": 1 + "title": "[Auditbeat System] Login Dashboard ECS", + "winlog.version": 1 }, - "id": "2a17f200-285e-11e9-805f-43bf57dfa519", - "type": "dashboard", + "id": "2a17f200-285e-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "dashboard", "updated_at": "2019-02-04T11:38:50.007Z", - "version": 6 + "winlog.version": 6 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json index 3d43f14b2bdb..3ca1fbc47c89 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Host Count [Auditbeat System]", + "title": "Host Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Host Count [Auditbeat System]", - "type": "metric" + "title": "Host Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", - "type": "visualization", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:37:18.796Z", - "version": 22 + "winlog.version": 22 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -133,9 +133,9 @@ } } }, - "title": "Process Count [Auditbeat System]", + "title": "Process Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -146,7 +146,7 @@ "field": "process.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -175,16 +175,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Process Count [Auditbeat System]", - "type": "metric" + "title": "Process Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:24:39.030Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -204,16 +204,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -226,9 +226,9 @@ } } }, - "title": "Socket Count [Auditbeat System]", + "title": "Socket Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -239,7 +239,7 @@ "field": "socket.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -268,16 +268,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Socket Count [Auditbeat System]", - "type": "metric" + "title": "Socket Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:29:47.881Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -297,16 +297,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -319,9 +319,9 @@ } } }, - "title": "User Count [Auditbeat System]", + "title": "User Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -332,7 +332,7 @@ "field": "user.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -361,16 +361,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "User Count [Auditbeat System]", - "type": "metric" + "title": "User Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:35:48.640Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -390,16 +390,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -412,9 +412,9 @@ } } }, - "title": "Package Count [Auditbeat System]", + "title": "Package Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -425,7 +425,7 @@ "field": "system.audit.package.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -454,16 +454,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Package Count [Auditbeat System]", - "type": "metric" + "title": "Package Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:40:37.585Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -483,16 +483,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -505,9 +505,9 @@ } } }, - "title": "Login Count [Auditbeat System]", + "title": "Login Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -517,7 +517,7 @@ "customLabel": "Login Events" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -546,16 +546,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Login Count [Auditbeat System]", - "type": "metric" + "title": "Login Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:44:50.914Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -575,16 +575,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -597,9 +597,9 @@ } } }, - "title": "OS Distribution [Auditbeat System]", + "title": "OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -609,7 +609,7 @@ "field": "system.audit.host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -626,7 +626,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -642,7 +642,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -656,16 +656,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "OS Distribution [Auditbeat System]", - "type": "pie" + "title": "OS Distribution [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", - "type": "visualization", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-01-21T11:37:35.796Z", - "version": 24 + "winlog.version": 24 }, { "attributes": { @@ -685,16 +685,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -707,9 +707,9 @@ } } }, - "title": "Login Actions [Auditbeat System]", + "title": "Login Actions [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -717,7 +717,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -733,7 +733,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -747,16 +747,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Login Actions [Auditbeat System]", - "type": "pie" + "title": "Login Actions [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:04:51.914Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -776,16 +776,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -802,16 +802,16 @@ "negate": true, "params": { "query": "existing_user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "existing_user" }, "query": { "match": { "event.action": { "query": "existing_user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -824,9 +824,9 @@ } } }, - "title": "User Changes [Auditbeat System]", + "title": "User Changes [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -836,7 +836,7 @@ "customLabel": "User Changes" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -865,16 +865,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "User Changes [Auditbeat System]", - "type": "metric" + "title": "User Changes [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:38:11.314Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -894,16 +894,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -920,16 +920,16 @@ "negate": false, "params": { "query": "process_started", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process_started" }, "query": { "match": { "event.action": { "query": "process_started", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -942,9 +942,9 @@ } } }, - "title": "Process Starts [Auditbeat System]", + "title": "Process Starts [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -954,7 +954,7 @@ "customLabel": "Started" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -983,16 +983,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Process Starts [Auditbeat System]", - "type": "metric" + "title": "Process Starts [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:45:42.195Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1012,16 +1012,16 @@ "negate": false, "params": { "query": "process_stopped", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process_stopped" }, "query": { "match": { "event.action": { "query": "process_stopped", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1038,16 +1038,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1060,9 +1060,9 @@ } } }, - "title": "Process Stops [Auditbeat System]", + "title": "Process Stops [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1072,7 +1072,7 @@ "customLabel": "Stopped" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -1101,16 +1101,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Process Stops [Auditbeat System]", - "type": "metric" + "title": "Process Stops [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:50:28.750Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1130,16 +1130,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1156,16 +1156,16 @@ "negate": false, "params": { "query": "socket_opened", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket_opened" }, "query": { "match": { "event.action": { "query": "socket_opened", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1178,9 +1178,9 @@ } } }, - "title": "Sockets Opened [Auditbeat System]", + "title": "Sockets Opened [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1190,7 +1190,7 @@ "customLabel": "Opened" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -1219,16 +1219,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Sockets Opened [Auditbeat System]", - "type": "metric" + "title": "Sockets Opened [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:47:58.605Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1248,16 +1248,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1274,16 +1274,16 @@ "negate": false, "params": { "query": "socket_closed", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket_closed" }, "query": { "match": { "event.action": { "query": "socket_closed", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1296,9 +1296,9 @@ } } }, - "title": "Sockets Closed [Auditbeat System]", + "title": "Sockets Closed [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1308,7 +1308,7 @@ "customLabel": "Closed" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -1337,16 +1337,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Sockets Closed [Auditbeat System]", - "type": "metric" + "title": "Sockets Closed [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:48:58.668Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1366,16 +1366,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1392,16 +1392,16 @@ "negate": true, "params": { "query": "existing_package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "existing_package" }, "query": { "match": { "event.action": { "query": "existing_package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1414,9 +1414,9 @@ } } }, - "title": "Package Changes [Auditbeat System]", + "title": "Package Changes [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1426,7 +1426,7 @@ "customLabel": "Changes" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -1455,16 +1455,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Package Changes [Auditbeat System]", - "type": "metric" + "title": "Package Changes [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", - "type": "visualization", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:44:06.826Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1484,16 +1484,16 @@ "negate": false, "params": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1510,16 +1510,16 @@ "negate": false, "params": { "query": "event", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "event" }, "query": { "match": { "event.kind": { "query": "event", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1532,9 +1532,9 @@ } } }, - "title": "System Event Histogram [Auditbeat System]", + "title": "System Event Histogram [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1542,7 +1542,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -1558,7 +1558,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -1574,12 +1574,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -1599,12 +1599,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -1618,25 +1618,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, - "title": "System Event Histogram [Auditbeat System]", - "type": "histogram" + "title": "System Event Histogram [Auditbeat System] ECS", + "winlog.api": "histogram" } }, - "id": "54135e50-27ff-11e9-805f-43bf57dfa519", - "type": "visualization", + "id": "54135e50-27ff-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T22:01:59.221Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1656,16 +1656,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1678,7 +1678,7 @@ } } }, - "title": "Host List [Auditbeat System]", + "title": "Host List [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -1689,7 +1689,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1707,7 +1707,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -1721,7 +1721,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -1735,7 +1735,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -1749,7 +1749,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -1763,7 +1763,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" }, { "enabled": true, @@ -1777,7 +1777,7 @@ "sortOrder": "desc" }, "schema": "metric", - "type": "top_hits" + "winlog.api": "top_hits" } ], "params": { @@ -1791,14 +1791,14 @@ }, "totalFunc": "sum" }, - "title": "Host List [Auditbeat System]", - "type": "table" + "title": "Host List [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "91962a30-1901-11e9-9094-c50574723088", - "type": "visualization", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", + "winlog.api": "visualization", "updated_at": "2019-01-21T11:58:22.519Z", - "version": 25 + "winlog.version": 25 }, { "attributes": { @@ -1825,16 +1825,16 @@ "negate": false, "params": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1851,16 +1851,16 @@ "negate": false, "params": { "query": "event", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "event" }, "query": { "match": { "event.kind": { "query": "event", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1872,20 +1872,20 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "System Events [Auditbeat System]", - "version": 1 + "title": "System Events [Auditbeat System] ECS", + "winlog.version": 1 }, - "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519", - "type": "search", + "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "search", "updated_at": "2019-02-03T22:17:10.090Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -1899,24 +1899,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", - "type": "markdown" + "title": "Dashboard Links [Auditbeat System] ECS", + "winlog.api": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -1937,16 +1937,16 @@ "negate": false, "params": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1963,16 +1963,16 @@ "negate": false, "params": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -1989,16 +1989,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -2015,16 +2015,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -2041,16 +2041,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -2067,16 +2067,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -2103,10 +2103,10 @@ "x": 0, "y": 4 }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2117,10 +2117,10 @@ "x": 24, "y": 4 }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2131,10 +2131,10 @@ "x": 32, "y": 4 }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2145,10 +2145,10 @@ "x": 16, "y": 4 }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2159,10 +2159,10 @@ "x": 40, "y": 4 }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2173,10 +2173,10 @@ "x": 8, "y": 4 }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2187,10 +2187,10 @@ "x": 0, "y": 12 }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2201,10 +2201,10 @@ "x": 8, "y": 12 }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", "panelIndex": "9", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2215,10 +2215,10 @@ "x": 16, "y": 12 }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", "panelIndex": "10", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2229,10 +2229,10 @@ "x": 24, "y": 12 }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "11", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2243,10 +2243,10 @@ "x": 24, "y": 19 }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "12", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2257,10 +2257,10 @@ "x": 32, "y": 12 }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "13", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2271,10 +2271,10 @@ "x": 32, "y": 19 }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "14", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2285,10 +2285,10 @@ "x": 40, "y": 12 }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", "panelIndex": "15", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2299,10 +2299,10 @@ "x": 0, "y": 26 }, - "id": "54135e50-27ff-11e9-805f-43bf57dfa519", + "id": "54135e50-27ff-11e9-805f-43bf57dfa519-ecs", "panelIndex": "16", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2313,10 +2313,10 @@ "x": 0, "y": 34 }, - "id": "91962a30-1901-11e9-9094-c50574723088", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", "panelIndex": "17", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2327,10 +2327,10 @@ "x": 24, "y": 34 }, - "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519", + "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519-ecs", "panelIndex": "18", - "type": "search", - "version": "7.0.0" + "winlog.api": "search", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -2341,21 +2341,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "19", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] System Overview", - "version": 1 + "title": "[Auditbeat System] System Overview ECS", + "winlog.version": 1 }, - "id": "2be46cb0-27f2-11e9-89af-fd12d59dac90", - "type": "dashboard", + "id": "2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "dashboard", "updated_at": "2019-02-04T09:32:32.325Z", - "version": 9 + "winlog.version": 9 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json index 46dcaf1f714c..a8b42362e1a7 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json @@ -12,24 +12,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", - "type": "markdown" + "title": "Dashboard Links [Auditbeat System] ECS", + "winlog.api": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -49,16 +49,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -71,9 +71,9 @@ } } }, - "title": "Package Count [Auditbeat System]", + "title": "Package Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -84,7 +84,7 @@ "field": "system.audit.package.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -113,16 +113,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Package Count [Auditbeat System]", - "type": "metric" + "title": "Package Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:40:37.585Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -142,16 +142,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -168,16 +168,16 @@ "negate": true, "params": { "query": "existing_package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "existing_package" }, "query": { "match": { "event.action": { "query": "existing_package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -190,9 +190,9 @@ } } }, - "title": "Package Changes [Auditbeat System]", + "title": "Package Changes [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -202,7 +202,7 @@ "customLabel": "Changes" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -231,16 +231,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Package Changes [Auditbeat System]", - "type": "metric" + "title": "Package Changes [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", - "type": "visualization", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:44:06.826Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -260,16 +260,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -282,9 +282,9 @@ } } }, - "title": "Package OS Distribution [Auditbeat System]", + "title": "Package OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -294,7 +294,7 @@ "field": "host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -311,7 +311,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -327,7 +327,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -341,16 +341,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Package OS Distribution [Auditbeat System]", - "type": "pie" + "title": "Package OS Distribution [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "6ed51940-2868-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "6ed51940-2868-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:34:21.268Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -370,16 +370,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -396,16 +396,16 @@ "negate": false, "params": { "query": "event", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "event" }, "query": { "match": { "event.kind": { "query": "event", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -418,9 +418,9 @@ } } }, - "title": "Package Change Actions [Auditbeat System]", + "title": "Package Change Actions [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -428,7 +428,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -444,7 +444,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -458,16 +458,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Package Change Actions [Auditbeat System]", - "type": "pie" + "title": "Package Change Actions [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "fe23f530-2868-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "fe23f530-2868-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:38:21.699Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -487,16 +487,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -509,9 +509,9 @@ } } }, - "title": "Package Document Histogram [Auditbeat System]", + "title": "Package Document Histogram [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -519,7 +519,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -535,7 +535,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -551,12 +551,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -576,12 +576,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -595,25 +595,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, - "title": "Package Document Histogram [Auditbeat System]", - "type": "histogram" + "title": "Package Document Histogram [Auditbeat System] ECS", + "winlog.api": "histogram" } }, - "id": "4e7701d0-2869-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "4e7701d0-2869-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:40:36.461Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -639,16 +639,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -660,20 +660,20 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Package Documents [Auditbeat System]", - "version": 1 + "title": "Package Documents [Auditbeat System] ECS", + "winlog.version": 1 }, - "id": "391ef230-2868-11e9-9d21-0be348776e6c", - "type": "search", + "id": "391ef230-2868-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "search", "updated_at": "2019-02-04T10:32:51.155Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -693,16 +693,16 @@ "negate": false, "params": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -715,7 +715,7 @@ } } }, - "title": "Package Names [Auditbeat System]", + "title": "Package Names [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -726,7 +726,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -734,7 +734,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -750,7 +750,7 @@ "size": 25 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -764,14 +764,14 @@ }, "totalFunc": "sum" }, - "title": "Package Names [Auditbeat System]", - "type": "table" + "title": "Package Names [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "8dc55df0-2869-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "8dc55df0-2869-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:45:22.440Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -801,10 +801,10 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -815,10 +815,10 @@ "x": 0, "y": 4 }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -829,10 +829,10 @@ "x": 6, "y": 4 }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -843,10 +843,10 @@ "x": 24, "y": 4 }, - "id": "6ed51940-2868-11e9-9d21-0be348776e6c", + "id": "6ed51940-2868-11e9-9d21-0be348776e6c-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -857,10 +857,10 @@ "x": 11, "y": 4 }, - "id": "fe23f530-2868-11e9-9d21-0be348776e6c", + "id": "fe23f530-2868-11e9-9d21-0be348776e6c-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -871,10 +871,10 @@ "x": 0, "y": 15 }, - "id": "4e7701d0-2869-11e9-9d21-0be348776e6c", + "id": "4e7701d0-2869-11e9-9d21-0be348776e6c-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -885,10 +885,10 @@ "x": 0, "y": 23 }, - "id": "391ef230-2868-11e9-9d21-0be348776e6c", + "id": "391ef230-2868-11e9-9d21-0be348776e6c-ecs", "panelIndex": "7", - "type": "search", - "version": "7.0.0" + "winlog.api": "search", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -899,21 +899,21 @@ "x": 37, "y": 4 }, - "id": "8dc55df0-2869-11e9-9d21-0be348776e6c", + "id": "8dc55df0-2869-11e9-9d21-0be348776e6c-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Package Dashboard", - "version": 1 + "title": "[Auditbeat System] Package Dashboard ECS", + "winlog.version": 1 }, - "id": "137c52f0-286a-11e9-9d21-0be348776e6c", - "type": "dashboard", + "id": "137c52f0-286a-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "dashboard", "updated_at": "2019-02-04T11:03:23.945Z", - "version": 2 + "winlog.version": 2 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json index 6ffee4042df1..b1eb3f6f6945 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Process Count [Auditbeat System]", + "title": "Process Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "process.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Process Count [Auditbeat System]", - "type": "metric" + "title": "Process Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:24:39.030Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -137,16 +137,16 @@ "negate": false, "params": { "query": "process_started", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process_started" }, "query": { "match": { "event.action": { "query": "process_started", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -159,9 +159,9 @@ } } }, - "title": "Process Starts [Auditbeat System]", + "title": "Process Starts [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -171,7 +171,7 @@ "customLabel": "Started" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -200,16 +200,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Process Starts [Auditbeat System]", - "type": "metric" + "title": "Process Starts [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:45:42.195Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -229,16 +229,16 @@ "negate": false, "params": { "query": "process_stopped", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process_stopped" }, "query": { "match": { "event.action": { "query": "process_stopped", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -255,16 +255,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -277,9 +277,9 @@ } } }, - "title": "Process Stops [Auditbeat System]", + "title": "Process Stops [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -289,7 +289,7 @@ "customLabel": "Stopped" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -318,16 +318,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Process Stops [Auditbeat System]", - "type": "metric" + "title": "Process Stops [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:50:28.750Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -355,16 +355,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -376,20 +376,20 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Process Events [Auditbeat System]", - "version": 1 + "title": "Process Events [Auditbeat System] ECS", + "winlog.version": 1 }, - "id": "0f9611b0-2862-11e9-97cb-474beda9f119", - "type": "search", + "id": "0f9611b0-2862-11e9-97cb-474beda9f119-ecs", + "winlog.api": "search", "updated_at": "2019-02-04T09:48:44.490Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -409,16 +409,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -431,9 +431,9 @@ } } }, - "title": "Process OS Distribution [Auditbeat System]", + "title": "Process OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -443,7 +443,7 @@ "field": "host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -460,7 +460,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -476,7 +476,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -490,16 +490,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Process OS Distribution [Auditbeat System]", - "type": "pie" + "title": "Process OS Distribution [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "91708fd0-2862-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "91708fd0-2862-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:52:22.349Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -519,16 +519,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -541,9 +541,9 @@ } } }, - "title": "Process Event Histogram [Auditbeat System]", + "title": "Process Event Histogram [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -551,7 +551,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -567,7 +567,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -583,12 +583,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -608,12 +608,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -627,25 +627,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, - "title": "Process Event Histogram [Auditbeat System]", - "type": "histogram" + "title": "Process Event Histogram [Auditbeat System] ECS", + "winlog.api": "histogram" } }, - "id": "b1e2af00-2862-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "b1e2af00-2862-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:53:16.784Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -665,16 +665,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -687,7 +687,7 @@ } } }, - "title": "Process Names [Auditbeat System]", + "title": "Process Names [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -698,7 +698,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -716,14 +716,14 @@ "size": 8 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -737,14 +737,14 @@ }, "totalFunc": "sum" }, - "title": "Process Names [Auditbeat System]", - "type": "table" + "title": "Process Names [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "f1d365a0-2862-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "f1d365a0-2862-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:56:33.249Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -764,16 +764,16 @@ "negate": false, "params": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -786,7 +786,7 @@ } } }, - "title": "Process Users [Auditbeat System]", + "title": "Process Users [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -797,7 +797,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -815,14 +815,14 @@ "size": 8 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -836,14 +836,14 @@ }, "totalFunc": "sum" }, - "title": "Process Users [Auditbeat System]", - "type": "table" + "title": "Process Users [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "30936470-2863-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "30936470-2863-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T09:56:49.335Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -857,24 +857,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", - "type": "markdown" + "title": "Dashboard Links [Auditbeat System] ECS", + "winlog.api": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -904,10 +904,10 @@ "x": 0, "y": 4 }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -918,10 +918,10 @@ "x": 11, "y": 4 }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -932,10 +932,10 @@ "x": 22, "y": 4 }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -946,10 +946,10 @@ "x": 0, "y": 38 }, - "id": "0f9611b0-2862-11e9-97cb-474beda9f119", + "id": "0f9611b0-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "4", - "type": "search", - "version": "7.0.0" + "winlog.api": "search", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -960,10 +960,10 @@ "x": 33, "y": 4 }, - "id": "91708fd0-2862-11e9-97cb-474beda9f119", + "id": "91708fd0-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -974,10 +974,10 @@ "x": 0, "y": 29 }, - "id": "b1e2af00-2862-11e9-97cb-474beda9f119", + "id": "b1e2af00-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "6", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -988,10 +988,10 @@ "x": 0, "y": 14 }, - "id": "f1d365a0-2862-11e9-97cb-474beda9f119", + "id": "f1d365a0-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1002,10 +1002,10 @@ "x": 24, "y": 14 }, - "id": "30936470-2863-11e9-97cb-474beda9f119", + "id": "30936470-2863-11e9-97cb-474beda9f119-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1016,21 +1016,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "9", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Process Dashboard", - "version": 1 + "title": "[Auditbeat System] Process Dashboard ECS", + "winlog.version": 1 }, - "id": "4c68f110-2863-11e9-97cb-474beda9f119", - "type": "dashboard", + "id": "4c68f110-2863-11e9-97cb-474beda9f119-ecs", + "winlog.api": "dashboard", "updated_at": "2019-02-04T10:13:58.155Z", - "version": 2 + "winlog.version": 2 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json index 2ecb25fd7000..70305be6dbe5 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json @@ -12,24 +12,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", - "type": "markdown" + "title": "Dashboard Links [Auditbeat System] ECS", + "winlog.api": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -49,16 +49,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -71,9 +71,9 @@ } } }, - "title": "Socket Count [Auditbeat System]", + "title": "Socket Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -84,7 +84,7 @@ "field": "socket.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -113,16 +113,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Socket Count [Auditbeat System]", - "type": "metric" + "title": "Socket Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:29:47.881Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -142,16 +142,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -168,16 +168,16 @@ "negate": false, "params": { "query": "socket_opened", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket_opened" }, "query": { "match": { "event.action": { "query": "socket_opened", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -190,9 +190,9 @@ } } }, - "title": "Sockets Opened [Auditbeat System]", + "title": "Sockets Opened [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -202,7 +202,7 @@ "customLabel": "Opened" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -231,16 +231,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Sockets Opened [Auditbeat System]", - "type": "metric" + "title": "Sockets Opened [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:47:58.605Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -260,16 +260,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -286,16 +286,16 @@ "negate": false, "params": { "query": "socket_closed", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket_closed" }, "query": { "match": { "event.action": { "query": "socket_closed", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -308,9 +308,9 @@ } } }, - "title": "Sockets Closed [Auditbeat System]", + "title": "Sockets Closed [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -320,7 +320,7 @@ "customLabel": "Closed" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -349,16 +349,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "Sockets Closed [Auditbeat System]", - "type": "metric" + "title": "Sockets Closed [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:48:58.668Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -378,16 +378,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -400,9 +400,9 @@ } } }, - "title": "Socket Types [Auditbeat System]", + "title": "Socket Types [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -410,7 +410,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -426,7 +426,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -440,16 +440,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Socket Types [Auditbeat System]", - "type": "pie" + "title": "Socket Types [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:23:30.893Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -476,16 +476,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -497,20 +497,20 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Socket Documents [Auditbeat System]", - "version": 1 + "title": "Socket Documents [Auditbeat System] ECS", + "winlog.version": 1 }, - "id": "3bfed610-2867-11e9-9d21-0be348776e6c", - "type": "search", + "id": "3bfed610-2867-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "search", "updated_at": "2019-02-04T10:25:46.481Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -530,16 +530,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -552,9 +552,9 @@ } } }, - "title": "Socket Document Histogram [Auditbeat System]", + "title": "Socket Document Histogram [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -562,7 +562,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -578,7 +578,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -594,12 +594,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -619,12 +619,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -638,25 +638,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, - "title": "Socket Document Histogram [Auditbeat System]", - "type": "histogram" + "title": "Socket Document Histogram [Auditbeat System] ECS", + "winlog.api": "histogram" } }, - "id": "536fa900-2867-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "536fa900-2867-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:26:25.808Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -676,16 +676,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -698,7 +698,7 @@ } } }, - "title": "Socket Users [Auditbeat System]", + "title": "Socket Users [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -709,7 +709,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -717,7 +717,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -733,7 +733,7 @@ "size": 8 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -747,14 +747,14 @@ }, "totalFunc": "sum" }, - "title": "Socket Users [Auditbeat System]", - "type": "table" + "title": "Socket Users [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "78391460-2867-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "78391460-2867-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:27:27.526Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -774,16 +774,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -796,7 +796,7 @@ } } }, - "title": "Destination Ports [Auditbeat System]", + "title": "Destination Ports [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -807,7 +807,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -815,7 +815,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -831,7 +831,7 @@ "size": 30 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -845,14 +845,14 @@ }, "totalFunc": "sum" }, - "title": "Destination Ports [Auditbeat System]", - "type": "table" + "title": "Destination Ports [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "1771daa0-286b-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "1771daa0-286b-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:56:23.379Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -872,16 +872,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -894,7 +894,7 @@ } } }, - "title": "Socket Source IPs [Auditbeat System]", + "title": "Socket Source IPs [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -905,7 +905,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -913,7 +913,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -929,7 +929,7 @@ "size": 30 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -943,14 +943,14 @@ }, "totalFunc": "sum" }, - "title": "Socket Source IPs [Auditbeat System]", - "type": "table" + "title": "Socket Source IPs [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "b899a700-286b-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "b899a700-286b-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:57:53.520Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -970,16 +970,16 @@ "negate": false, "params": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -992,7 +992,7 @@ } } }, - "title": "Socket Destination IPs [Auditbeat System]", + "title": "Socket Destination IPs [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -1003,7 +1003,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -1011,7 +1011,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -1027,7 +1027,7 @@ "size": 30 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -1041,14 +1041,14 @@ }, "totalFunc": "sum" }, - "title": "Socket Destination IPs [Auditbeat System]", - "type": "table" + "title": "Socket Destination IPs [Auditbeat System] ECS", + "winlog.api": "table" } }, - "id": "d32c0540-286b-11e9-9d21-0be348776e6c", - "type": "visualization", + "id": "d32c0540-286b-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:58:38.100Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -1078,10 +1078,10 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1092,10 +1092,10 @@ "x": 0, "y": 4 }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1106,10 +1106,10 @@ "x": 5, "y": 4 }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1120,10 +1120,10 @@ "x": 10, "y": 4 }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1134,10 +1134,10 @@ "x": 15, "y": 4 }, - "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c", + "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1148,10 +1148,10 @@ "x": 0, "y": 23 }, - "id": "3bfed610-2867-11e9-9d21-0be348776e6c", + "id": "3bfed610-2867-11e9-9d21-0be348776e6c-ecs", "panelIndex": "6", - "type": "search", - "version": "7.0.0" + "winlog.api": "search", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1162,10 +1162,10 @@ "x": 0, "y": 15 }, - "id": "536fa900-2867-11e9-9d21-0be348776e6c", + "id": "536fa900-2867-11e9-9d21-0be348776e6c-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1176,10 +1176,10 @@ "x": 42, "y": 4 }, - "id": "78391460-2867-11e9-9d21-0be348776e6c", + "id": "78391460-2867-11e9-9d21-0be348776e6c-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1190,10 +1190,10 @@ "x": 36, "y": 4 }, - "id": "1771daa0-286b-11e9-9d21-0be348776e6c", + "id": "1771daa0-286b-11e9-9d21-0be348776e6c-ecs", "panelIndex": "9", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1204,10 +1204,10 @@ "x": 24, "y": 4 }, - "id": "b899a700-286b-11e9-9d21-0be348776e6c", + "id": "b899a700-286b-11e9-9d21-0be348776e6c-ecs", "panelIndex": "10", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -1218,21 +1218,21 @@ "x": 30, "y": 4 }, - "id": "d32c0540-286b-11e9-9d21-0be348776e6c", + "id": "d32c0540-286b-11e9-9d21-0be348776e6c-ecs", "panelIndex": "11", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Socket Dashboard", - "version": 1 + "title": "[Auditbeat System] Socket Dashboard ECS", + "winlog.version": 1 }, - "id": "957a3ef0-2867-11e9-9d21-0be348776e6c", - "type": "dashboard", + "id": "957a3ef0-2867-11e9-9d21-0be348776e6c-ecs", + "winlog.api": "dashboard", "updated_at": "2019-02-04T11:01:23.746Z", - "version": 3 + "winlog.version": 3 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json index 47efcb20e9f3..190c99b20947 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "User Count [Auditbeat System]", + "title": "User Count [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "user.entity_id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "User Count [Auditbeat System]", - "type": "metric" + "title": "User Count [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T20:35:48.640Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -137,16 +137,16 @@ "negate": true, "params": { "query": "existing_user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "existing_user" }, "query": { "match": { "event.action": { "query": "existing_user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -159,9 +159,9 @@ } } }, - "title": "User Changes [Auditbeat System]", + "title": "User Changes [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -171,7 +171,7 @@ "customLabel": "User Changes" }, "schema": "metric", - "type": "count" + "winlog.api": "count" } ], "params": { @@ -200,16 +200,16 @@ }, "useRanges": false }, - "type": "metric" + "winlog.api": "metric" }, - "title": "User Changes [Auditbeat System]", - "type": "metric" + "title": "User Changes [Auditbeat System] ECS", + "winlog.api": "metric" } }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-03T21:38:11.314Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -229,16 +229,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -255,16 +255,16 @@ "negate": true, "params": { "query": "existing_user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "existing_user" }, "query": { "match": { "event.action": { "query": "existing_user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -277,9 +277,9 @@ } } }, - "title": "User Change Actions [Auditbeat System]", + "title": "User Change Actions [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -287,7 +287,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -303,7 +303,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -317,16 +317,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "User Change Actions [Auditbeat System]", - "type": "pie" + "title": "User Change Actions [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "dc514de0-2863-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "dc514de0-2863-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:01:37.470Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -346,16 +346,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -368,9 +368,9 @@ } } }, - "title": "Password Types [Auditbeat System]", + "title": "Password Types [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -378,7 +378,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -394,7 +394,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -408,16 +408,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "Password Types [Auditbeat System]", - "type": "pie" + "title": "Password Types [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:02:57.420Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -437,16 +437,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -459,9 +459,9 @@ } } }, - "title": "User Documents Histogram [Auditbeat System]", + "title": "User Documents Histogram [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -469,7 +469,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -485,7 +485,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -501,12 +501,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -526,12 +526,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -545,25 +545,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, - "title": "User Documents Histogram [Auditbeat System]", - "type": "histogram" + "title": "User Documents Histogram [Auditbeat System] ECS", + "winlog.api": "histogram" } }, - "id": "30f4eff0-2864-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "30f4eff0-2864-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:03:59.471Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -590,16 +590,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -611,20 +611,20 @@ "language": "lucene", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "User Documents [Auditbeat System]", - "version": 1 + "title": "User Documents [Auditbeat System] ECS", + "winlog.version": 1 }, - "id": "658a3db0-2864-11e9-97cb-474beda9f119", - "type": "search", + "id": "658a3db0-2864-11e9-97cb-474beda9f119-ecs", + "winlog.api": "search", "updated_at": "2019-02-04T10:05:27.691Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -644,16 +644,16 @@ "negate": false, "params": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -666,9 +666,9 @@ } } }, - "title": "User OS Distribution [Auditbeat System]", + "title": "User OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -678,7 +678,7 @@ "field": "host.id" }, "schema": "metric", - "type": "cardinality" + "winlog.api": "cardinality" }, { "enabled": true, @@ -695,7 +695,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -711,7 +711,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -725,16 +725,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, - "title": "User OS Distribution [Auditbeat System]", - "type": "pie" + "title": "User OS Distribution [Auditbeat System] ECS", + "winlog.api": "pie" } }, - "id": "7f480de0-2864-11e9-97cb-474beda9f119", - "type": "visualization", + "id": "7f480de0-2864-11e9-97cb-474beda9f119-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T10:06:10.878Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -748,24 +748,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", - "type": "markdown" + "title": "Dashboard Links [Auditbeat System] ECS", + "winlog.api": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", - "type": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "winlog.api": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -795,10 +795,10 @@ "x": 0, "y": 4 }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -809,10 +809,10 @@ "x": 8, "y": 4 }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -823,10 +823,10 @@ "x": 26, "y": 4 }, - "id": "dc514de0-2863-11e9-97cb-474beda9f119", + "id": "dc514de0-2863-11e9-97cb-474beda9f119-ecs", "panelIndex": "3", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -837,10 +837,10 @@ "x": 37, "y": 4 }, - "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119", + "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "4", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -851,10 +851,10 @@ "x": 0, "y": 14 }, - "id": "30f4eff0-2864-11e9-97cb-474beda9f119", + "id": "30f4eff0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "5", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -865,10 +865,10 @@ "x": 0, "y": 23 }, - "id": "658a3db0-2864-11e9-97cb-474beda9f119", + "id": "658a3db0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "6", - "type": "search", - "version": "7.0.0" + "winlog.api": "search", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -879,10 +879,10 @@ "x": 16, "y": 4 }, - "id": "7f480de0-2864-11e9-97cb-474beda9f119", + "id": "7f480de0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "7", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" }, { "embeddableConfig": {}, @@ -893,21 +893,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0" + "winlog.api": "visualization", + "winlog.version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] User Dashboard", - "version": 1 + "title": "[Auditbeat System] User Dashboard ECS", + "winlog.version": 1 }, - "id": "ae96a660-2864-11e9-97cb-474beda9f119", - "type": "dashboard", + "id": "ae96a660-2864-11e9-97cb-474beda9f119-ecs", + "winlog.api": "dashboard", "updated_at": "2019-02-04T11:02:23.820Z", - "version": 3 + "winlog.version": 3 } ], - "version": "7.0.0" + "winlog.version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json index 066c8f162211..04b1e0cf882a 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json @@ -15,7 +15,7 @@ "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", "title": "Events Timeline [Filebeat Iptables] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -39,7 +39,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -55,12 +55,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -81,12 +81,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "area", + "winlog.api": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "area", + "winlog.api": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -100,25 +100,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Events Timeline [Filebeat Iptables] ECS", - "type": "area" + "winlog.api": "area" } }, "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T20:56:04.891Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -144,7 +144,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -152,7 +152,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -169,7 +169,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -184,13 +184,13 @@ "totalFunc": "sum" }, "title": "Top Source Countries [Filebeat Iptables] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -213,7 +213,7 @@ ], "mapZoom": 3 }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -221,7 +221,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -239,7 +239,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -270,13 +270,13 @@ } }, "title": "Source Map [Filebeat Iptables] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -293,7 +293,7 @@ "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", "title": "Destination Map [Filebeat Iptables] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -301,7 +301,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -319,7 +319,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -350,13 +350,13 @@ } }, "title": "Destination Map [Filebeat Iptables] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -377,7 +377,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -385,7 +385,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -401,7 +401,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -415,16 +415,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Network Type Breakdown [Filebeat Iptables] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -445,7 +445,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -453,7 +453,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -469,7 +469,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -483,16 +483,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Network Transport Breakdown [Filebeat Iptables] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -518,7 +518,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -526,7 +526,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -543,7 +543,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -558,13 +558,13 @@ "totalFunc": "sum" }, "title": "Top Destination Ports [Filebeat Iptables] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -582,7 +582,7 @@ "language": "kuery", "query": "iptables.length :*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -590,12 +590,12 @@ "desc" ], "title": "Events Search [Filebeat Iptables] ECS", - "version": 1 + "winlog.version": 1 }, "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-23T20:51:02.293Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -631,8 +631,8 @@ }, "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -645,8 +645,8 @@ }, "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": { @@ -665,8 +665,8 @@ }, "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": { @@ -685,8 +685,8 @@ }, "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -699,8 +699,8 @@ }, "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -713,8 +713,8 @@ }, "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -727,8 +727,8 @@ }, "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -741,19 +741,19 @@ }, "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "8", - "type": "search", - "version": "6.6.0" + "winlog.api": "search", + "winlog.version": "6.6.0" } ], "timeRestore": false, "title": "[Filebeat Iptables] Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "ceefb9e0-1f51-11e9-93ed-f7e068f4aebb-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-23T20:59:43.614Z", - "version": 1 + "winlog.version": 1 } ], - "version": "6.6.0" + "winlog.version": "6.6.0" } diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json index 94b0e96fab8f..a137daeec3c1 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json @@ -22,7 +22,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -30,7 +30,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -51,7 +51,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -67,7 +67,7 @@ "size": 5 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -83,12 +83,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -108,12 +108,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -127,25 +127,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T16:37:11.788Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -171,7 +171,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -179,7 +179,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -196,7 +196,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -211,13 +211,13 @@ "totalFunc": "sum" }, "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T16:06:20.635Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -234,7 +234,7 @@ "savedSearchId": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -242,7 +242,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -260,7 +260,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -291,13 +291,13 @@ } }, "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T15:04:34.005Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -320,7 +320,7 @@ ], "mapZoom": 3 }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -328,7 +328,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -346,7 +346,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -377,13 +377,13 @@ } }, "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T15:50:31.689Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -412,7 +412,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -420,7 +420,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -436,7 +436,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -452,7 +452,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -468,7 +468,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -482,16 +482,16 @@ "values": false }, "legendPosition": "top", - "type": "pie" + "winlog.api": "pie" }, "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T16:27:50.397Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -509,7 +509,7 @@ "language": "kuery", "query": "iptables.ubiquiti.rule_set :*" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -517,12 +517,12 @@ "desc" ], "title": "Ubiquiti Firewall Events [Filebeat Iptables] ECS", - "version": 1 + "winlog.version": 1 }, "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-24T12:37:10.858Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -548,7 +548,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -556,7 +556,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -574,7 +574,7 @@ "size": 5 }, "schema": "split", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -591,7 +591,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -606,13 +606,13 @@ "totalFunc": "sum" }, "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-24T16:35:45.413Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -630,7 +630,7 @@ "language": "kuery", "query": "iptables.ubiquiti.rule_set :* and event.outcome : \"deny\"" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -638,12 +638,12 @@ "desc" ], "title": "Ubiquiti Firewall Blocked Events [Filebeat Iptables] ECS", - "version": 1 + "winlog.version": 1 }, "id": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-24T15:35:33.942Z", - "version": 2 + "winlog.version": 2 }, { "attributes": { @@ -661,7 +661,7 @@ "language": "kuery", "query": "iptables.ubiquiti.rule_set :* and event.outcome : \"allow\"" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -669,12 +669,12 @@ "desc" ], "title": "Ubiquiti Firewall Allowed Events [Filebeat Iptables] ECS", - "version": 1 + "winlog.version": 1 }, "id": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2019-01-24T15:04:12.010Z", - "version": 3 + "winlog.version": 3 }, { "attributes": { @@ -715,8 +715,8 @@ "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "1", "title": "Event Timeline", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -730,8 +730,8 @@ "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "2", "title": "Top Blocked by source IP", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": { @@ -751,8 +751,8 @@ "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "3", "title": "Allowed Traffic Map", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": { @@ -772,8 +772,8 @@ "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "4", "title": "Blocked Traffic Map", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": { @@ -800,8 +800,8 @@ "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "5", "title": "Traffic Breakdown by Protocol", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -815,8 +815,8 @@ "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "6", "title": "Event View", - "type": "search", - "version": "6.6.0" + "winlog.api": "search", + "winlog.version": "6.6.0" }, { "embeddableConfig": {}, @@ -830,19 +830,19 @@ "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "7", "title": "Traffic Breakdown by Port", - "type": "visualization", - "version": "6.6.0" + "winlog.api": "visualization", + "winlog.version": "6.6.0" } ], "timeRestore": false, "title": "[Filebeat Iptables] Ubiquiti Firewall Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "d39f0980-1ff3-11e9-ae2a-939083c6a64e-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-24T16:38:35.174Z", - "version": 4 + "winlog.version": 4 } ], - "version": "6.6.0" + "winlog.version": "6.6.0" } diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json index be3bc3db964b..f4cdc75313e6 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json @@ -15,7 +15,7 @@ "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "title": "Top Alerting Hosts [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -52,7 +52,7 @@ "size": 10 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -68,12 +68,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -93,12 +93,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -112,25 +112,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Top Alerting Hosts [Suricata] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -156,7 +156,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -164,7 +164,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -181,7 +181,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" }, { "enabled": true, @@ -198,7 +198,7 @@ "size": 5 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -213,13 +213,13 @@ "totalFunc": "sum" }, "title": "Top Alert Signatures [Suricata] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -250,16 +250,16 @@ "negate": false, "params": { "query": "alert", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "alert" }, "query": { "match": { "suricata.eve.event_type": { "query": "alert", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -276,16 +276,16 @@ "negate": false, "params": { "query": "suricata", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "suricata" }, "query": { "match": { "event.module": { "query": "suricata", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -297,7 +297,7 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -305,12 +305,12 @@ "desc" ], "title": "Alerts [Suricata] ECS", - "version": 1 + "winlog.version": 1 }, "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -327,7 +327,7 @@ "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "title": "Alert - Source Location [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -335,7 +335,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -353,7 +353,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -396,13 +396,13 @@ } }, "title": "Alert - Source Location [Suricata] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -419,7 +419,7 @@ "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "title": "Alert - Destination Location [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -427,7 +427,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -445,7 +445,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -488,13 +488,13 @@ } }, "title": "Alert - Destination Location [Suricata] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -520,7 +520,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -528,7 +528,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -545,7 +545,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -560,13 +560,13 @@ "totalFunc": "sum" }, "title": "Alerts - Top Destination Countries [Suricata] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -592,7 +592,7 @@ } } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -600,7 +600,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -617,7 +617,7 @@ "size": 10 }, "schema": "bucket", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -632,13 +632,13 @@ "totalFunc": "sum" }, "title": "Alerts - Top Source Countries [Suricata] ECS", - "type": "table" + "winlog.api": "table" } }, "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -652,7 +652,7 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -672,8 +672,8 @@ }, "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -686,8 +686,8 @@ }, "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -700,8 +700,8 @@ }, "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "panelIndex": "3", - "type": "search", - "version": "6.3.0" + "winlog.api": "search", + "winlog.version": "6.3.0" }, { "embeddableConfig": { @@ -720,8 +720,8 @@ }, "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": { @@ -740,8 +740,8 @@ }, "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -754,8 +754,8 @@ }, "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -768,19 +768,19 @@ }, "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" } ], "timeRestore": false, "title": "[Suricata] Alert Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "05268ee0-86d1-11e8-b59d-21efb914e65c-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-11-07T22:56:23.933Z", - "version": 1 + "winlog.version": 1 } ], - "version": "6.4.3" + "winlog.version": "6.4.3" } diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json index d80d29f4aebf..cd692e29de3e 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json @@ -15,7 +15,7 @@ "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "title": "Activity Types over Time [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -52,7 +52,7 @@ "size": 20 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -68,12 +68,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -93,12 +93,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -112,25 +112,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Activity Types over Time [Suricata] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -147,7 +147,7 @@ "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "title": "Event Types [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -155,7 +155,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -171,7 +171,7 @@ "size": 20 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -185,16 +185,16 @@ "values": true }, "legendPosition": "bottom", - "type": "pie" + "winlog.api": "pie" }, "title": "Event Types [Suricata] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -211,7 +211,7 @@ "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "title": "Top Application Protocols [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -219,7 +219,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -235,7 +235,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -249,16 +249,16 @@ "values": true }, "legendPosition": "bottom", - "type": "pie" + "winlog.api": "pie" }, "title": "Top Application Protocols [Suricata] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -275,7 +275,7 @@ "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "title": "Top Hosts Generating Events [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -283,7 +283,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -296,7 +296,7 @@ "min_doc_count": 1 }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" }, { "enabled": true, @@ -312,7 +312,7 @@ "size": 10 }, "schema": "group", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -328,12 +328,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -353,12 +353,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "type": "histogram", + "winlog.api": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "histogram", + "winlog.api": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -372,25 +372,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Top Hosts Generating Events [Suricata] ECS", - "type": "histogram" + "winlog.api": "histogram" } }, "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -423,16 +423,16 @@ "negate": true, "params": { "query": "stats", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "stats" }, "query": { "match": { "suricata.eve.event_type": { "query": "stats", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -449,16 +449,16 @@ "negate": false, "params": { "query": "suricata", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "suricata" }, "query": { "match": { "event.module": { "query": "suricata", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -470,7 +470,7 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -478,12 +478,12 @@ "desc" ], "title": "Events [Suricata] ECS", - "version": 1 + "winlog.version": 1 }, "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -500,7 +500,7 @@ "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "title": "Top Connection Source Countries [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -508,7 +508,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -525,7 +525,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -536,13 +536,13 @@ "showLabel": true }, "title": "Top Connection Source Countries [Suricata] ECS", - "type": "tagcloud" + "winlog.api": "tagcloud" } }, "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -559,7 +559,7 @@ "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "title": "Top Connection Destination Countries [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -567,7 +567,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -584,7 +584,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -595,13 +595,13 @@ "showLabel": true }, "title": "Top Connection Destination Countries [Suricata] ECS", - "type": "tagcloud" + "winlog.api": "tagcloud" } }, "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -618,7 +618,7 @@ "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "title": "Top Network Protocols [Suricata] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -626,7 +626,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -642,7 +642,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -656,16 +656,16 @@ "values": true }, "legendPosition": "bottom", - "type": "pie" + "winlog.api": "pie" }, "title": "Top Network Protocols [Suricata] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -695,16 +695,16 @@ "negate": false, "params": { "query": "stats", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "stats" }, "query": { "match": { "suricata.eve.event_type": { "query": "stats", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -721,16 +721,16 @@ "negate": false, "params": { "query": "suricata", - "type": "phrase" + "winlog.api": "phrase" }, - "type": "phrase", + "winlog.api": "phrase", "value": "suricata" }, "query": { "match": { "event.module": { "query": "suricata", - "type": "phrase" + "winlog.api": "phrase" } } } @@ -742,7 +742,7 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "sort": [ @@ -750,12 +750,12 @@ "desc" ], "title": "Host Stats [Suricata] ECS", - "version": 1 + "winlog.version": 1 }, "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", - "type": "search", + "winlog.api": "search", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -769,7 +769,7 @@ "language": "kuery", "query": "" }, - "version": true + "winlog.version": true } }, "optionsJSON": { @@ -789,8 +789,8 @@ }, "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -803,8 +803,8 @@ }, "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -817,8 +817,8 @@ }, "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -831,8 +831,8 @@ }, "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -845,8 +845,8 @@ }, "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "5", - "type": "search", - "version": "6.3.0" + "winlog.api": "search", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -859,8 +859,8 @@ }, "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -873,8 +873,8 @@ }, "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -887,8 +887,8 @@ }, "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.3.0" + "winlog.api": "visualization", + "winlog.version": "6.3.0" }, { "embeddableConfig": {}, @@ -901,19 +901,19 @@ }, "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", "panelIndex": "9", - "type": "search", - "version": "6.3.0" + "winlog.api": "search", + "winlog.version": "6.3.0" } ], "timeRestore": false, "title": "[Suricata] Events Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "78289c40-86da-11e8-b59d-21efb914e65c-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-11-07T22:56:24.962Z", - "version": 1 + "winlog.version": 1 } ], - "version": "6.4.3" + "winlog.version": "6.4.3" } diff --git a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json index 5fd7816eb982..11e93aa05c4d 100644 --- a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json +++ b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json @@ -15,7 +15,7 @@ }, "title": "Destination Geo [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -41,7 +41,7 @@ "useGeocentroid": true }, "schema": "segment", - "type": "geohash_grid" + "winlog.api": "geohash_grid" } ], "params": { @@ -73,13 +73,13 @@ } }, "title": "Destination Geo [SIEM Zeek] ECS", - "type": "tile_map" + "winlog.api": "tile_map" } }, "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:27:37.758Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -96,7 +96,7 @@ }, "title": "Network Transport [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -104,7 +104,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -120,7 +120,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -134,16 +134,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Network Transport [SIEM Zeek] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:30:28.271Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -160,7 +160,7 @@ }, "title": "Network Application [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -168,7 +168,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -184,7 +184,7 @@ "size": 10 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -198,16 +198,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Network Application [SIEM Zeek] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:31:43.959Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -224,7 +224,7 @@ }, "title": "Network Traffic Direction [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -232,7 +232,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -248,7 +248,7 @@ "size": 5 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -262,16 +262,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Network Traffic Direction [SIEM Zeek] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:32:46.436Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -288,7 +288,7 @@ }, "title": "Top DNS Domains [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -296,7 +296,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -312,7 +312,7 @@ "size": 8 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -326,16 +326,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top DNS Domains [SIEM Zeek] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:51:30.288Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -352,7 +352,7 @@ }, "title": "Top URL Domain [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -360,7 +360,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -376,7 +376,7 @@ "size": 8 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -390,16 +390,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top URL Domain [SIEM Zeek] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:53:10.300Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -416,7 +416,7 @@ }, "title": "Top SSL Server [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -424,7 +424,7 @@ "id": "1", "params": {}, "schema": "metric", - "type": "count" + "winlog.api": "count" }, { "enabled": true, @@ -440,7 +440,7 @@ "size": 8 }, "schema": "segment", - "type": "terms" + "winlog.api": "terms" } ], "params": { @@ -454,16 +454,16 @@ "values": true }, "legendPosition": "right", - "type": "pie" + "winlog.api": "pie" }, "title": "Top SSL Server [SIEM Zeek] ECS", - "type": "pie" + "winlog.api": "pie" } }, "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:54:11.067Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -479,7 +479,7 @@ }, "title": "Time Series Count [SIEM Zeek] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -520,7 +520,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "count" + "winlog.api": "count" } ], "point_size": 1, @@ -532,16 +532,16 @@ "show_grid": 1, "show_legend": 0, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Time Series Count [SIEM Zeek] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-17T07:56:26.486Z", - "version": 74 + "winlog.version": 74 }, { "attributes": { @@ -579,8 +579,8 @@ }, "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "1", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": { @@ -597,8 +597,8 @@ }, "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "2", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": { @@ -615,8 +615,8 @@ }, "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": { @@ -633,8 +633,8 @@ }, "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "4", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -647,8 +647,8 @@ }, "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -661,8 +661,8 @@ }, "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "6", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -675,8 +675,8 @@ }, "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "7", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" }, { "embeddableConfig": {}, @@ -689,19 +689,19 @@ }, "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", "panelIndex": "8", - "type": "visualization", - "version": "6.5.4" + "winlog.api": "visualization", + "winlog.version": "6.5.4" } ], "timeRestore": false, "title": "Zeek Overview Dashboard [SIEM] ECS", - "version": 1 + "winlog.version": 1 }, "id": "87b0c430-1a2d-11e9-84b1-a12c578fa9e8-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-17T07:57:50.613Z", - "version": 2 + "winlog.version": 2 } ], - "version": "6.5.4" + "winlog.version": "6.5.4" } \ No newline at end of file diff --git a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json index 960ee7cdebd4..8ac0b5488bb7 100644 --- a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json +++ b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json @@ -14,7 +14,7 @@ }, "title": "AWS EC2 DiskIO Write Bytes ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -50,7 +50,7 @@ { "field": "aws.ec2.diskio.write.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -68,16 +68,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "AWS EC2 DiskIO Write Bytes ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-04T19:15:43.416Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -93,7 +93,7 @@ }, "title": "AWS EC2 Status Check Failed ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -135,7 +135,7 @@ { "field": "aws.ec2.status.check_failed", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "sum" + "winlog.api": "sum" } ], "point_size": 1, @@ -149,16 +149,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "metric" + "winlog.api": "metric" }, "title": "AWS EC2 Status Check Failed ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-04T19:13:01.875Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -174,7 +174,7 @@ }, "title": "AWS EC2 Network In Bytes ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -210,7 +210,7 @@ { "field": "aws.ec2.network.in.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -228,16 +228,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "AWS EC2 Network In Bytes ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-04T19:16:21.453Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -253,7 +253,7 @@ }, "title": "AWS EC2 Network Out Bytes ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -289,7 +289,7 @@ { "field": "aws.ec2.network.out.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -307,16 +307,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "AWS EC2 Network Out Bytes ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-04T19:16:44.480Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -332,7 +332,7 @@ }, "title": "AWS EC2 DiskIO Read Bytes ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -368,7 +368,7 @@ { "field": "aws.ec2.diskio.read.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -386,16 +386,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "AWS EC2 DiskIO Read Bytes ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-04T19:15:21.644Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -411,7 +411,7 @@ }, "title": "AWS EC2 CPU Utilization ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -447,7 +447,7 @@ { "field": "aws.ec2.cpu.total.pct", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -465,16 +465,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "AWS EC2 CPU Utilization ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2018-12-04T19:14:42.745Z", - "version": 4 + "winlog.version": 4 }, { "attributes": { @@ -506,8 +506,8 @@ }, "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "3", - "type": "visualization", - "version": "6.5.0" + "winlog.api": "visualization", + "winlog.version": "6.5.0" }, { "embeddableConfig": {}, @@ -520,8 +520,8 @@ }, "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "5", - "type": "visualization", - "version": "6.5.0" + "winlog.api": "visualization", + "winlog.version": "6.5.0" }, { "embeddableConfig": {}, @@ -534,8 +534,8 @@ }, "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", "panelIndex": "11", - "type": "visualization", - "version": "6.5.0" + "winlog.api": "visualization", + "winlog.version": "6.5.0" }, { "embeddableConfig": {}, @@ -548,8 +548,8 @@ }, "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", "panelIndex": "12", - "type": "visualization", - "version": "6.5.0" + "winlog.api": "visualization", + "winlog.version": "6.5.0" }, { "embeddableConfig": {}, @@ -562,8 +562,8 @@ }, "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "15", - "type": "visualization", - "version": "6.5.0" + "winlog.api": "visualization", + "winlog.version": "6.5.0" }, { "embeddableConfig": {}, @@ -576,19 +576,19 @@ }, "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", "panelIndex": "17", - "type": "visualization", - "version": "6.5.0" + "winlog.api": "visualization", + "winlog.version": "6.5.0" } ], "timeRestore": false, "title": "[Metricbeat AWS] EC2 Overview ECS", - "version": 1 + "winlog.version": 1 }, "id": "c5846400-f7fb-11e8-af03-c999c9dea608-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2018-12-04T19:35:35.744Z", - "version": 1 + "winlog.version": 1 } ], - "version": "6.5.0" + "winlog.version": "6.5.0" } diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json index b65a2604be40..e35562ea2e7a 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json @@ -19,7 +19,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -30,7 +30,7 @@ "field": "mssql.performance.user_connections" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -46,7 +46,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -62,12 +62,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -89,12 +89,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -108,25 +108,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "User Connections [Metricbeat MSSQL] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-22T13:04:43.827Z", - "version": 8 + "winlog.version": 8 }, { "attributes": { @@ -147,7 +147,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -158,7 +158,7 @@ "field": "mssql.performance.transactions" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -174,7 +174,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -190,12 +190,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -217,12 +217,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -236,25 +236,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Transactions [Metricbeat MSSQL] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-22T13:04:34.757Z", - "version": 8 + "winlog.version": 8 }, { "attributes": { @@ -275,7 +275,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -286,7 +286,7 @@ "field": "mssql.performance.lock_waits_per_sec" }, "schema": "metric", - "type": "avg" + "winlog.api": "avg" }, { "enabled": true, @@ -302,7 +302,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -318,12 +318,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -345,12 +345,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -364,25 +364,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Lock Waits/sec [Metricbeat MSSQL] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-22T13:04:24.139Z", - "version": 7 + "winlog.version": 7 }, { "attributes": { @@ -399,7 +399,7 @@ }, "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -414,12 +414,12 @@ "field": "mssql.performance.batch_requests_per_sec" }, "schema": "metricAgg", - "type": "avg" + "winlog.api": "avg" }, "metricAgg": "custom" }, "schema": "metric", - "type": "derivative" + "winlog.api": "derivative" }, { "enabled": true, @@ -435,7 +435,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -451,12 +451,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -478,12 +478,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -497,25 +497,25 @@ "position": "left", "scale": { "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-22T13:03:10.853Z", - "version": 9 + "winlog.version": 9 }, { "attributes": { @@ -536,7 +536,7 @@ "legendOpen": false } }, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [ { @@ -549,7 +549,7 @@ ] }, "schema": "metric", - "type": "median" + "winlog.api": "median" }, { "enabled": true, @@ -565,7 +565,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "type": "date_histogram" + "winlog.api": "date_histogram" } ], "params": { @@ -581,12 +581,12 @@ }, "position": "bottom", "scale": { - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": {}, - "type": "category" + "winlog.api": "category" } ], "grid": { @@ -608,12 +608,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "type": "line", + "winlog.api": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "type": "line", + "winlog.api": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -628,25 +628,25 @@ "scale": { "defaultYExtents": false, "mode": "normal", - "type": "linear" + "winlog.api": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "type": "value" + "winlog.api": "value" } ] }, "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL] ECS", - "type": "line" + "winlog.api": "line" } }, "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-01-22T13:04:16.184Z", - "version": 8 + "winlog.version": 8 }, { "attributes": { @@ -683,8 +683,8 @@ "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "1", "title": "User Connections", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": { @@ -702,8 +702,8 @@ "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "2", "title": "Transactions", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": { @@ -721,8 +721,8 @@ "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "3", "title": "Lock Waits/sec", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": { @@ -740,8 +740,8 @@ "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "4", "title": "Batch Requests/sec", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -755,19 +755,19 @@ "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", "panelIndex": "5", "title": "Buffer Cache Hit Ratio", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" } ], "timeRestore": false, "title": "[Metricbeat MSSQL] Performance ECS", - "version": 1 + "winlog.version": 1 }, "id": "a2ead240-18bb-11e9-9836-f37dedd3b411-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-01-22T12:55:59.857Z", - "version": 11 + "winlog.version": 11 } ], - "version": "7.0.0-alpha2" + "winlog.version": "7.0.0-alpha2" } \ No newline at end of file diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json index d99542201283..8f5aa65cf4ce 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json @@ -14,7 +14,7 @@ }, "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -38,7 +38,7 @@ { "field": "mssql.transaction_log.stats.recovery_size.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -57,19 +57,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -85,7 +85,7 @@ }, "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -109,7 +109,7 @@ { "field": "mssql.transaction_log.stats.since_last_checkpoint.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -122,19 +122,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -150,7 +150,7 @@ }, "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -174,7 +174,7 @@ { "field": "mssql.transaction_log.space_usage.used.pct", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -187,19 +187,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -215,7 +215,7 @@ }, "title": "Log space size since last backup [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -239,7 +239,7 @@ { "field": "mssql.transaction_log.space_usage.since_last_backup.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -252,19 +252,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Log space size since last backup [Metricbeat MSSQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -280,7 +280,7 @@ }, "title": "Active size of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -304,7 +304,7 @@ { "field": "mssql.transaction_log.stats.active_size.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -317,19 +317,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Active size of transaction log [Metricbeat MSSQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -345,7 +345,7 @@ }, "title": "Used space of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -369,7 +369,7 @@ { "field": "mssql.transaction_log.space_usage.used.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -382,19 +382,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Used space of transaction log [Metricbeat MSSQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -410,7 +410,7 @@ }, "title": "Total log space usage [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -434,7 +434,7 @@ { "field": "mssql.transaction_log.space_usage.total.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "type": "avg" + "winlog.api": "avg" } ], "point_size": 1, @@ -447,19 +447,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "type": "timeseries" + "winlog.api": "timeseries" }, "title": "Total log space usage [Metricbeat MSSQL] ECS", - "type": "metrics" + "winlog.api": "metrics" } }, "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -475,7 +475,7 @@ }, "title": "Database selector [Metricbeat MSSQL] ECS", "uiStateJSON": {}, - "version": 1, + "winlog.version": 1, "visState": { "aggs": [], "params": { @@ -490,10 +490,10 @@ "multiselect": true, "order": "desc", "size": 5, - "type": "terms" + "winlog.api": "terms" }, "parent": "", - "type": "list" + "winlog.api": "list" } ], "pinFilters": false, @@ -501,16 +501,16 @@ "useTimeFilter": false }, "title": "Database selector [Metricbeat MSSQL] ECS", - "type": "input_control_vis" + "winlog.api": "input_control_vis" } }, "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", "migrationVersion": { "visualization": "7.0.0" }, - "type": "visualization", + "winlog.api": "visualization", "updated_at": "2019-02-01T10:24:09.159Z", - "version": 1 + "winlog.version": 1 }, { "attributes": { @@ -543,8 +543,8 @@ "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "1", "title": "Recovery size of transaction log", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -558,8 +558,8 @@ "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "2", "title": "Transaction log size since last checkpoint", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -573,8 +573,8 @@ "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "3", "title": "Percentage of used space of transaction log", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -588,8 +588,8 @@ "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "4", "title": "Log space size since last backup", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -603,8 +603,8 @@ "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "5", "title": "Active size of transaction log", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -618,8 +618,8 @@ "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "6", "title": "Used space of transaction log", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -633,8 +633,8 @@ "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "7", "title": "Total log space usage", - "type": "visualization", - "version": "7.0.0-alpha2" + "winlog.api": "visualization", + "winlog.version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -647,19 +647,19 @@ }, "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", "panelIndex": "8", - "type": "visualization", - "version": "7.0.0-SNAPSHOT" + "winlog.api": "visualization", + "winlog.version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, "title": "[Metricbeat MSSQL] Transaction log ECS", - "version": 1 + "winlog.version": 1 }, "id": "18d66970-1fb4-11e9-8a4d-eb34d2834f6b-ecs", - "type": "dashboard", + "winlog.api": "dashboard", "updated_at": "2019-02-01T10:39:36.585Z", - "version": 3 + "winlog.version": 3 } ], - "version": "7.0.0-SNAPSHOT" + "winlog.version": "7.0.0-SNAPSHOT" } \ No newline at end of file From 534c2c0422ba65946ea05c846a1154d2f42b93da Mon Sep 17 00:00:00 2001 From: beats-jenkins Date: Tue, 5 Feb 2019 21:58:24 +0100 Subject: [PATCH 5/6] temp fix --- .../auditbeat-kernel-executions.json | 128 ++-- .../dashboard/auditbeat-kernel-overview.json | 94 +-- .../7/dashboard/auditbeat-kernel-sockets.json | 256 +++---- .../7/dashboard/auditbeat-file-integrity.json | 372 +++++----- .../kibana/7/dashboard/Filebeat-apache.json | 234 +++---- .../kibana/7/dashboard/Filebeat-auditd.json | 156 ++--- .../dashboard/Filebeat-haproxy-overview.json | 134 ++-- .../dashboard/Filebeat-icinga-debug-log.json | 108 +-- .../7/dashboard/Filebeat-icinga-main-log.json | 108 +-- .../Filebeat-icinga-startup-errors.json | 64 +- .../kibana/7/dashboard/Filebeat-iis.json | 212 +++--- .../7/dashboard/Filebeat-Kafka-overview.json | 148 ++-- .../7/dashboard/Filebeat-logstash-log.json | 122 ++-- .../dashboard/Filebeat-logstash-slowlog.json | 182 ++--- .../dashboard/Filebeat-Mongodb-overview.json | 94 +-- .../kibana/7/dashboard/Filebeat-mysql.json | 236 +++---- .../7/dashboard/Filebeat-nginx-logs.json | 116 ++-- .../7/dashboard/Filebeat-nginx-overview.json | 250 +++---- ...nginx-access-remote-ip-count-explorer.json | 166 ++--- .../ml-nginx-remote-ip-url-explorer.json | 166 ++--- .../7/dashboard/osquery-compliance.json | 216 +++--- .../kibana/7/dashboard/osquery-rootkit.json | 148 ++-- .../Filebeat-Postgresql-overview.json | 118 ++-- .../Filebeat-Postgresql-slowlogs.json | 94 +-- .../kibana/7/dashboard/Filebeat-redis.json | 184 ++--- .../filebeat-santa-log-overview.json | 194 +++--- .../Filebeat-auth-sudo-commands.json | 120 ++-- .../Filebeat-new-users-and-groups.json | 228 +++--- .../Filebeat-ssh-login-attempts.json | 164 ++--- .../kibana/7/dashboard/Filebeat-syslog.json | 118 ++-- .../dashboard/Filebeat-traefik-overview.json | 184 ++--- ...aefik-access-remote-ip-count-explorer.json | 170 ++--- .../ml-traefik-remote-ip-url-explorer.json | 168 ++--- .../7/dashboard/Journalbeat-overview.json | 72 +- .../dashboard/Metricbeat-apache-overview.json | 238 +++---- .../dashboard/Metricbeat-docker-overview.json | 266 +++---- .../dashboard/Metricbeat-golang-overview.json | 122 ++-- .../dashboard/Metricbeat-haproxy-backend.json | 50 +- .../Metricbeat-haproxy-frontend.json | 26 +- .../Metricbeat-haproxy-http-backend.json | 62 +- .../Metricbeat-haproxy-http-frontend.json | 32 +- .../Metricbeat-haproxy-http-server.json | 50 +- .../Metricbeat-haproxy-overview.json | 38 +- .../Metricbeat-haproxy-visualizations.json | 366 +++++----- .../dashboard/Metricbeat-kafka-overview.json | 286 ++++---- .../Metricbeat-kubernetes-apiserver.json | 98 +-- .../Metricbeat-kubernetes-overview.json | 382 +++++------ .../Metricbeat-mongodb-overview.json | 338 ++++----- .../dashboard/Metricbeat-mysql-overview.json | 208 +++--- .../7/dashboard/Metricbeat-nats-overview.json | 446 ++++++------ .../dashboard/metricbeat-nginx-overview.json | 148 ++-- .../Metricbeat-rabbitmq-overview.json | 140 ++-- .../7/dashboard/Metricbeat-redis-keys.json | 208 +++--- .../dashboard/Metricbeat-redis-overview.json | 240 +++---- .../Metricbeat-containers-overview.json | 144 ++-- .../7/dashboard/Metricbeat-host-overview.json | 628 ++++++++--------- .../dashboard/Metricbeat-system-overview.json | 292 ++++---- .../dashboard/Metricbeat-uwsgi-overview.json | 100 +-- .../dashboard/metricbeat-windows-service.json | 198 +++--- .../Metricbeat-zookeeper-overview.json | 144 ++-- .../7/dashboard/Packetbeat-cassandra.json | 324 ++++----- .../kibana/7/dashboard/Packetbeat-dhcpv4.json | 212 +++--- .../7/dashboard/Packetbeat-dns-overview.json | 264 +++---- .../7/dashboard/Packetbeat-dns-tunneling.json | 158 ++--- .../kibana/7/dashboard/Packetbeat-flows.json | 200 +++--- .../kibana/7/dashboard/Packetbeat-http.json | 266 +++---- .../7/dashboard/Packetbeat-mongodb.json | 376 +++++----- .../kibana/7/dashboard/Packetbeat-mysql.json | 336 ++++----- .../kibana/7/dashboard/Packetbeat-nfs.json | 356 +++++----- .../7/dashboard/Packetbeat-overview.json | 508 +++++++------- .../kibana/7/dashboard/Packetbeat-pgsql.json | 332 ++++----- .../kibana/7/dashboard/Packetbeat-thrift.json | 238 +++---- .../kibana/7/dashboard/Packetbeat-tls.json | 476 ++++++------- script/kibana-migration.py | 6 +- .../7/dashboard/Winlogbeat-overview.json | 154 ++--- .../auditbeat-system-host-dashboard.json | 232 +++---- .../auditbeat-system-login-dashboard.json | 268 ++++---- .../auditbeat-system-overview-dashboard.json | 648 +++++++++--------- .../auditbeat-system-package-dashboard.json | 268 ++++---- .../auditbeat-system-process-dashboard.json | 296 ++++---- .../auditbeat-system-socket-dashboard.json | 354 +++++----- .../auditbeat-system-user-dashboard.json | 270 ++++---- .../dashboard/Filebeat-Iptables-Overview.json | 228 +++--- ...t-Iptables-Ubiquiti-Firewall-Overview.json | 232 +++---- .../Filebeat-Suricata-Alert-Overview.json | 216 +++--- .../dashboard/Filebeat-Suricata-Overview.json | 290 ++++---- .../7/dashboard/Filebeat-Zeek-Overview.json | 216 +++--- .../Metricbeat-aws-ec2-overview.json | 166 ++--- .../Metricbeat-mssql-performance.json | 194 +++--- .../Metricbeat-mssql-transaction_log.json | 204 +++--- 90 files changed, 9532 insertions(+), 9530 deletions(-) diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json index 51f31e2258f0..9cb989fb0cea 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", - "title": "Error Codes [Auditbeat Auditd Executions] ECS", + "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16", + "title": "Error Codes [Auditbeat Auditd Executions]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -44,16 +44,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Error Codes [Auditbeat Auditd Executions] ECS", - "winlog.api": "pie" + "title": "Error Codes [Auditbeat Auditd Executions]", + "type": "pie" } }, - "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", - "winlog.api": "visualization", + "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16", + "type": "visualization", "updated_at": "2018-01-16T22:10:23.921Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -68,9 +68,9 @@ } } }, - "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", + "title": "Primary Username Tag Cloud [Auditbeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -78,7 +78,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -90,7 +90,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -99,14 +99,14 @@ "orientation": "single", "scale": "linear" }, - "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", - "winlog.api": "tagcloud" + "title": "Primary Username Tag Cloud [Auditbeat Auditd]", + "type": "tagcloud" } }, - "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", - "winlog.api": "visualization", + "id": "f81a6de0-c1c1-11e7-8995-936807a28b16", + "type": "visualization", "updated_at": "2018-01-16T22:12:18.730Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -120,10 +120,10 @@ } } }, - "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", - "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", + "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16", + "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -131,19 +131,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "process.executable", + "field": "process.exe", "order": "desc", "orderBy": "1", "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -152,23 +152,23 @@ "orientation": "single", "scale": "linear" }, - "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", - "winlog.api": "tagcloud" + "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions]", + "type": "tagcloud" } }, - "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", - "winlog.api": "visualization", + "id": "2efac370-c1ca-11e7-8995-936807a28b16", + "type": "visualization", "updated_at": "2018-01-16T22:57:41.411Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { "columns": [ - "agent.hostname", + "beat.hostname", "process.args", "auditd.summary.actor.primary", "auditd.summary.actor.secondary", - "process.executable" + "process.exe" ], "description": "", "hits": 0, @@ -187,16 +187,16 @@ "negate": false, "params": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -213,16 +213,16 @@ "negate": false, "params": { "query": "executed", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "executed" }, "query": { "match": { "event.action": { "query": "executed", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -234,20 +234,20 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Process Executions [Auditbeat Auditd] ECS", - "winlog.version": 1 + "title": "Process Executions [Auditbeat Auditd]", + "version": 1 }, - "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", - "winlog.api": "search", + "id": "d382f5b0-c1c6-11e7-8995-936807a28b16", + "type": "search", "updated_at": "2018-01-16T22:26:35.050Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -261,7 +261,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -277,10 +277,10 @@ "x": 4, "y": 0 }, - "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", + "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -290,10 +290,10 @@ "x": 8, "y": 0 }, - "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", + "id": "f81a6de0-c1c1-11e7-8995-936807a28b16", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -303,10 +303,10 @@ "x": 0, "y": 0 }, - "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", + "id": "2efac370-c1ca-11e7-8995-936807a28b16", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -316,21 +316,21 @@ "x": 0, "y": 3 }, - "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", + "id": "d382f5b0-c1c6-11e7-8995-936807a28b16", "panelIndex": "6", - "winlog.api": "search", - "winlog.version": "6.2.4" + "type": "search", + "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Executions ECS", - "winlog.version": 1 + "title": "[Auditbeat Auditd] Executions", + "version": 1 }, - "id": "7de391b0-c1ca-11e7-8995-936807a28b16-ecs", - "winlog.api": "dashboard", + "id": "7de391b0-c1ca-11e7-8995-936807a28b16", + "type": "dashboard", "updated_at": "2018-01-16T22:58:11.243Z", - "winlog.version": 5 + "version": 5 } ], - "winlog.version": "6.2.4" + "version": "6.2.4" } \ No newline at end of file diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json index db12601a14a4..d487e8b8f9ab 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json @@ -6,9 +6,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Event Actions [Auditbeat Auditd Overview] ECS", + "title": "Event Actions [Auditbeat Auditd Overview]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -50,7 +50,7 @@ "metrics": [ { "id": "6b9fb2d0-c1bc-11e7-938f-ab0645b6c431", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, @@ -63,16 +63,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Event Actions [Auditbeat Auditd Overview] ECS", - "winlog.api": "metrics" + "title": "Event Actions [Auditbeat Auditd Overview]", + "type": "metrics" } }, - "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", - "winlog.api": "visualization", + "id": "97680df0-c1c0-11e7-8995-936807a28b16", + "type": "visualization", "updated_at": "2018-01-16T22:11:01.438Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -87,10 +87,10 @@ } } }, - "savedSearchId": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", - "title": "Event Categories [Auditbeat Auditd] ECS", + "savedSearchId": "0f10c430-c1c3-11e7-8995-936807a28b16", + "title": "Event Categories [Auditbeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -98,7 +98,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -111,7 +111,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -124,7 +124,7 @@ "size": 20 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -132,21 +132,21 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Event Categories [Auditbeat Auditd] ECS", - "winlog.api": "pie" + "title": "Event Categories [Auditbeat Auditd]", + "type": "pie" } }, - "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "visualization", + "id": "08679220-c25a-11e7-8692-232bd1143e8a", + "type": "visualization", "updated_at": "2018-01-16T22:54:10.330Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { "columns": [ - "agent.hostname", + "beat.hostname", "auditd.summary.actor.primary", "auditd.summary.actor.secondary", "event.action", @@ -173,16 +173,16 @@ "negate": false, "params": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -194,20 +194,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Audit Event Table [Auditbeat Auditd] ECS", - "winlog.version": 1 + "title": "Audit Event Table [Auditbeat Auditd]", + "version": 1 }, - "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", - "winlog.api": "search", + "id": "0f10c430-c1c3-11e7-8995-936807a28b16", + "type": "search", "updated_at": "2018-01-16T22:51:24.572Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -221,7 +221,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -237,10 +237,10 @@ "x": 0, "y": 0 }, - "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", + "id": "97680df0-c1c0-11e7-8995-936807a28b16", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -250,10 +250,10 @@ "x": 7, "y": 0 }, - "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", + "id": "08679220-c25a-11e7-8692-232bd1143e8a", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -263,21 +263,21 @@ "x": 0, "y": 3 }, - "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", + "id": "0f10c430-c1c3-11e7-8995-936807a28b16", "panelIndex": "5", - "winlog.api": "search", - "winlog.version": "6.2.4" + "type": "search", + "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Overview ECS", - "winlog.version": 1 + "title": "[Auditbeat Auditd] Overview", + "version": 1 }, - "id": "c0ac2c00-c1c0-11e7-8995-936807a28b16-ecs", - "winlog.api": "dashboard", + "id": "c0ac2c00-c1c0-11e7-8995-936807a28b16", + "type": "dashboard", "updated_at": "2018-01-16T22:55:17.775Z", - "winlog.version": 5 + "version": 5 } ], - "winlog.version": "6.2.4" + "version": "6.2.4" } \ No newline at end of file diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json index dc84cc075871..7ef3d93453b3 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json @@ -19,16 +19,16 @@ "negate": true, "params": { "query": "0", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "0" }, "query": { "match": { "auditd.summary.object.secondary": { "query": "0", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -40,8 +40,8 @@ } } }, - "savedSearchId": "b4c93470-c240-11e7-8692-232bd1143e8a-ecs", - "title": "Bind (non-ephemeral) [Auditbeat Auditd] ECS", + "savedSearchId": "b4c93470-c240-11e7-8692-232bd1143e8a", + "title": "Bind (non-ephemeral) [Auditbeat Auditd]", "uiStateJSON": { "vis": { "params": { @@ -52,7 +52,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -60,7 +60,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -73,7 +73,7 @@ "size": 50 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -86,7 +86,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -99,7 +99,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -113,14 +113,14 @@ }, "totalFunc": "sum" }, - "title": "Bind (non-ephemeral) [Auditbeat Auditd] ECS", - "winlog.api": "table" + "title": "Bind (non-ephemeral) [Auditbeat Auditd]", + "type": "table" } }, - "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "visualization", + "id": "faf882f0-c242-11e7-8692-232bd1143e8a", + "type": "visualization", "updated_at": "2018-01-16T22:08:02.522Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -134,8 +134,8 @@ } } }, - "savedSearchId": "5438b030-c246-11e7-8692-232bd1143e8a-ecs", - "title": "Connect [Auditbeat Auditd] ECS", + "savedSearchId": "5438b030-c246-11e7-8692-232bd1143e8a", + "title": "Connect [Auditbeat Auditd]", "uiStateJSON": { "vis": { "params": { @@ -146,7 +146,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -154,20 +154,20 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "customLabel": "Exe", - "field": "process.executable", + "field": "process.exe", "order": "desc", "orderBy": "1", "size": 50 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -180,7 +180,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -193,7 +193,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -207,14 +207,14 @@ }, "totalFunc": "sum" }, - "title": "Connect [Auditbeat Auditd] ECS", - "winlog.api": "table" + "title": "Connect [Auditbeat Auditd]", + "type": "table" } }, - "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "visualization", + "id": "ea483730-c246-11e7-8692-232bd1143e8a", + "type": "visualization", "updated_at": "2018-01-16T23:24:16.851Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -228,8 +228,8 @@ } } }, - "savedSearchId": "e8734160-c24c-11e7-8692-232bd1143e8a-ecs", - "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd] ECS", + "savedSearchId": "e8734160-c24c-11e7-8692-232bd1143e8a", + "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd]", "uiStateJSON": { "spy": { "mode": { @@ -246,7 +246,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -257,20 +257,20 @@ "field": "auditd.summary.object.primary" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { "customLabel": "Exe", - "field": "process.executable", + "field": "process.exe", "order": "desc", "orderBy": "1", "size": 50 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -283,7 +283,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -297,14 +297,14 @@ }, "totalFunc": "sum" }, - "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd] ECS", - "winlog.api": "table" + "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd]", + "type": "table" } }, - "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "visualization", + "id": "ceb91de0-c250-11e7-8692-232bd1143e8a", + "type": "visualization", "updated_at": "2018-01-16T22:16:51.535Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -312,9 +312,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", + "title": "Socket Syscalls Time Series [Auditbeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -330,7 +330,7 @@ "id": "2cebb0c0-c252-11e7-8a68-93ffe9ec5950" } ], - "filter": "auditd.summary.object.winlog.api:socket", + "filter": "auditd.summary.object.type:socket", "gauge_color_rules": [ { "id": "6c891740-c252-11e7-8a68-93ffe9ec5950" @@ -356,7 +356,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, @@ -369,16 +369,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", - "winlog.api": "metrics" + "title": "Socket Syscalls Time Series [Auditbeat Auditd]", + "type": "metrics" } }, - "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "visualization", + "id": "b21e0c70-c252-11e7-8692-232bd1143e8a", + "type": "visualization", "updated_at": "2018-01-16T22:13:38.857Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -393,9 +393,9 @@ } } }, - "title": "Socket Families [Auditbeat Auditd] ECS", + "title": "Socket Families [Auditbeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -403,7 +403,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -416,7 +416,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -429,7 +429,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -437,21 +437,21 @@ "addTooltip": true, "isDonut": true, "legendPosition": "left", - "winlog.api": "pie" + "type": "pie" }, - "title": "Socket Families [Auditbeat Auditd] ECS", - "winlog.api": "pie" + "title": "Socket Families [Auditbeat Auditd]", + "type": "pie" } }, - "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "visualization", + "id": "a8e20450-c256-11e7-8692-232bd1143e8a", + "type": "visualization", "updated_at": "2018-01-16T22:12:51.655Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { "columns": [ - "agent.hostname", + "beat.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -475,16 +475,16 @@ "negate": false, "params": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -501,16 +501,16 @@ "negate": false, "params": { "query": "bind", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "bind" }, "query": { "match": { "auditd.data.syscall": { "query": "bind", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -527,16 +527,16 @@ "negate": true, "params": { "query": "netlink", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "netlink" }, "query": { "match": { "auditd.data.socket.family": { "query": "netlink", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -548,25 +548,25 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Socket Binds [Auditbeat Auditd] ECS", - "winlog.version": 1 + "title": "Socket Binds [Auditbeat Auditd]", + "version": 1 }, - "id": "b4c93470-c240-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "search", + "id": "b4c93470-c240-11e7-8692-232bd1143e8a", + "type": "search", "updated_at": "2018-01-16T23:05:58.935Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { "columns": [ - "agent.hostname", + "beat.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -591,16 +591,16 @@ "negate": false, "params": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -617,16 +617,16 @@ "negate": false, "params": { "query": "connected-to", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "connected-to" }, "query": { "match": { "event.action": { "query": "connected-to", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -644,7 +644,7 @@ "index": "auditbeat-*", "key": "auditd.summary.object.primary", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -655,25 +655,25 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Socket Connects [Auditbeat Auditd] ECS", - "winlog.version": 1 + "title": "Socket Connects [Auditbeat Auditd]", + "version": 1 }, - "id": "5438b030-c246-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "search", + "id": "5438b030-c246-11e7-8692-232bd1143e8a", + "type": "search", "updated_at": "2018-01-16T23:09:43.937Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { "columns": [ - "agent.hostname", + "beat.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -697,16 +697,16 @@ "negate": false, "params": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "auditd" }, "query": { "match": { "event.module": { "query": "auditd", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -723,16 +723,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "auditd.summary.object.type": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -750,7 +750,7 @@ "index": "auditbeat-*", "key": "auditd.summary.object.primary", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } }, @@ -764,7 +764,7 @@ "index": "auditbeat-*", "key": "query", "negate": false, - "winlog.api": "custom", + "type": "custom", "value": "{\"terms\":{\"auditd.data.syscall\":[\"accept\",\"accept4\",\"recvfrom\",\"recvmsg\"]}}" }, "query": { @@ -785,20 +785,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Socket Accept / Recvfrom [Auditbeat Auditd] ECS", - "winlog.version": 1 + "title": "Socket Accept / Recvfrom [Auditbeat Auditd]", + "version": 1 }, - "id": "e8734160-c24c-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "search", + "id": "e8734160-c24c-11e7-8692-232bd1143e8a", + "type": "search", "updated_at": "2018-01-16T23:20:51.403Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -812,7 +812,7 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -838,10 +838,10 @@ "x": 6, "y": 3 }, - "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", + "id": "faf882f0-c242-11e7-8692-232bd1143e8a", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "embeddableConfig": { @@ -861,10 +861,10 @@ "x": 0, "y": 7 }, - "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", + "id": "ea483730-c246-11e7-8692-232bd1143e8a", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "embeddableConfig": { @@ -884,10 +884,10 @@ "x": 6, "y": 7 }, - "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", + "id": "ceb91de0-c250-11e7-8692-232bd1143e8a", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -897,10 +897,10 @@ "x": 0, "y": 0 }, - "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", + "id": "b21e0c70-c252-11e7-8692-232bd1143e8a", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -910,21 +910,21 @@ "x": 0, "y": 3 }, - "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", + "id": "a8e20450-c256-11e7-8692-232bd1143e8a", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Sockets ECS", - "winlog.version": 1 + "title": "[Auditbeat Auditd] Sockets", + "version": 1 }, - "id": "693a5f40-c243-11e7-8692-232bd1143e8a-ecs", - "winlog.api": "dashboard", + "id": "693a5f40-c243-11e7-8692-232bd1143e8a", + "type": "dashboard", "updated_at": "2018-01-16T23:24:37.521Z", - "winlog.version": 4 + "version": 4 } ], - "winlog.version": "6.2.4" + "version": "6.2.4" } \ No newline at end of file diff --git a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json index d2c5e5c7a115..3b98803d0573 100644 --- a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json +++ b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json @@ -19,8 +19,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Actions [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Actions [Auditbeat File Integrity]", "uiStateJSON": { "vis": { "defaultColors": { @@ -28,7 +28,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -38,7 +38,7 @@ "customLabel": "" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -51,7 +51,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -91,20 +91,20 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": true }, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Actions [Auditbeat File Integrity] ECS", - "winlog.api": "metric" + "title": "Actions [Auditbeat File Integrity]", + "type": "metric" } }, - "id": "AV0tVcg6g1PYniApZa-v-ecs", - "winlog.api": "visualization", + "id": "AV0tVcg6g1PYniApZa-v", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -125,10 +125,10 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Events Over Time [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Events Over Time [Auditbeat File Integrity]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -136,7 +136,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -149,7 +149,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -162,7 +162,7 @@ "size": 10 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -178,14 +178,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 5 minutes" }, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -205,12 +205,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -225,25 +225,25 @@ "scale": { "defaultYExtents": true, "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Events Over Time [Auditbeat File Integrity] ECS", - "winlog.api": "histogram" + "title": "Events Over Time [Auditbeat File Integrity]", + "type": "histogram" } }, - "id": "AV0tV05vg1PYniApZbA2-ecs", - "winlog.api": "visualization", + "id": "AV0tV05vg1PYniApZbA2", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -264,10 +264,10 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Top owners [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Top owners [Auditbeat File Integrity]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -275,7 +275,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -288,7 +288,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -296,16 +296,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top owners [Auditbeat File Integrity] ECS", - "winlog.api": "pie" + "title": "Top owners [Auditbeat File Integrity]", + "type": "pie" } }, - "id": "AV0tWL-Yg1PYniApZbCs-ecs", - "winlog.api": "visualization", + "id": "AV0tWL-Yg1PYniApZbCs", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -326,10 +326,10 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Top groups [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Top groups [Auditbeat File Integrity]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -337,7 +337,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -350,7 +350,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -358,16 +358,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top groups [Auditbeat File Integrity] ECS", - "winlog.api": "pie" + "title": "Top groups [Auditbeat File Integrity]", + "type": "pie" } }, - "id": "AV0tWSdXg1PYniApZbDU-ecs", - "winlog.api": "visualization", + "id": "AV0tWSdXg1PYniApZbDU", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -388,10 +388,10 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Top updated [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Top updated [Auditbeat File Integrity]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -399,7 +399,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -412,7 +412,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -420,16 +420,16 @@ "addTooltip": true, "isDonut": false, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top updated [Auditbeat File Integrity] ECS", - "winlog.api": "pie" + "title": "Top updated [Auditbeat File Integrity]", + "type": "pie" } }, - "id": "AV0tW0djg1PYniApZbGL-ecs", - "winlog.api": "visualization", + "id": "AV0tW0djg1PYniApZbGL", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -440,12 +440,12 @@ "index": "auditbeat-*", "query": { "language": "lucene", - "query": "file.mode:/0..[2367]/ NOT file.winlog.api:symlink" + "query": "file.mode:/0..[2367]/ NOT file.type:symlink" } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "World Writable File Count [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "World Writable File Count [Auditbeat File Integrity]", "uiStateJSON": { "vis": { "defaultColors": { @@ -453,7 +453,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -464,7 +464,7 @@ "field": "file.inode" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -494,16 +494,16 @@ }, "useRange": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "World Writable File Count [Auditbeat File Integrity] ECS", - "winlog.api": "metric" + "title": "World Writable File Count [Auditbeat File Integrity]", + "type": "metric" } }, - "id": "AV0tY6jwg1PYniApZbRY-ecs", - "winlog.api": "visualization", + "id": "AV0tY6jwg1PYniApZbRY", + "type": "visualization", "updated_at": "2018-01-22T17:48:29.232Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -523,16 +523,16 @@ "negate": false, "params": { "query": "file", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "file" }, "query": { "match": { "file.type": { "query": "file", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -545,8 +545,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Most changed file by count [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Most changed file by count [Auditbeat File Integrity]", "uiStateJSON": { "vis": { "defaultColors": { @@ -554,7 +554,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -564,7 +564,7 @@ "customLabel": "Most changed file by count" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -577,7 +577,7 @@ "size": 1 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -616,20 +616,20 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Most changed file by count [Auditbeat File Integrity] ECS", - "winlog.api": "metric" + "title": "Most changed file by count [Auditbeat File Integrity]", + "type": "metric" } }, - "id": "AV0tav8Ag1PYniApZbbK-ecs", - "winlog.api": "visualization", + "id": "AV0tav8Ag1PYniApZbbK", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -650,8 +650,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Most common mode by count [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Most common mode by count [Auditbeat File Integrity]", "uiStateJSON": { "vis": { "defaultColors": { @@ -659,7 +659,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -669,7 +669,7 @@ "customLabel": "Most common mode by count" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -682,7 +682,7 @@ "size": 1 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -721,20 +721,20 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Most common mode by count [Auditbeat File Integrity] ECS", - "winlog.api": "metric" + "title": "Most common mode by count [Auditbeat File Integrity]", + "type": "metric" } }, - "id": "AV0tbcUdg1PYniApZbe1-ecs", - "winlog.api": "visualization", + "id": "AV0tbcUdg1PYniApZbe1", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -755,8 +755,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "File Event Summary By Host [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "File Event Summary By Host [Auditbeat File Integrity]", "uiStateJSON": { "vis": { "params": { @@ -767,7 +767,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -777,20 +777,20 @@ "customLabel": "Total Events" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "customLabel": "Host", - "field": "host.name", + "field": "beat.name", "order": "desc", "orderBy": "1", "size": 50 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -804,7 +804,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" } ], "params": { @@ -818,14 +818,14 @@ }, "totalFunc": "sum" }, - "title": "File Event Summary By Host [Auditbeat File Integrity] ECS", - "winlog.api": "table" + "title": "File Event Summary By Host [Auditbeat File Integrity]", + "type": "table" } }, - "id": "AV0tc_xZg1PYniApZbnL-ecs", - "winlog.api": "visualization", + "id": "AV0tc_xZg1PYniApZbnL", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -846,10 +846,10 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Top deleted [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Top deleted [Auditbeat File Integrity]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -857,7 +857,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -870,7 +870,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -878,16 +878,16 @@ "addTooltip": true, "isDonut": false, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top deleted [Auditbeat File Integrity] ECS", - "winlog.api": "pie" + "title": "Top deleted [Auditbeat File Integrity]", + "type": "pie" } }, - "id": "AV0tes4Eg1PYniApZbwV-ecs", - "winlog.api": "visualization", + "id": "AV0tes4Eg1PYniApZbwV", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -908,10 +908,10 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "title": "Top created [Auditbeat File Integrity] ECS", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", + "title": "Top created [Auditbeat File Integrity]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -919,7 +919,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -932,7 +932,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -940,16 +940,16 @@ "addTooltip": true, "isDonut": false, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top created [Auditbeat File Integrity] ECS", - "winlog.api": "pie" + "title": "Top created [Auditbeat File Integrity]", + "type": "pie" } }, - "id": "AV0te0TCg1PYniApZbw9-ecs", - "winlog.api": "visualization", + "id": "AV0te0TCg1PYniApZbw9", + "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -974,16 +974,16 @@ "negate": false, "params": { "query": "file_integrity", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "file_integrity" }, "query": { "match": { "event.module": { "query": "file_integrity", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -995,20 +995,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "File Integrity Events [Auditbeat File Integrity] ECS", - "winlog.version": 1 + "title": "File Integrity Events [Auditbeat File Integrity]", + "version": 1 }, - "id": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "search", + "id": "a380a060-cb44-11e7-9835-2f31fe08873b", + "type": "search", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -1027,7 +1027,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1043,10 +1043,10 @@ "x": 0, "y": 0 }, - "id": "AV0tVcg6g1PYniApZa-v-ecs", + "id": "AV0tVcg6g1PYniApZa-v", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1056,10 +1056,10 @@ "x": 2, "y": 0 }, - "id": "AV0tV05vg1PYniApZbA2-ecs", + "id": "AV0tV05vg1PYniApZbA2", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1069,10 +1069,10 @@ "x": 9, "y": 0 }, - "id": "AV0tWL-Yg1PYniApZbCs-ecs", + "id": "AV0tWL-Yg1PYniApZbCs", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1082,10 +1082,10 @@ "x": 9, "y": 3 }, - "id": "AV0tWSdXg1PYniApZbDU-ecs", + "id": "AV0tWSdXg1PYniApZbDU", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1095,10 +1095,10 @@ "x": 4, "y": 8 }, - "id": "AV0tW0djg1PYniApZbGL-ecs", + "id": "AV0tW0djg1PYniApZbGL", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1108,10 +1108,10 @@ "x": 0, "y": 6 }, - "id": "AV0tY6jwg1PYniApZbRY-ecs", + "id": "AV0tY6jwg1PYniApZbRY", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1121,10 +1121,10 @@ "x": 4, "y": 6 }, - "id": "AV0tav8Ag1PYniApZbbK-ecs", + "id": "AV0tav8Ag1PYniApZbbK", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1134,10 +1134,10 @@ "x": 8, "y": 6 }, - "id": "AV0tbcUdg1PYniApZbe1-ecs", + "id": "AV0tbcUdg1PYniApZbe1", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1147,10 +1147,10 @@ "x": 0, "y": 11 }, - "id": "AV0tc_xZg1PYniApZbnL-ecs", + "id": "AV0tc_xZg1PYniApZbnL", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1160,10 +1160,10 @@ "x": 8, "y": 8 }, - "id": "AV0tes4Eg1PYniApZbwV-ecs", + "id": "AV0tes4Eg1PYniApZbwV", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1173,10 +1173,10 @@ "x": 0, "y": 8 }, - "id": "AV0te0TCg1PYniApZbw9-ecs", + "id": "AV0te0TCg1PYniApZbw9", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "columns": [ @@ -1190,25 +1190,25 @@ "x": 6, "y": 11 }, - "id": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "id": "a380a060-cb44-11e7-9835-2f31fe08873b", "panelIndex": "12", "sort": [ "@timestamp", "desc" ], - "winlog.api": "search", - "winlog.version": "6.2.4" + "type": "search", + "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat File Integrity] Overview ECS", - "winlog.version": 1 + "title": "[Auditbeat File Integrity] Overview", + "version": 1 }, - "id": "AV0tXkjYg1PYniApZbKP-ecs", - "winlog.api": "dashboard", + "id": "AV0tXkjYg1PYniApZbKP", + "type": "dashboard", "updated_at": "2018-01-22T15:54:25.278Z", - "winlog.version": 6 + "version": 6 } ], - "winlog.version": "6.1.2" + "version": "6.1.2" } \ No newline at end of file diff --git a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json index 72fe25d6af04..5e7a927cf3d7 100644 --- a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json +++ b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json @@ -8,35 +8,35 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs-ecs", - "title": "Unique IPs map [Filebeat Apache] ECS", + "savedSearchId": "Apache-access-logs", + "title": "Unique IPs map [Filebeat Apache]", "uiStateJSON": { "mapCenter": [ 14.944784875088372, 5.09765625 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "source.address" + "field": "apache2.access.remote_ip" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location" + "field": "apache2.access.geoip.location" }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -63,18 +63,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Apache access unique IPs map ECS", - "winlog.api": "tile_map" + "title": "Apache access unique IPs map", + "type": "tile_map" } }, - "id": "Apache-access-unique-IPs-map-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Apache-access-unique-IPs-map", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -84,8 +84,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs-ecs", - "title": "Top URLs by response code [Filebeat Apache] ECS", + "savedSearchId": "Apache-access-logs", + "title": "Top URLs by response code [Filebeat Apache]", "uiStateJSON": { "vis": { "colors": { @@ -94,7 +94,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -102,33 +102,33 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "3", "params": { "customLabel": "URL", - "field": "url.original", + "field": "apache2.access.url", "order": "desc", "orderBy": "1", "row": false, "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "2", "params": { - "field": "http.response.status_code", + "field": "apache2.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -139,13 +139,13 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Apache response codes of top URLs ECS", - "winlog.api": "pie" + "title": "Apache response codes of top URLs", + "type": "pie" } }, - "id": "Apache-response-codes-of-top-URLs-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Apache-response-codes-of-top-URLs", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -155,32 +155,32 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs-ecs", - "title": "Browsers breakdown [Filebeat Apache] ECS", + "savedSearchId": "Apache-access-logs", + "title": "Browsers breakdown [Filebeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "source.address" + "field": "apache2.access.remote_ip" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.name", + "field": "apache2.access.user_agent.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -192,7 +192,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -203,13 +203,13 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Apache browsers ECS", - "winlog.api": "pie" + "title": "Apache browsers", + "type": "pie" } }, - "id": "Apache-browsers-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Apache-browsers", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -219,32 +219,32 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs-ecs", - "title": "Operating systems breakdown [Filebeat Apache] ECS", + "savedSearchId": "Apache-access-logs", + "title": "Operating systems breakdown [Filebeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "source.address" + "field": "apache2.access.remote_ip" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.os.name", + "field": "apache2.access.user_agent.os_name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -256,7 +256,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -267,13 +267,13 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Apache operating systems ECS", - "winlog.api": "pie" + "title": "Apache operating systems", + "type": "pie" } }, - "id": "Apache-operating-systems-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Apache-operating-systems", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -283,10 +283,10 @@ "filter": [] } }, - "savedSearchId": "Apache-errors-log-ecs", - "title": "Error logs over time [Filebeat Apache] ECS", + "savedSearchId": "Apache-errors-log", + "title": "Error logs over time [Filebeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -294,7 +294,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -307,19 +307,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "log.level", + "field": "apache2.error.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -336,13 +336,13 @@ "times": [], "yAxis": {} }, - "title": "Apache error logs over time ECS", - "winlog.api": "histogram" + "title": "Apache error logs over time", + "type": "histogram" } }, - "id": "Apache-error-logs-over-time-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Apache-error-logs-over-time", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -352,8 +352,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs-ecs", - "title": "Response codes over time [Filebeat Apache] ECS", + "savedSearchId": "Apache-access-logs", + "title": "Response codes over time [Filebeat Apache]", "uiStateJSON": { "vis": { "colors": { @@ -362,7 +362,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -370,7 +370,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -383,19 +383,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "apache2.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -412,21 +412,21 @@ "times": [], "yAxis": {} }, - "title": "Apache response codes over time ECS", - "winlog.api": "histogram" + "title": "Apache response codes over time", + "type": "histogram" } }, - "id": "Apache-response-codes-over-time-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Apache-response-codes-over-time", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ - "source.address", - "log.level", + "apache2.error.client", + "apache2.error.level", "apache2.error.module", - "message" + "apache2.error.message" ], "description": "", "hits": 0, @@ -459,20 +459,20 @@ "@timestamp", "desc" ], - "title": "Apache errors log [Filebeat Apache] ECS", - "winlog.version": 1 + "title": "Apache errors log [Filebeat Apache]", + "version": 1 }, - "id": "Apache-errors-log-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "Apache-errors-log", + "type": "search", + "version": 1 }, { "attributes": { "columns": [ - "source.address", - "http.request.method", - "url.original", - "http.response.status_code" + "apache2.access.remote_ip", + "apache2.access.method", + "apache2.access.url", + "apache2.access.response_code" ], "description": "", "hits": 0, @@ -505,12 +505,12 @@ "@timestamp", "desc" ], - "title": "Apache access logs [Filebeat Apache] ECS", - "winlog.version": 1 + "title": "Apache access logs [Filebeat Apache]", + "version": 1 }, - "id": "Apache-access-logs-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "Apache-access-logs", + "type": "search", + "version": 1 }, { "attributes": { @@ -529,7 +529,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -538,67 +538,67 @@ "panelsJSON": [ { "col": 1, - "id": "Apache-access-unique-IPs-map-ecs", + "id": "Apache-access-unique-IPs-map", "panelIndex": 1, "row": 1, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Apache-response-codes-of-top-URLs-ecs", + "id": "Apache-response-codes-of-top-URLs", "panelIndex": 2, "row": 6, "size_x": 8, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "Apache-browsers-ecs", + "id": "Apache-browsers", "panelIndex": 3, "row": 6, "size_x": 4, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 11, - "id": "Apache-operating-systems-ecs", + "id": "Apache-operating-systems", "panelIndex": 4, "row": 4, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Apache-error-logs-over-time-ecs", + "id": "Apache-error-logs-over-time", "panelIndex": 5, "row": 9, "size_x": 12, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Apache-response-codes-over-time-ecs", + "id": "Apache-response-codes-over-time", "panelIndex": 6, "row": 4, "size_x": 10, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "source.address", - "log.level", + "apache2.error.client", + "apache2.error.level", "apache2.error.module", - "message" + "apache2.error.message" ], - "id": "Apache-errors-log-ecs", + "id": "Apache-errors-log", "panelIndex": 7, "row": 11, "size_x": 12, @@ -607,11 +607,11 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "[Filebeat Apache] Access and error logs ECS", + "title": "[Filebeat Apache] Access and error logs", "uiStateJSON": { "P-1": { "mapBounds": { @@ -642,12 +642,12 @@ "mapZoom": 2 } }, - "winlog.version": 1 + "version": 1 }, - "id": "Filebeat-Apache-Dashboard-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "Filebeat-Apache-Dashboard", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json index f468c725ddfb..3f9450803885 100644 --- a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json +++ b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json @@ -15,9 +15,9 @@ } } }, - "title": "Event types breakdown [Filebeat Auditd] ECS", + "title": "Event types breakdown [Filebeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -25,19 +25,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "event.action", + "field": "auditd.log.record_type", "order": "desc", "orderBy": "1", "size": 50 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -47,13 +47,13 @@ "isDonut": true, "legendPosition": "right" }, - "title": "Audit Event Types ECS", - "winlog.api": "pie" + "title": "Audit Event Types", + "type": "pie" } }, - "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -65,12 +65,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "auditd.log.record_winlog.api:EXECVE" + "query": "auditd.log.record_type:EXECVE" } } } }, - "title": "Top Exec Commands [Filebeat Auditd] ECS", + "title": "Top Exec Commands [Filebeat Auditd]", "uiStateJSON": { "vis": { "params": { @@ -81,7 +81,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -89,7 +89,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -102,7 +102,7 @@ "size": 30 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -117,13 +117,13 @@ }, "totalFunc": "sum" }, - "title": "Audit Top Exec Commands ECS", - "winlog.api": "table" + "title": "Audit Top Exec Commands", + "type": "table" } }, - "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -131,22 +131,22 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Event Results [Filebeat Auditd] ECS", + "title": "Event Results [Filebeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { - "expression": ".es(q=\"event.dataset:auditd.log NOT event.outcome:failure\").label(\"Success\"), .es(q=\"event.outcome:failed\").label(\"Failure\").title(\"Audit Event Results\")", + "expression": ".es(q=\"event.dataset:auditd.log NOT auditd.log.res:failure\").label(\"Success\"), .es(q=\"auditd.log.res:failed\").label(\"Failure\").title(\"Audit Event Results\")", "interval": "auto" }, - "title": "Event Results [Filebeat Auditd] ECS", - "winlog.api": "timelion" + "title": "Event Results [Filebeat Auditd]", + "type": "timelion" } }, - "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -163,9 +163,9 @@ } } }, - "title": "Event Address Geo Location [Filebeat Auditd] ECS", + "title": "Event Address Geo Location [Filebeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -173,18 +173,18 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location", + "field": "auditd.log.geoip.location", "precision": 2 }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -211,18 +211,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Audit Event Address Geo Location ECS", - "winlog.api": "tile_map" + "title": "Audit Event Address Geo Location", + "type": "tile_map" } }, - "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -239,9 +239,9 @@ } } }, - "title": "Event Account Tag Cloud [Filebeat Auditd] ECS", + "title": "Event Account Tag Cloud [Filebeat Auditd]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -249,19 +249,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "user.name", + "field": "auditd.log.acct", "order": "desc", "orderBy": "1", "size": 15 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -272,20 +272,20 @@ "orientation": "single", "scale": "linear" }, - "title": "Audit Event Account Tag Cloud ECS", - "winlog.api": "tagcloud" + "title": "Audit Event Account Tag Cloud", + "type": "tagcloud" } }, - "id": "c5411910-0a87-11e7-8b04-eb22a5669f27-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "c5411910-0a87-11e7-8b04-eb22a5669f27", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ - "event.action", + "auditd.log.record_type", "auditd.log.sequence", - "user.name" + "auditd.log.acct" ], "description": "", "hits": 0, @@ -300,19 +300,19 @@ "query": "event.dataset:auditd.log" } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Audit Events [Filebeat Auditd] ECS", - "winlog.version": 1 + "title": "Audit Events [Filebeat Auditd]", + "version": 1 }, - "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27", + "type": "search", + "version": 2 }, { "attributes": { @@ -331,7 +331,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -340,57 +340,57 @@ "panelsJSON": [ { "col": 1, - "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858-ecs", + "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858", "panelIndex": 1, "row": 1, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858-ecs", + "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858", "panelIndex": 2, "row": 1, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7-ecs", + "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7", "panelIndex": 3, "row": 5, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27-ecs", + "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27", "panelIndex": 5, "row": 5, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "c5411910-0a87-11e7-8b04-eb22a5669f27-ecs", + "id": "c5411910-0a87-11e7-8b04-eb22a5669f27", "panelIndex": 6, "row": 1, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "event.action", + "auditd.log.record_type", "auditd.log.sequence", - "user.name" + "auditd.log.acct" ], - "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27-ecs", + "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27", "panelIndex": 7, "row": 8, "size_x": 12, @@ -399,11 +399,11 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "[Filebeat Auditd] Audit Events ECS", + "title": "[Filebeat Auditd] Audit Events", "uiStateJSON": { "P-2": { "vis": { @@ -440,12 +440,12 @@ "mapZoom": 2 } }, - "winlog.version": 1 + "version": 1 }, - "id": "dfbb49f0-0a0f-11e7-8a62-2d05eaaac5cb-ecs", - "winlog.api": "dashboard", - "winlog.version": 4 + "id": "dfbb49f0-0a0f-11e7-8a62-2d05eaaac5cb", + "type": "dashboard", + "version": 4 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json index 37b3fbbad84f..03014c0e8cb8 100644 --- a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json +++ b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json @@ -13,9 +13,9 @@ } } }, - "title": "Backend breakdown [Filebeat HAProxy] ECS", + "title": "Backend breakdown [Filebeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -39,7 +39,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -53,16 +53,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Backend breakdown [Filebeat HAProxy] ECS", - "winlog.api": "pie" + "title": "Backend breakdown [Filebeat HAProxy]", + "type": "pie" } }, - "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", - "winlog.api": "visualization", + "id": "55251360-aa32-11e8-9c06-877f0445e3e0", + "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -77,9 +77,9 @@ } } }, - "title": "Frontend breakdown [Filebeat HAProxy] ECS", + "title": "Frontend breakdown [Filebeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -87,7 +87,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -103,7 +103,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -117,16 +117,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Frontend breakdown [Filebeat HAProxy] ECS", - "winlog.api": "pie" + "title": "Frontend breakdown [Filebeat HAProxy]", + "type": "pie" } }, - "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", - "winlog.api": "visualization", + "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0", + "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -141,37 +141,37 @@ } } }, - "title": "IP Geohashes [Filebeat HAProxy] ECS", + "title": "IP Geohashes [Filebeat HAProxy]", "uiStateJSON": { "mapCenter": [ 14.944784875088372, 5.09765625 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "source.address" + "field": "haproxy.client.ip" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location", + "field": "haproxy.geoip.location", "isFilteredByCollar": true, "precision": 2, "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -197,19 +197,19 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "IP Geohashes [Filebeat HAProxy] ECS", - "winlog.api": "tile_map" + "title": "IP Geohashes [Filebeat HAProxy]", + "type": "tile_map" } }, - "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", - "winlog.api": "visualization", + "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0", + "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -224,7 +224,7 @@ } } }, - "title": "Response codes over time [Filebeat HAProxy] ECS", + "title": "Response codes over time [Filebeat HAProxy]", "uiStateJSON": { "vis": { "colors": { @@ -236,7 +236,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -244,7 +244,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -257,13 +257,13 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "haproxy.http.response.status_code", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -273,7 +273,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -289,12 +289,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -314,12 +314,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -333,25 +333,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Response codes over time [Filebeat HAProxy] ECS", - "winlog.api": "histogram" + "title": "Response codes over time [Filebeat HAProxy]", + "type": "histogram" } }, - "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", - "winlog.api": "visualization", + "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0", + "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -381,10 +381,10 @@ "x": 0, "y": 0 }, - "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", + "id": "55251360-aa32-11e8-9c06-877f0445e3e0", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" }, { "embeddableConfig": {}, @@ -395,10 +395,10 @@ "x": 24, "y": 0 }, - "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", + "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" }, { "embeddableConfig": {}, @@ -409,10 +409,10 @@ "x": 0, "y": 15 }, - "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", + "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" }, { "embeddableConfig": {}, @@ -423,21 +423,21 @@ "x": 24, "y": 15 }, - "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", + "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" } ], "timeRestore": false, - "title": "[Filebeat HAProxy] Overview ECS", - "winlog.version": 1 + "title": "[Filebeat HAProxy] Overview", + "version": 1 }, - "id": "3560d580-aa34-11e8-9c06-877f0445e3e0-ecs", - "winlog.api": "dashboard", + "id": "3560d580-aa34-11e8-9c06-877f0445e3e0", + "type": "dashboard", "updated_at": "2018-12-06T11:40:40.204Z", - "winlog.version": 6 + "version": 6 } ], - "winlog.version": "6.5.2" + "version": "6.5.2" } diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json index 58b3bcc32ac2..edfb29ec3e4d 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json @@ -8,10 +8,10 @@ "filter": [] } }, - "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", - "title": "Debuglog Facility [Filebeat Icinga] ECS", + "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", + "title": "Debuglog Facility [Filebeat Icinga]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -59,13 +59,13 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Debuglog Facility ECS", - "winlog.api": "histogram" + "title": "Icinga Debuglog Facility", + "type": "histogram" } }, - "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -75,8 +75,8 @@ "filter": [] } }, - "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", - "title": "Debuglog Severity [Filebeat Icinga] ECS", + "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", + "title": "Debuglog Severity [Filebeat Icinga]", "uiStateJSON": { "vis": { "colors": { @@ -87,7 +87,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -95,7 +95,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -108,19 +108,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "log.level", + "field": "icinga.debug.severity", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -135,20 +135,20 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Debuglog Severity ECS", - "winlog.api": "histogram" + "title": "Icinga Debuglog Severity", + "type": "histogram" } }, - "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ "icinga.debug.facility", - "log.level", - "message" + "icinga.debug.severity", + "icinga.debug.message" ], "description": "", "hits": 0, @@ -163,20 +163,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "icinga", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "icinga" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "icinga", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -193,16 +193,16 @@ "negate": false, "params": { "query": "debug", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "debug" }, "query": { "match": { "fileset.name": { "query": "debug", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -214,19 +214,19 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Debug Log [Filebeat Icinga] ECS", - "winlog.version": 1 + "title": "Debug Log [Filebeat Icinga]", + "version": 1 }, - "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", + "type": "search", + "version": 2 }, { "attributes": { @@ -245,7 +245,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -254,30 +254,30 @@ "panelsJSON": [ { "col": 1, - "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff-ecs", + "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff-ecs", + "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ "icinga.debug.facility", - "log.level", - "message" + "icinga.debug.severity", + "icinga.debug.message" ], - "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", + "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", "panelIndex": 3, "row": 4, "size_x": 12, @@ -286,18 +286,18 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "[Filebeat Icinga] Debug Log ECS", + "title": "[Filebeat Icinga] Debug Log", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "26309570-2419-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "26309570-2419-11e7-a83b-d5f4cebac9ff", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json index 3bd6214ccca5..4587a45f4e51 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", - "title": "Mainlog Severity [Filebeat Icinga] ECS", + "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", + "title": "Mainlog Severity [Filebeat Icinga]", "uiStateJSON": { "vis": { "colors": { @@ -18,7 +18,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -26,7 +26,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -39,19 +39,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "log.level", + "field": "icinga.main.severity", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -66,20 +66,20 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Mainlog Severity ECS", - "winlog.api": "histogram" + "title": "Icinga Mainlog Severity", + "type": "histogram" } }, - "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ "icinga.main.facility", - "log.level", - "message" + "icinga.main.severity", + "icinga.main.message" ], "description": "", "hits": 0, @@ -94,20 +94,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "icinga", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "icinga" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "icinga", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -124,16 +124,16 @@ "negate": false, "params": { "query": "main", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "main" }, "query": { "match": { "fileset.name": { "query": "main", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -145,19 +145,19 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Main Log [Filebeat Icinga] ECS", - "winlog.version": 1 + "title": "Main Log [Filebeat Icinga]", + "version": 1 }, - "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", + "type": "search", + "version": 2 }, { "attributes": { @@ -167,10 +167,10 @@ "filter": [] } }, - "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", - "title": "Mainlog Facility [Filebeat Icinga] ECS", + "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", + "title": "Mainlog Facility [Filebeat Icinga]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -178,7 +178,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -191,7 +191,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -203,7 +203,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -218,13 +218,13 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Mainlog Facility ECS", - "winlog.api": "histogram" + "title": "Icinga Mainlog Facility", + "type": "histogram" } }, - "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -243,7 +243,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -252,21 +252,21 @@ "panelsJSON": [ { "col": 7, - "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff-ecs", + "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ "icinga.main.facility", - "log.level", - "message" + "icinga.main.severity", + "icinga.main.message" ], - "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", + "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", "panelIndex": 2, "row": 4, "size_x": 12, @@ -275,27 +275,27 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, - "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff-ecs", + "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff", "panelIndex": 3, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Icinga] Main Log ECS", + "title": "[Filebeat Icinga] Main Log", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "f693d260-2417-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "dashboard", - "winlog.version": 4 + "id": "f693d260-2417-11e7-a83b-d5f4cebac9ff", + "type": "dashboard", + "version": 4 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json index d6d71e561b94..055946e7775e 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", - "title": "Startup Errors [Filebeat Icinga] ECS", + "savedSearchId": "710043e0-2417-11e7-a83b-d5f4cebac9ff", + "title": "Startup Errors [Filebeat Icinga]", "uiStateJSON": { "vis": { "colors": { @@ -17,7 +17,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -25,7 +25,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "listeners": {}, @@ -53,20 +53,20 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Startup Errors ECS", - "winlog.api": "histogram" + "title": "Icinga Startup Errors", + "type": "histogram" } }, - "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ "icinga.startup.facility", - "log.level", - "message" + "icinga.startup.severity", + "icinga.startup.message" ], "description": "", "hits": 0, @@ -80,23 +80,23 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "log.level:critical" + "query": "icinga.startup.severity:critical" } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Startup Errors [Filebeat Icinga] ECS", - "winlog.version": 1 + "title": "Startup Errors [Filebeat Icinga]", + "version": 1 }, - "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff", + "type": "search", + "version": 2 }, { "attributes": { @@ -115,7 +115,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -124,21 +124,21 @@ "panelsJSON": [ { "col": 1, - "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff-ecs", + "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff", "panelIndex": 1, "row": 1, "size_x": 12, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ "icinga.startup.facility", - "log.level", - "message" + "icinga.startup.severity", + "icinga.startup.message" ], - "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", + "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff", "panelIndex": 2, "row": 3, "size_x": 12, @@ -147,18 +147,18 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "[Filebeat Icinga] Startup Errors ECS", + "title": "[Filebeat Icinga] Startup Errors", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "b9163ea0-2417-11e7-a83b-d5f4cebac9ff-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "b9163ea0-2417-11e7-a83b-d5f4cebac9ff", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json index 82089715bb3e..8dc20c5c266f 100644 --- a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json +++ b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json @@ -13,9 +13,9 @@ } } }, - "title": "Access map [Filebeat IIS] ECS", + "title": "Access map [Filebeat IIS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,20 +23,20 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location", + "field": "iis.access.geoip.location", "isFilteredByCollar": true, "precision": 2, "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -58,14 +58,14 @@ } } }, - "title": "Access map [Filebeat IIS] ECS", - "winlog.api": "tile_map" + "title": "Access map [Filebeat IIS]", + "type": "tile_map" } }, - "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", - "winlog.api": "visualization", + "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f", + "type": "visualization", "updated_at": "2018-01-20T18:44:17.162Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -80,9 +80,9 @@ } } }, - "title": "Response codes over time [Filebeat IIS] ECS", + "title": "Response codes over time [Filebeat IIS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -90,7 +90,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -103,19 +103,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "iis.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -131,12 +131,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -156,12 +156,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -175,25 +175,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Response codes over time [Filebeat IIS] ECS", - "winlog.api": "histogram" + "title": "Response codes over time [Filebeat IIS]", + "type": "histogram" } }, - "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", - "winlog.api": "visualization", + "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f", + "type": "visualization", "updated_at": "2018-01-20T19:05:58.905Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -208,9 +208,9 @@ } } }, - "title": "Browsers breakdown [Filebeat IIS] ECS", + "title": "Browsers breakdown [Filebeat IIS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -218,19 +218,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.name", + "field": "iis.access.user_agent.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -242,7 +242,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -256,16 +256,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Browsers breakdown [Filebeat IIS] ECS", - "winlog.api": "pie" + "title": "Browsers breakdown [Filebeat IIS]", + "type": "pie" } }, - "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", - "winlog.api": "visualization", + "id": "63129c80-fe12-11e7-a3b0-d13028918f9f", + "type": "visualization", "updated_at": "2018-01-20T18:47:38.312Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -280,9 +280,9 @@ } } }, - "title": "Operating systems breakdown [Filebeat IIS] ECS", + "title": "Operating systems breakdown [Filebeat IIS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -290,19 +290,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.os.name", + "field": "iis.access.user_agent.os_name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -314,7 +314,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -328,16 +328,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Operating systems breakdown [Filebeat IIS] ECS", - "winlog.api": "pie" + "title": "Operating systems breakdown [Filebeat IIS]", + "type": "pie" } }, - "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", - "winlog.api": "visualization", + "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f", + "type": "visualization", "updated_at": "2018-01-20T18:51:54.619Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -352,9 +352,9 @@ } } }, - "title": "Error logs over time [Filebeat IIS] ECS", + "title": "Error logs over time [Filebeat IIS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -362,7 +362,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -375,19 +375,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "iis.error.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -403,12 +403,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -428,12 +428,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -447,25 +447,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Error logs over time [Filebeat IIS] ECS", - "winlog.api": "histogram" + "title": "Error logs over time [Filebeat IIS]", + "type": "histogram" } }, - "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", - "winlog.api": "visualization", + "id": "41f38230-fe17-11e7-a3b0-d13028918f9f", + "type": "visualization", "updated_at": "2018-01-20T19:22:30.227Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -480,9 +480,9 @@ } } }, - "title": "Top URLs by response code [Filebeat IIS] ECS", + "title": "Top URLs by response code [Filebeat IIS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -490,33 +490,33 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "customLabel": "URL", - "field": "url.path", + "field": "iis.access.url", "order": "desc", "orderBy": "1", "row": false, "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "iis.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -530,16 +530,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top URLs by response code [Filebeat IIS] ECS", - "winlog.api": "pie" + "title": "Top URLs by response code [Filebeat IIS]", + "type": "pie" } }, - "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", - "winlog.api": "visualization", + "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f", + "type": "visualization", "updated_at": "2018-01-20T19:58:24.005Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -553,7 +553,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -570,10 +570,10 @@ "x": 0, "y": 0 }, - "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", + "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.1.2" + "type": "visualization", + "version": "6.1.2" }, { "gridData": { @@ -583,10 +583,10 @@ "x": 0, "y": 3 }, - "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", + "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.1.2" + "type": "visualization", + "version": "6.1.2" }, { "gridData": { @@ -596,10 +596,10 @@ "x": 0, "y": 9 }, - "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", + "id": "63129c80-fe12-11e7-a3b0-d13028918f9f", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.1.2" + "type": "visualization", + "version": "6.1.2" }, { "gridData": { @@ -609,10 +609,10 @@ "x": 6, "y": 9 }, - "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", + "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.1.2" + "type": "visualization", + "version": "6.1.2" }, { "gridData": { @@ -622,10 +622,10 @@ "x": 7, "y": 3 }, - "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", + "id": "41f38230-fe17-11e7-a3b0-d13028918f9f", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.1.2" + "type": "visualization", + "version": "6.1.2" }, { "gridData": { @@ -635,22 +635,22 @@ "x": 0, "y": 6 }, - "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", + "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.1.2" + "type": "visualization", + "version": "6.1.2" } ], "timeRestore": false, - "title": "[Filebeat IIS] Access and error logs ECS", + "title": "[Filebeat IIS] Access and error logs", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "4278ad30-fe16-11e7-a3b0-d13028918f9f-ecs", - "winlog.api": "dashboard", + "id": "4278ad30-fe16-11e7-a3b0-d13028918f9f", + "type": "dashboard", "updated_at": "2018-01-20T19:57:50.287Z", - "winlog.version": 4 + "version": 4 } ], - "winlog.version": "6.1.2" + "version": "6.1.2" } diff --git a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json index e2726fd2b628..2e0746ff9140 100644 --- a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json +++ b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json @@ -8,10 +8,10 @@ "filter": [] } }, - "savedSearchId": "Kafka stacktraces-ecs", - "title": "Number of stracktraces by class [Filebeat Kafka] ECS", + "savedSearchId": "Kafka stacktraces", + "title": "Number of stracktraces by class [Filebeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 10 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -60,14 +60,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 minutes" }, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -87,12 +87,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -106,24 +106,24 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Number of Kafka stracktraces by class [Filebeat Kafka] ECS", - "winlog.api": "histogram" + "title": "Number of Kafka stracktraces by class [Filebeat Kafka]", + "type": "histogram" } }, - "id": "number-of-kafka-stracktraces-by-class-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "number-of-kafka-stracktraces-by-class", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -143,26 +143,26 @@ "language": "lucene", "query": "_exists_:kafka.log.trace.class" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Stacktraces [Filebeat Kafka] ECS", - "winlog.version": 1 + "title": "Stacktraces [Filebeat Kafka]", + "version": 1 }, - "id": "Kafka stacktraces-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "Kafka stacktraces", + "type": "search", + "version": 1 }, { "attributes": { "columns": [ - "log.level", + "kafka.log.level", "kafka.log.component", - "message" + "kafka.log.message" ], "description": "", "hits": 0, @@ -177,20 +177,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "kafka", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "kafka" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "kafka", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -207,16 +207,16 @@ "negate": false, "params": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -228,19 +228,19 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "All logs [Filebeat Kafka] ECS", - "winlog.version": 1 + "title": "All logs [Filebeat Kafka]", + "version": 1 }, - "id": "All Kafka logs-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "All Kafka logs", + "type": "search", + "version": 1 }, { "attributes": { @@ -250,10 +250,10 @@ "filter": [] } }, - "savedSearchId": "All Kafka logs-ecs", - "title": "Log levels over time [Filebeat Kafka] ECS", + "savedSearchId": "All Kafka logs", + "title": "Log levels over time [Filebeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -261,7 +261,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -274,20 +274,20 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { "customLabel": "Log Level", - "field": "log.level", + "field": "kafka.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -303,14 +303,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per day" }, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -330,12 +330,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -349,24 +349,24 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Log levels over time [Filebeat Kafka] ECS", - "winlog.api": "histogram" + "title": "Log levels over time [Filebeat Kafka]", + "type": "histogram" } }, - "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -380,7 +380,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -389,12 +389,12 @@ "panelsJSON": [ { "col": 1, - "id": "number-of-kafka-stracktraces-by-class-ecs", + "id": "number-of-kafka-stracktraces-by-class", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, @@ -403,7 +403,7 @@ "kafka.log.trace.class", "kafka.log.trace.full" ], - "id": "Kafka stacktraces-ecs", + "id": "Kafka stacktraces", "panelIndex": 2, "row": 1, "size_x": 6, @@ -412,16 +412,16 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, "columns": [ - "log.level", + "kafka.log.level", "kafka.log.component", - "message" + "kafka.log.message" ], - "id": "All Kafka logs-ecs", + "id": "All Kafka logs", "panelIndex": 3, "row": 6, "size_x": 12, @@ -430,27 +430,27 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, - "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3-ecs", + "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3", "panelIndex": 4, "row": 4, "size_x": 12, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Kafka] Overview ECS", + "title": "[Filebeat Kafka] Overview", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "943caca0-87ee-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "943caca0-87ee-11e7-ad9c-db80de0bf8d3", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json index 940e4bdb7720..a4d815391365 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "title": "Logs Severity [Filebeat Logstash] ECS", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "title": "Logs Severity [Filebeat Logstash]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,19 +23,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "log.level", + "field": "logstash.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -43,15 +43,15 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Logs Severity [Filebeat Logstash] ECS", - "winlog.api": "pie" + "title": "Logs Severity [Filebeat Logstash]", + "type": "pie" } }, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -65,10 +65,10 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "title": "logs over time [Filebeat Logstash] ECS", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "title": "logs over time [Filebeat Logstash]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -76,7 +76,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -89,19 +89,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "log.level", + "field": "logstash.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -117,12 +117,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -142,12 +142,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -161,31 +161,31 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "logs over time [Filebeat Logstash] ECS", - "winlog.api": "histogram" + "title": "logs over time [Filebeat Logstash]", + "type": "histogram" } }, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ - "log.level", + "logstash.log.level", "logstash.log.module", - "message", + "logstash.log.message", "source" ], "description": "", @@ -201,20 +201,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "logstash", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "logstash" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "logstash", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -231,16 +231,16 @@ "negate": false, "params": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -252,19 +252,19 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "logs [Filebeat Logstash] ECS", - "winlog.version": 1 + "title": "logs [Filebeat Logstash]", + "version": 1 }, - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "type": "search", + "version": 1 }, { "attributes": { @@ -278,7 +278,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -287,31 +287,31 @@ "panelsJSON": [ { "col": 7, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", "panelIndex": 3, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "log.level", + "logstash.log.level", "logstash.log.module", - "message", + "logstash.log.message", "source" ], - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", "panelIndex": 4, "row": 4, "size_x": 12, @@ -320,18 +320,18 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "Logstash Logs [Filebeat Logstash] ECS", + "title": "Logstash Logs [Filebeat Logstash]", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "Filebeat-Logstash-Log-Dashboard-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "Filebeat-Logstash-Log-Dashboard", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "6.0.0" + "version": "6.0.0" } \ No newline at end of file diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json index 5e4dbe65ec28..c1caa3422c6e 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json @@ -3,7 +3,7 @@ { "attributes": { "columns": [ - "log.level", + "logstash.slowlog.level", "logstash.slowlog.plugin_type", "logstash.slowlog.plugin_name", "logstash.slowlog.message", @@ -23,20 +23,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "logstash", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "logstash" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "logstash", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -53,16 +53,16 @@ "negate": false, "params": { "query": "slowlog", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "slowlog" }, "query": { "match": { "fileset.name": { "query": "slowlog", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -74,19 +74,19 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ - "log.level", + "logstash.slowlog.level", "asc" ], - "title": "Slow logs [Filebeat Logstash] ECS", - "winlog.version": 1 + "title": "Slow logs [Filebeat Logstash]", + "version": 1 }, - "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", + "type": "search", + "version": 1 }, { "attributes": { @@ -100,10 +100,10 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "title": "Logs Severity [Filebeat Logstash] ECS", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "title": "Logs Severity [Filebeat Logstash]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -111,19 +111,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "log.level", + "field": "logstash.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -131,15 +131,15 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Logs Severity [Filebeat Logstash] ECS", - "winlog.api": "pie" + "title": "Logs Severity [Filebeat Logstash]", + "type": "pie" } }, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -153,10 +153,10 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "title": "logs over time [Filebeat Logstash] ECS", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "title": "logs over time [Filebeat Logstash]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -164,7 +164,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -177,19 +177,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "log.level", + "field": "logstash.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -205,12 +205,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -230,12 +230,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -249,24 +249,24 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "logs over time [Filebeat Logstash] ECS", - "winlog.api": "histogram" + "title": "logs over time [Filebeat Logstash]", + "type": "histogram" } }, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -280,8 +280,8 @@ } } }, - "savedSearchId": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", - "title": "Slowest plugins [Filebeat Logstash] ECS", + "savedSearchId": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", + "title": "Slowest plugins [Filebeat Logstash]", "uiStateJSON": { "vis": { "params": { @@ -292,7 +292,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -303,7 +303,7 @@ "field": "logstash.slowlog.took_in_millis" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -313,7 +313,7 @@ "field": "logstash.slowlog.took_in_millis" }, "schema": "metric", - "winlog.api": "min" + "type": "min" }, { "enabled": true, @@ -326,7 +326,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -336,7 +336,7 @@ "field": "logstash.slowlog.took_in_millis" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -349,7 +349,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -363,20 +363,20 @@ }, "totalFunc": "sum" }, - "title": "Slowest plugins [Filebeat Logstash] ECS", - "winlog.api": "table" + "title": "Slowest plugins [Filebeat Logstash]", + "type": "table" } }, - "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ - "log.level", + "logstash.log.level", "logstash.log.module", - "message", + "logstash.log.message", "source" ], "description": "", @@ -392,20 +392,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "logstash", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "logstash" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "logstash", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -422,16 +422,16 @@ "negate": false, "params": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -443,19 +443,19 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "logs [Filebeat Logstash] ECS", - "winlog.version": 1 + "title": "logs [Filebeat Logstash]", + "version": 1 }, - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "type": "search", + "version": 1 }, { "attributes": { @@ -469,7 +469,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -479,14 +479,14 @@ { "col": 1, "columns": [ - "log.level", + "logstash.slowlog.level", "logstash.slowlog.plugin_type", "logstash.slowlog.plugin_name", "logstash.slowlog.message", "logstash.slowlog.plugin_params", "logstash.slowlog.execution_time_ns" ], - "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", + "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", "panelIndex": 1, "row": 7, "size_x": 12, @@ -495,38 +495,38 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 7, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", "panelIndex": 3, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6-ecs", + "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6", "panelIndex": 4, "row": 4, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "Slowlogs [Filebeat Logstash] ECS", + "title": "Slowlogs [Filebeat Logstash]", "uiStateJSON": { "P-4": { "vis": { @@ -539,12 +539,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "Filebeat-Logstash-Slowlog-Dashboard-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "Filebeat-Logstash-Slowlog-Dashboard", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "6.0.0" + "version": "6.0.0" } \ No newline at end of file diff --git a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json index 6e82758edd46..418d8576d5d1 100644 --- a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json +++ b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", - "title": "Logs Severity [Filebeat MongoDB] ECS", + "savedSearchId": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", + "title": "Logs Severity [Filebeat MongoDB]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,20 +23,20 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "customLabel": "Log severity", - "field": "log.level", + "field": "mongodb.log.severity", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -44,24 +44,24 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Logs Severity [Filebeat MongoDB] ECS", - "winlog.api": "pie" + "title": "Logs Severity [Filebeat MongoDB]", + "type": "pie" } }, - "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94", + "type": "visualization", + "version": 3 }, { "attributes": { "columns": [ "mongodb.log.timestamp", - "log.level", + "mongodb.log.severity", "mongodb.log.component", "mongodb.log.context", - "message" + "mongodb.log.message" ], "description": "", "hits": 0, @@ -72,30 +72,30 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "log.level: F or log.level: W" + "query": "mongodb.log.severity: F or mongodb.log.severity: W" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Error logs [Filebeat MongoDB] ECS", - "winlog.version": 1 + "title": "Error logs [Filebeat MongoDB]", + "version": 1 }, - "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94-ecs", - "winlog.api": "search", - "winlog.version": 3 + "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94", + "type": "search", + "version": 3 }, { "attributes": { "columns": [ "mongodb.log.timestamp", - "log.level", + "mongodb.log.severity", "mongodb.log.component", "mongodb.log.context", - "message" + "mongodb.log.message" ], "description": "", "hits": 0, @@ -106,21 +106,21 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "log.level: *" + "query": "mongodb.log.severity: *" }, - "winlog.version": true + "version": true } }, "sort": [ "mongodb.log.timestamp", "asc" ], - "title": "All logs [Filebeat MongoDB] ECS", - "winlog.version": 1 + "title": "All logs [Filebeat MongoDB]", + "version": 1 }, - "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", + "type": "search", + "version": 2 }, { "attributes": { @@ -134,7 +134,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -143,23 +143,23 @@ "panelsJSON": [ { "col": 1, - "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94-ecs", + "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94", "panelIndex": 1, "row": 1, "size_x": 4, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, "columns": [ "mongodb.log.timestamp", - "log.level", + "mongodb.log.severity", "mongodb.log.component", "mongodb.log.context", - "message" + "mongodb.log.message" ], - "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94-ecs", + "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94", "panelIndex": 2, "row": 1, "size_x": 8, @@ -168,18 +168,18 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, "columns": [ "mongodb.log.timestamp", - "log.level", + "mongodb.log.severity", "mongodb.log.component", "mongodb.log.context", - "message" + "mongodb.log.message" ], - "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", + "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", "panelIndex": 3, "row": 4, "size_x": 12, @@ -188,18 +188,18 @@ "mongodb.log.timestamp", "asc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "Overview [Filebeat MongoDB] ECS", + "title": "Overview [Filebeat MongoDB]", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "abcf35b0-0a82-11e8-bffe-ff7d4f68cf94-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "abcf35b0-0a82-11e8-bffe-ff7d4f68cf94", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0" + "version": "6.0.0" } \ No newline at end of file diff --git a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json index 032d6974eccb..fe4ce23a6045 100644 --- a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json +++ b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", - "title": "Top slowest queries [Filebeat MySQL] ECS", + "savedSearchId": "Filebeat-MySQL-Slow-log", + "title": "Top slowest queries [Filebeat MySQL]", "uiStateJSON": { "vis": { "params": { @@ -20,7 +20,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -31,7 +31,7 @@ "field": "mysql.slowlog.query_time.sec" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -44,20 +44,20 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": { "customLabel": "User", - "field": "user.name", + "field": "mysql.slowlog.user", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -71,13 +71,13 @@ }, "totalFunc": "sum" }, - "title": "Top slowest queries [Filebeat MySQL] ECS", - "winlog.api": "table" + "title": "Top slowest queries [Filebeat MySQL]", + "type": "table" } }, - "id": "MySQL-slowest-queries-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "MySQL-slowest-queries", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -87,8 +87,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", - "title": "Slow queries over time [Filebeat MySQL] ECS", + "savedSearchId": "Filebeat-MySQL-Slow-log", + "title": "Slow queries over time [Filebeat MySQL]", "uiStateJSON": { "vis": { "colors": { @@ -96,7 +96,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -106,7 +106,7 @@ "customLabel": "Slow queries" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -119,7 +119,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -135,14 +135,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -165,14 +165,14 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -186,25 +186,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Slow queries" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Slow queries over time [Filebeat MySQL] ECS", - "winlog.api": "histogram" + "title": "Slow queries over time [Filebeat MySQL]", + "type": "histogram" } }, - "id": "MySQL-Slow-queries-over-time-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "MySQL-Slow-queries-over-time", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -214,8 +214,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-error-log-ecs", - "title": "Error logs over time [Filebeat MySQL] ECS", + "savedSearchId": "Filebeat-MySQL-error-log", + "title": "Error logs over time [Filebeat MySQL]", "uiStateJSON": { "vis": { "colors": { @@ -224,7 +224,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -234,7 +234,7 @@ "customLabel": "Error logs" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -247,7 +247,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -263,14 +263,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -293,14 +293,14 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -314,31 +314,31 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Error logs" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Error logs over time [Filebeat MySQL] ECS", - "winlog.api": "histogram" + "title": "Error logs over time [Filebeat MySQL]", + "type": "histogram" } }, - "id": "MySQL-error-logs-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "MySQL-error-logs", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ - "log.level", - "message" + "mysql.error.level", + "mysql.error.message" ], "description": "", "hits": 0, @@ -353,20 +353,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "mysql" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -383,16 +383,16 @@ "negate": false, "params": { "query": "error", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "error" }, "query": { "match": { "fileset.name": { "query": "error", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -417,19 +417,19 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Error logs [Filebeat MySQL] ECS", - "winlog.version": 1 + "title": "Error logs [Filebeat MySQL]", + "version": 1 }, - "id": "Filebeat-MySQL-error-log-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "Filebeat-MySQL-error-log", + "type": "search", + "version": 1 }, { "attributes": { @@ -439,8 +439,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-error-log-ecs", - "title": "Error logs levels breakdown [Filebeat MySQL] ECS", + "savedSearchId": "Filebeat-MySQL-error-log", + "title": "Error logs levels breakdown [Filebeat MySQL]", "uiStateJSON": { "vis": { "colors": { @@ -450,7 +450,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -458,19 +458,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "log.level", + "field": "mysql.error.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -479,15 +479,15 @@ "isDonut": false, "legendPosition": "bottom", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "Error logs levels breakdown [Filebeat MySQL] ECS", - "winlog.api": "pie" + "title": "Error logs levels breakdown [Filebeat MySQL]", + "type": "pie" } }, - "id": "MySQL-Error-logs-levels-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "MySQL-Error-logs-levels", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -497,10 +497,10 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", - "title": "Slow logs breakdown [Filebeat MySQL] ECS", + "savedSearchId": "Filebeat-MySQL-Slow-log", + "title": "Slow logs breakdown [Filebeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -508,7 +508,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -520,7 +520,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -529,15 +529,15 @@ "isDonut": false, "legendPosition": "bottom", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "Slow logs breakdown [Filebeat MySQL] ECS", - "winlog.api": "pie" + "title": "Slow logs breakdown [Filebeat MySQL]", + "type": "pie" } }, - "id": "MySQL-Slow-logs-by-count-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "MySQL-Slow-logs-by-count", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -557,20 +557,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "mysql" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -587,16 +587,16 @@ "negate": false, "params": { "query": "slowlog", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "slowlog" }, "query": { "match": { "fileset.name": { "query": "slowlog", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -621,19 +621,19 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Slow logs [Filebeat MySQL] ECS", - "winlog.version": 1 + "title": "Slow logs [Filebeat MySQL]", + "version": 1 }, - "id": "Filebeat-MySQL-Slow-log-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "Filebeat-MySQL-Slow-log", + "type": "search", + "version": 1 }, { "attributes": { @@ -652,7 +652,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -661,38 +661,38 @@ "panelsJSON": [ { "col": 1, - "id": "MySQL-slowest-queries-ecs", + "id": "MySQL-slowest-queries", "panelIndex": 1, "row": 8, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "MySQL-Slow-queries-over-time-ecs", + "id": "MySQL-Slow-queries-over-time", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "MySQL-error-logs-ecs", + "id": "MySQL-error-logs", "panelIndex": 3, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, "columns": [ - "log.level", - "message" + "mysql.error.level", + "mysql.error.message" ], - "id": "Filebeat-MySQL-error-log-ecs", + "id": "Filebeat-MySQL-error-log", "panelIndex": 4, "row": 8, "size_x": 6, @@ -701,29 +701,29 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 7, - "id": "MySQL-Error-logs-levels-ecs", + "id": "MySQL-Error-logs-levels", "panelIndex": 5, "row": 4, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "MySQL-Slow-logs-by-count-ecs", + "id": "MySQL-Slow-logs-by-count", "panelIndex": 6, "row": 4, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat MySQL] Overview ECS", + "title": "[Filebeat MySQL] Overview", "uiStateJSON": { "P-1": { "vis": { @@ -736,12 +736,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "Filebeat-MySQL-Dashboard-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "Filebeat-MySQL-Dashboard", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json index c597c20519e2..5d6566a86f69 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json @@ -3,8 +3,8 @@ { "attributes": { "columns": [ - "log.level", - "message" + "nginx.error.level", + "nginx.error.message" ], "description": "", "hits": 0, @@ -30,27 +30,27 @@ "language": "lucene", "query": "event.module:nginx AND _exists_:message" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Nginx error logs [Filebeat Nginx] ECS", - "winlog.version": 1 + "title": "Nginx error logs [Filebeat Nginx]", + "version": 1 }, - "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519", + "type": "search", + "version": 1 }, { "attributes": { "columns": [ - "url.original", - "http.request.method", - "http.response.status_code", - "http.response.body.bytes" + "nginx.access.url", + "nginx.access.method", + "nginx.access.response_code", + "nginx.access.body_sent.bytes" ], "description": "", "hits": 0, @@ -76,19 +76,19 @@ "language": "lucene", "query": "event.module:nginx AND _exists_:url.original" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Nginx access logs [Filebeat Nginx] ECS", - "winlog.version": 1 + "title": "Nginx access logs [Filebeat Nginx]", + "version": 1 }, - "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "search", - "winlog.version": 4 + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519", + "type": "search", + "version": 4 }, { "attributes": { @@ -96,9 +96,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Access logs over time [Filebeat Nginx] ECS", + "title": "Access logs over time [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -120,7 +120,7 @@ "id": "3189aa80-a1f3-11e7-a062-a1c3587f4874" } ], - "filter": "event.module:nginx AND fileset.name:access", + "filter": "fileset.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -138,7 +138,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, @@ -151,22 +151,22 @@ ], "split_mode": "everything", "stacked": "none", - "terms_field": "url.original", + "terms_field": "nginx.access.url", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Access logs over time [Filebeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Access logs over time [Filebeat Nginx]", + "type": "metrics" } }, - "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -174,22 +174,22 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat Nginx] ECS", + "title": "Dashboards [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" + "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519)" }, - "title": "Dashboards [Filebeat Nginx] ECS", - "winlog.api": "markdown" + "title": "Dashboards [Filebeat Nginx]", + "type": "markdown" } }, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -208,7 +208,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -218,10 +218,10 @@ { "col": 1, "columns": [ - "log.level", - "message" + "nginx.error.level", + "nginx.error.message" ], - "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519", "panelIndex": 11, "row": 5, "size_x": 12, @@ -230,17 +230,17 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, "columns": [ - "url.original", - "http.request.method", - "http.response.status_code", - "http.response.body.bytes" + "nginx.access.url", + "nginx.access.method", + "nginx.access.response_code", + "nginx.access.body_sent.bytes" ], - "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519", "panelIndex": 16, "row": 8, "size_x": 12, @@ -249,36 +249,36 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, - "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519", "panelIndex": 18, "row": 2, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", "panelIndex": 19, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Nginx] Access and error logs ECS", + "title": "[Filebeat Nginx] Access and error logs", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0-beta2" + "version": "6.0.0-beta2" } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json index 8b7148ad99c9..e955762c6cea 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json @@ -15,9 +15,9 @@ } } }, - "title": "Browsers breakdown [Filebeat Nginx] ECS", + "title": "Browsers breakdown [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -25,19 +25,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.name", + "field": "nginx.access.user_agent.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -49,7 +49,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -60,13 +60,13 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Nginx Access Browsers ECS", - "winlog.api": "pie" + "title": "Nginx Access Browsers", + "type": "pie" } }, - "id": "Nginx-Access-Browsers-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Nginx-Access-Browsers", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -83,9 +83,9 @@ } } }, - "title": "Operating systems breakdown [Filebeat Nginx] ECS", + "title": "Operating systems breakdown [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -93,19 +93,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.os.name", + "field": "nginx.access.user_agent.os_name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -117,7 +117,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -128,13 +128,13 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Nginx Access OSes ECS", - "winlog.api": "pie" + "title": "Nginx Access OSes", + "type": "pie" } }, - "id": "Nginx-Access-OSes-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Nginx-Access-OSes", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -144,15 +144,15 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Nginx-module-ecs", - "title": "Access Map [Filebeat Nginx] ECS", + "savedSearchId": "Filebeat-Nginx-module", + "title": "Access Map [Filebeat Nginx]", "uiStateJSON": { "mapCenter": [ 12.039320557540572, -0.17578125 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -160,17 +160,17 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location" + "field": "nginx.access.geoip.location" }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -197,18 +197,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Nginx Access Map ECS", - "winlog.api": "tile_map" + "title": "Nginx Access Map", + "type": "tile_map" } }, - "id": "Nginx-Access-Map-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Nginx-Access-Map", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -216,15 +216,15 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Response codes over time [Filebeat Nginx] ECS", + "title": "Response codes over time [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "event.module:nginx AND fileset.name:access", + "filter": "fileset.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -242,7 +242,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, @@ -250,47 +250,47 @@ "split_filters": [ { "color": "#68BC00", - "filter": "http.response.status_code:[200 TO 299]", + "filter": "nginx.access.response_code:[200 TO 299]", "id": "5acdc750-a29d-11e7-a062-a1c3587f4874", "label": "200s" }, { "color": "rgba(252,196,0,1)", - "filter": "http.response.status_code:[300 TO 399]", + "filter": "nginx.access.response_code:[300 TO 399]", "id": "6efd2ae0-a29d-11e7-a062-a1c3587f4874", "label": "300s" }, { "color": "rgba(211,49,21,1)", - "filter": "http.response.status_code:[400 TO 499]", + "filter": "nginx.access.response_code:[400 TO 499]", "id": "76089a90-a29d-11e7-a062-a1c3587f4874", "label": "400s" }, { "color": "rgba(171,20,158,1)", - "filter": "http.response.status_code:[500 TO 599]", + "filter": "nginx.access.response_code:[500 TO 599]", "id": "7c7929d0-a29d-11e7-a062-a1c3587f4874", "label": "500s" } ], "split_mode": "filters", "stacked": "stacked", - "terms_field": "http.response.status_code", + "terms_field": "nginx.access.response_code", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Response codes over time [Filebeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Response codes over time [Filebeat Nginx]", + "type": "metrics" } }, - "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "visualization", - "winlog.version": 7 + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519", + "type": "visualization", + "version": 7 }, { "attributes": { @@ -298,9 +298,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Top pages [Filebeat Nginx] ECS", + "title": "Top pages [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -311,7 +311,7 @@ "id": "6252c320-a1f5-11e7-92ba-5d0b8663aece" } ], - "filter": "event.module:nginx AND fileset.name:access", + "filter": "fileset.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -327,14 +327,14 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "url.original", + "terms_field": "nginx.access.url", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417", "value_template": "" } @@ -342,15 +342,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Top pages [Filebeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Top pages [Filebeat Nginx]", + "type": "metrics" } }, - "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -358,15 +358,15 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Errors over time [Filebeat Nginx] ECS", + "title": "Errors over time [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "event.module:nginx AND fileset.name:error", + "filter": "fileset.module:nginx AND fileset.name:error", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -383,29 +383,29 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "log.level", + "terms_field": "nginx.error.level", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Errors over time [Filebeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Errors over time [Filebeat Nginx]", + "type": "metrics" } }, - "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "visualization", - "winlog.version": 5 + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519", + "type": "visualization", + "version": 5 }, { "attributes": { @@ -413,15 +413,15 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Data Volume [Filebeat Nginx] ECS", + "title": "Data Volume [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "event.module: nginx AND fileset.name: access", + "filter": "fileset.module: nginx AND fileset.name: access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -438,9 +438,9 @@ "line_width": 1, "metrics": [ { - "field": "http.response.body.bytes", + "field": "nginx.access.body_sent.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" } ], "point_size": 1, @@ -448,7 +448,7 @@ "split_filters": [ { "color": "#68BC00", - "filter": "http.response.status_code:[200 TO 299]", + "filter": "nginx.access.response_code:[200 TO 299]", "id": "7c343c20-a29e-11e7-a062-a1c3587f4874", "label": "200s" } @@ -461,15 +461,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Data Volume [Filebeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Data Volume [Filebeat Nginx]", + "type": "metrics" } }, - "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -477,31 +477,31 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat Nginx] ECS", + "title": "Dashboards [Filebeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" + "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519)" }, - "title": "Dashboards [Filebeat Nginx] ECS", - "winlog.api": "markdown" + "title": "Dashboards [Filebeat Nginx]", + "type": "markdown" } }, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ - "url.original", - "http.request.method", - "http.response.status_code", - "http.request.referrer", - "http.response.body.bytes" + "nginx.access.url", + "nginx.access.method", + "nginx.access.response_code", + "nginx.access.referrer", + "nginx.access.body_sent.bytes" ], "description": "", "hits": 0, @@ -532,19 +532,19 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Nginx logs [Filebeat Nginx] ECS", - "winlog.version": 1 + "title": "Nginx logs [Filebeat Nginx]", + "version": 1 }, - "id": "Filebeat-Nginx-module-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "Filebeat-Nginx-module", + "type": "search", + "version": 2 }, { "attributes": { @@ -563,7 +563,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -572,79 +572,79 @@ "panelsJSON": [ { "col": 10, - "id": "Nginx-Access-Browsers-ecs", + "id": "Nginx-Access-Browsers", "panelIndex": 3, "row": 12, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "Nginx-Access-OSes-ecs", + "id": "Nginx-Access-OSes", "panelIndex": 4, "row": 12, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Nginx-Access-Map-ecs", + "id": "Nginx-Access-Map", "panelIndex": 8, "row": 2, "size_x": 12, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519", "panelIndex": 13, "row": 6, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519", "panelIndex": 14, "row": 9, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519", "panelIndex": 15, "row": 9, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519", "panelIndex": 16, "row": 12, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", "panelIndex": 17, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Nginx] Overview ECS", + "title": "[Filebeat Nginx] Overview", "uiStateJSON": { "P-4": { "vis": { @@ -680,12 +680,12 @@ "mapZoom": 2 } }, - "winlog.version": 1 + "version": 1 }, - "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs", - "winlog.api": "dashboard", - "winlog.version": 6 + "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519", + "type": "dashboard", + "version": 6 } ], - "winlog.version": "6.0.0-beta2" + "version": "6.0.0-beta2" } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json index 03736e012fae..0403ead98a50 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json @@ -6,14 +6,14 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Remote IP Timechart [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Remote IP Timechart [Filebeat Nginx] [ML]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -21,7 +21,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -34,7 +34,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -46,7 +46,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -63,14 +63,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 5 minutes" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -96,7 +96,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -116,22 +116,22 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "value" + "type": "value" } ] }, - "title": "ML Nginx Access Remote IP Timechart ECS", - "winlog.api": "area" + "title": "ML Nginx Access Remote IP Timechart", + "type": "area" } }, - "id": "ML-Nginx-Access-Remote-IP-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "ML-Nginx-Access-Remote-IP-Timechart", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -141,8 +141,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Response Code Timechart [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Response Code Timechart [Filebeat Nginx] [ML]", "uiStateJSON": { "vis": { "colors": { @@ -151,7 +151,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -159,7 +159,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -172,19 +172,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "nginx.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -201,13 +201,13 @@ "times": [], "yAxis": {} }, - "title": "ML Nginx Access Response Code Timechart ECS", - "winlog.api": "histogram" + "title": "ML Nginx Access Response Code Timechart", + "type": "histogram" } }, - "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Response-Code-Timechart", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -215,8 +215,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Top Remote IPs [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Top Remote IPs [Filebeat Nginx] [ML]", "uiStateJSON": { "vis": { "params": { @@ -227,7 +227,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -235,7 +235,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -247,7 +247,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -262,13 +262,13 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top Remote IPs Table ECS", - "winlog.api": "table" + "title": "ML Nginx Access Top Remote IPs Table", + "type": "table" } }, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -278,15 +278,15 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Access Map [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Access Map [Filebeat Nginx] [ML]", "uiStateJSON": { "mapCenter": [ 12.039320557540572, -0.17578125 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -294,17 +294,17 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location" + "field": "nginx.access.geoip.location" }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -331,18 +331,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Nginx Access Map ECS", - "winlog.api": "tile_map" + "title": "ML Nginx Access Map", + "type": "tile_map" } }, - "id": "ML-Nginx-Access-Map-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Map", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -350,8 +350,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Top URLs [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Top URLs [Filebeat Nginx] [ML]", "uiStateJSON": { "vis": { "params": { @@ -362,7 +362,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -370,19 +370,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "url.original", + "field": "nginx.access.url", "order": "desc", "orderBy": "1", "size": 1000 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -397,13 +397,13 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top URLs Table ECS", - "winlog.api": "table" + "title": "ML Nginx Access Top URLs Table", + "type": "table" } }, - "id": "ML-Nginx-Access-Top-URLs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Top-URLs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -441,12 +441,12 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Nginx] ECS", - "winlog.version": 1 + "title": "ML Access Data [Filebeat Nginx]", + "version": 1 }, - "id": "ML-Filebeat-Nginx-Access-ecs", - "winlog.api": "search", - "winlog.version": 3 + "id": "ML-Filebeat-Nginx-Access", + "type": "search", + "version": 3 }, { "attributes": { @@ -465,7 +465,7 @@ } ], "highlightAll": true, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -474,52 +474,52 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Nginx-Access-Remote-IP-Timechart-ecs", + "id": "ML-Nginx-Access-Remote-IP-Timechart", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", + "id": "ML-Nginx-Access-Response-Code-Timechart", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table", "panelIndex": 3, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Nginx-Access-Map-ecs", + "id": "ML-Nginx-Access-Map", "panelIndex": 4, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Nginx-Access-Top-URLs-Table-ecs", + "id": "ML-Nginx-Access-Top-URLs-Table", "panelIndex": 5, "row": 7, "size_x": 12, "size_y": 9, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Nginx] [ML] Remote IP Count Explorer ECS", + "title": "[Filebeat Nginx] [ML] Remote IP Count Explorer", "uiStateJSON": { "P-3": { "vis": { @@ -542,12 +542,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "ML-Nginx-Access-Remote-IP-Count-Explorer-ecs", - "winlog.api": "dashboard", - "winlog.version": 3 + "id": "ML-Nginx-Access-Remote-IP-Count-Explorer", + "type": "dashboard", + "version": 3 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json index d5d4c128034c..e43ca0b671d0 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json @@ -6,20 +6,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Unique Count URL Timechart [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Unique Count URL Timechart [Filebeat Nginx] [ML]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "url.original" + "field": "nginx.access.url" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "listeners": {}, @@ -49,14 +49,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per day" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -83,7 +83,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -103,24 +103,24 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Unique count of nginx.access.url" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "ML Nginx Access Unique Count URL Timechart ECS", - "winlog.api": "line" + "title": "ML Nginx Access Unique Count URL Timechart", + "type": "line" } }, - "id": "ML-Nginx-Access-Unique-Count-URL-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "ML-Nginx-Access-Unique-Count-URL-Timechart", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -130,8 +130,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Response Code Timechart [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Response Code Timechart [Filebeat Nginx] [ML]", "uiStateJSON": { "vis": { "colors": { @@ -140,7 +140,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -148,7 +148,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -161,19 +161,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "nginx.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -190,13 +190,13 @@ "times": [], "yAxis": {} }, - "title": "ML Nginx Access Response Code Timechart ECS", - "winlog.api": "histogram" + "title": "ML Nginx Access Response Code Timechart", + "type": "histogram" } }, - "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Response-Code-Timechart", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -204,8 +204,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Top Remote IPs [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Top Remote IPs [Filebeat Nginx] [ML]", "uiStateJSON": { "vis": { "params": { @@ -216,7 +216,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -224,7 +224,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -236,7 +236,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -251,13 +251,13 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top Remote IPs Table ECS", - "winlog.api": "table" + "title": "ML Nginx Access Top Remote IPs Table", + "type": "table" } }, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -267,15 +267,15 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Access Map [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Access Map [Filebeat Nginx] [ML]", "uiStateJSON": { "mapCenter": [ 12.039320557540572, -0.17578125 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -283,17 +283,17 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location" + "field": "nginx.access.geoip.location" }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -320,18 +320,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Nginx Access Map ECS", - "winlog.api": "tile_map" + "title": "ML Nginx Access Map", + "type": "tile_map" } }, - "id": "ML-Nginx-Access-Map-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Map", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -339,8 +339,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", - "title": "Top URLs [Filebeat Nginx] [ML] ECS", + "savedSearchId": "ML-Filebeat-Nginx-Access", + "title": "Top URLs [Filebeat Nginx] [ML]", "uiStateJSON": { "vis": { "params": { @@ -351,7 +351,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -359,19 +359,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "url.original", + "field": "nginx.access.url", "order": "desc", "orderBy": "1", "size": 1000 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -386,13 +386,13 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top URLs Table ECS", - "winlog.api": "table" + "title": "ML Nginx Access Top URLs Table", + "type": "table" } }, - "id": "ML-Nginx-Access-Top-URLs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Nginx-Access-Top-URLs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -430,12 +430,12 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Nginx] ECS", - "winlog.version": 1 + "title": "ML Access Data [Filebeat Nginx]", + "version": 1 }, - "id": "ML-Filebeat-Nginx-Access-ecs", - "winlog.api": "search", - "winlog.version": 3 + "id": "ML-Filebeat-Nginx-Access", + "type": "search", + "version": 3 }, { "attributes": { @@ -454,7 +454,7 @@ } ], "highlightAll": true, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -463,52 +463,52 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Nginx-Access-Unique-Count-URL-Timechart-ecs", + "id": "ML-Nginx-Access-Unique-Count-URL-Timechart", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", + "id": "ML-Nginx-Access-Response-Code-Timechart", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table", "panelIndex": 3, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Nginx-Access-Map-ecs", + "id": "ML-Nginx-Access-Map", "panelIndex": 4, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Nginx-Access-Top-URLs-Table-ecs", + "id": "ML-Nginx-Access-Top-URLs-Table", "panelIndex": 5, "row": 7, "size_x": 12, "size_y": 8, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Nginx] [ML] Remote IP URL Explorer ECS", + "title": "[Filebeat Nginx] [ML] Remote IP URL Explorer", "uiStateJSON": { "P-2": { "vis": { @@ -541,12 +541,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "ML-Nginx-Remote-IP-URL-Explorer-ecs", - "winlog.api": "dashboard", - "winlog.version": 4 + "id": "ML-Nginx-Remote-IP-URL-Explorer", + "type": "dashboard", + "version": 4 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json index 17ee690d034a..e9b2f6c92687 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json @@ -24,16 +24,16 @@ "negate": false, "params": { "query": "pack_it-compliance_mounts", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "pack_it-compliance_mounts" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_mounts", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -45,20 +45,20 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Mounts [Osquery results] ECS", - "winlog.version": 1 + "title": "Mounts [Osquery results]", + "version": 1 }, - "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "search", + "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05", + "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -72,10 +72,10 @@ } } }, - "savedSearchId": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", - "title": "Mounts by type [Osquery Result] ECS", + "savedSearchId": "7a9482d0-eb00-11e7-8f04-51231daa5b05", + "title": "Mounts by type [Osquery Result]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -83,7 +83,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -95,7 +95,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -107,7 +107,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -121,16 +121,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Mounts by type [Osquery Result] ECS", - "winlog.api": "pie" + "title": "Mounts by type [Osquery Result]", + "type": "pie" } }, - "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "visualization", + "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05", + "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -156,16 +156,16 @@ "negate": false, "params": { "query": "pack_it-compliance_deb_packages", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "pack_it-compliance_deb_packages" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_deb_packages", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -177,20 +177,20 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "DEB packages installed [Osquery results] ECS", - "winlog.version": 1 + "title": "DEB packages installed [Osquery results]", + "version": 1 }, - "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "search", + "id": "3824b080-eb02-11e7-8f04-51231daa5b05", + "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -204,10 +204,10 @@ } } }, - "savedSearchId": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", - "title": "OS versions [Osquery result] ECS", + "savedSearchId": "b5d6baa0-eb02-11e7-8f04-51231daa5b05", + "title": "OS versions [Osquery result]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -217,7 +217,7 @@ "field": "osquery.result.host_identifier" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -229,7 +229,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -241,7 +241,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -253,7 +253,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -267,16 +267,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "OS versions [Osquery result] ECS", - "winlog.api": "pie" + "title": "OS versions [Osquery result]", + "type": "pie" } }, - "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "visualization", + "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05", + "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -296,16 +296,16 @@ "negate": false, "params": { "query": "Live", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "Live" }, "query": { "match": { "osquery.result.columns.status": { "query": "Live", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -317,8 +317,8 @@ } } }, - "savedSearchId": "f59e21e0-eb03-11e7-8f04-51231daa5b05-ecs", - "title": "Number of Kernel modules [Osquery Result] ECS", + "savedSearchId": "f59e21e0-eb03-11e7-8f04-51231daa5b05", + "title": "Number of Kernel modules [Osquery Result]", "uiStateJSON": { "vis": { "defaultColors": { @@ -326,7 +326,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -337,7 +337,7 @@ "field": "osquery.result.columns.name" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -380,20 +380,20 @@ "subText": "", "width": 0.9 }, - "winlog.api": "meter", + "type": "meter", "verticalSplit": false }, "isDisplayWarning": false, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Number of Kernel modules [Osquery Result] ECS", - "winlog.api": "gauge" + "title": "Number of Kernel modules [Osquery Result]", + "type": "gauge" } }, - "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "visualization", + "id": "240f3630-eb05-11e7-8f04-51231daa5b05", + "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -401,23 +401,23 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Navigation [Osquery Result] ECS", + "title": "Navigation [Osquery Result]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" + "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040)" }, - "title": "Navigation [Osquery Result] ECS", - "winlog.api": "markdown" + "title": "Navigation [Osquery Result]", + "type": "markdown" } }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", - "winlog.api": "visualization", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "type": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -441,16 +441,16 @@ "negate": false, "params": { "query": "pack_it-compliance_os_version", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "pack_it-compliance_os_version" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_os_version", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -462,20 +462,20 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "OS versions [Osquery results] ECS", - "winlog.version": 1 + "title": "OS versions [Osquery results]", + "version": 1 }, - "id": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "search", + "id": "b5d6baa0-eb02-11e7-8f04-51231daa5b05", + "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -501,16 +501,16 @@ "negate": false, "params": { "query": "pack_it-compliance_kernel_modules", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "pack_it-compliance_kernel_modules" }, "query": { "match": { "osquery.result.name": { "query": "pack_it-compliance_kernel_modules", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -522,20 +522,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Kernel modules [Osquery results] ECS", - "winlog.version": 1 + "title": "Kernel modules [Osquery results]", + "version": 1 }, - "id": "f59e21e0-eb03-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "search", + "id": "f59e21e0-eb03-11e7-8f04-51231daa5b05", + "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -549,7 +549,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -566,10 +566,10 @@ "x": 6, "y": 6 }, - "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", + "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05", "panelIndex": "1", - "winlog.api": "search", - "winlog.version": "6.2.4" + "type": "search", + "version": "6.2.4" }, { "gridData": { @@ -579,10 +579,10 @@ "x": 5, "y": 1 }, - "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", + "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -592,10 +592,10 @@ "x": 0, "y": 6 }, - "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", + "id": "3824b080-eb02-11e7-8f04-51231daa5b05", "panelIndex": "3", - "winlog.api": "search", - "winlog.version": "6.2.4" + "type": "search", + "version": "6.2.4" }, { "gridData": { @@ -605,10 +605,10 @@ "x": 0, "y": 1 }, - "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", + "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "embeddableConfig": { @@ -626,10 +626,10 @@ "x": 0, "y": 4 }, - "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", + "id": "240f3630-eb05-11e7-8f04-51231daa5b05", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -639,14 +639,14 @@ "x": 0, "y": 0 }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.1.0-SNAPSHOT" + "type": "visualization", + "version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Osquery Result] Compliance pack ECS", + "title": "[Osquery Result] Compliance pack", "uiStateJSON": { "P-5": { "vis": { @@ -656,13 +656,13 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs", - "winlog.api": "dashboard", + "id": "69f5ae20-eb02-11e7-8f04-51231daa5b05", + "type": "dashboard", "updated_at": "2018-01-08T19:42:15.406Z", - "winlog.version": 2 + "version": 2 } ], - "winlog.version": "6.1.0-SNAPSHOT" + "version": "6.1.0-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json index 0a847afa99a4..38e897645b0a 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json @@ -6,23 +6,23 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Info OSSEC rootkit [Osquery Result] ECS", + "title": "Info OSSEC rootkit [Osquery Result]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, "markdown": "This dashboard shows data collected by the ossec-rootkit pack from osquery." }, - "title": "Info OSSEC rootkit [Osquery Result] ECS", - "winlog.api": "markdown" + "title": "Info OSSEC rootkit [Osquery Result]", + "type": "markdown" } }, - "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", - "winlog.api": "visualization", + "id": "6ec10290-f4aa-11e7-8647-534bb4c21040", + "type": "visualization", "updated_at": "2018-01-08T19:30:49.785Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -36,10 +36,10 @@ } } }, - "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", - "title": "Number of rootkits found [Osquery Result] ECS", + "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040", + "title": "Number of rootkits found [Osquery Result]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -50,7 +50,7 @@ "field": "osquery.result.name" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -79,16 +79,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Number of rootkits found [Osquery Result] ECS", - "winlog.api": "metric" + "title": "Number of rootkits found [Osquery Result]", + "type": "metric" } }, - "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", - "winlog.api": "visualization", + "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040", + "type": "visualization", "updated_at": "2018-01-08T19:40:05.060Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -102,10 +102,10 @@ } } }, - "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", - "title": "Number of hosts infected [Osquery Result] ECS", + "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040", + "title": "Number of hosts infected [Osquery Result]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -113,10 +113,10 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "agent.hostname" + "field": "beat.hostname" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -145,16 +145,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Number of hosts infected [Osquery Result] ECS", - "winlog.api": "metric" + "title": "Number of hosts infected [Osquery Result]", + "type": "metric" } }, - "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", - "winlog.api": "visualization", + "id": "ab587180-f4a9-11e7-8647-534bb4c21040", + "type": "visualization", "updated_at": "2018-01-08T19:39:45.085Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -162,30 +162,30 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Navigation [Osquery Result] ECS", + "title": "Navigation [Osquery Result]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" + "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040)" }, - "title": "Navigation [Osquery Result] ECS", - "winlog.api": "markdown" + "title": "Navigation [Osquery Result]", + "type": "markdown" } }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", - "winlog.api": "visualization", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "type": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { "columns": [ "osquery.result.name", "osquery.result.columns.path", - "agent.hostname" + "beat.hostname" ], "description": "", "hits": 0, @@ -202,7 +202,7 @@ "index": "filebeat-*", "key": "query", "negate": false, - "winlog.api": "custom", + "type": "custom", "value": "{\"prefix\":{\"osquery.result.name\":\"pack_ossec-rootkit\"}}" }, "query": { @@ -219,20 +219,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "osquery", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "osquery" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "osquery", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -249,16 +249,16 @@ "negate": false, "params": { "query": "result", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "result" }, "query": { "match": { "fileset.name": { "query": "result", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -270,20 +270,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "OSSEC Rootkits [Osquery Result] ECS", - "winlog.version": 1 + "title": "OSSEC Rootkits [Osquery Result]", + "version": 1 }, - "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", - "winlog.api": "search", + "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040", + "type": "search", "updated_at": "2018-01-08T19:38:24.483Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -297,7 +297,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -314,10 +314,10 @@ "x": 8, "y": 1 }, - "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", + "id": "6ec10290-f4aa-11e7-8647-534bb4c21040", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.1.0-SNAPSHOT" + "type": "visualization", + "version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -327,10 +327,10 @@ "x": 4, "y": 1 }, - "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", + "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.1.0-SNAPSHOT" + "type": "visualization", + "version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -340,10 +340,10 @@ "x": 0, "y": 1 }, - "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", + "id": "ab587180-f4a9-11e7-8647-534bb4c21040", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.1.0-SNAPSHOT" + "type": "visualization", + "version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -353,10 +353,10 @@ "x": 0, "y": 0 }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.1.0-SNAPSHOT" + "type": "visualization", + "version": "6.1.0-SNAPSHOT" }, { "gridData": { @@ -366,22 +366,22 @@ "x": 0, "y": 3 }, - "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", + "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040", "panelIndex": "5", - "winlog.api": "search", - "winlog.version": "6.1.0-SNAPSHOT" + "type": "search", + "version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Osquery Result] OSSEC rootkit pack ECS", + "title": "[Osquery Result] OSSEC rootkit pack", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs", - "winlog.api": "dashboard", + "id": "c0a7ce90-f4aa-11e7-8647-534bb4c21040", + "type": "dashboard", "updated_at": "2018-01-08T19:40:16.304Z", - "winlog.version": 6 + "version": 6 } ], - "winlog.version": "6.1.0-SNAPSHOT" + "version": "6.1.0-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json index a80a79b070c3..9978b509444f 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "PostgreSQL All Logs-ecs", - "title": "Log Level Count [Filebeat PostgreSQL] ECS", + "savedSearchId": "PostgreSQL All Logs", + "title": "Log Level Count [Filebeat PostgreSQL]", "uiStateJSON": { "vis": { "params": { @@ -20,7 +20,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -28,19 +28,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "log.level", + "field": "postgresql.log.level", "order": "desc", "orderBy": "1", "size": 12 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -54,21 +54,21 @@ }, "totalFunc": "sum" }, - "title": "Log Level Count [Filebeat PostgreSQL] ECS", - "winlog.api": "table" + "title": "Log Level Count [Filebeat PostgreSQL]", + "type": "table" } }, - "id": "PostgreSQL Log Level Count-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "PostgreSQL Log Level Count", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ - "user.name", + "postgresql.log.user", "postgresql.log.database", - "log.level", - "message", + "postgresql.log.level", + "postgresql.log.message", "postgresql.log.query" ], "description": "", @@ -84,20 +84,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "postgresql", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "postgresql" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "postgresql", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -109,19 +109,19 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "All Logs [Filebeat PostgreSQL] ECS", - "winlog.version": 1 + "title": "All Logs [Filebeat PostgreSQL]", + "version": 1 }, - "id": "PostgreSQL All Logs-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "PostgreSQL All Logs", + "type": "search", + "version": 1 }, { "attributes": { @@ -131,10 +131,10 @@ "filter": [] } }, - "savedSearchId": "PostgreSQL All Logs-ecs", - "title": "Logs by level over time [Filebeat PostgreSQL] ECS", + "savedSearchId": "PostgreSQL All Logs", + "title": "Logs by level over time [Filebeat PostgreSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -142,7 +142,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -155,19 +155,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "log.level", + "field": "postgresql.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -183,14 +183,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per month" }, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -210,12 +210,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -229,24 +229,24 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Logs by level over time [Filebeat PostgreSQL] ECS", - "winlog.api": "histogram" + "title": "Logs by level over time [Filebeat PostgreSQL]", + "type": "histogram" } }, - "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -260,7 +260,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -269,23 +269,23 @@ "panelsJSON": [ { "col": 1, - "id": "PostgreSQL Log Level Count-ecs", + "id": "PostgreSQL Log Level Count", "panelIndex": 1, "row": 1, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "user.name", + "postgresql.log.user", "postgresql.log.database", - "log.level", - "message", + "postgresql.log.level", + "postgresql.log.message", "postgresql.log.query" ], - "id": "PostgreSQL All Logs-ecs", + "id": "PostgreSQL All Logs", "panelIndex": 2, "row": 4, "size_x": 12, @@ -294,20 +294,20 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 4, - "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3-ecs", + "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3", "panelIndex": 3, "row": 1, "size_x": 9, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat PostgreSQL] Overview ECS", + "title": "[Filebeat PostgreSQL] Overview", "uiStateJSON": { "P-1": { "vis": { @@ -320,12 +320,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "158be870-87f4-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "158be870-87f4-11e7-ad9c-db80de0bf8d3", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json index 30467847826d..653b071aa650 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json @@ -11,8 +11,8 @@ } } }, - "savedSearchId": "PostgreSQL Query Durations-ecs", - "title": "Query count and cumulated duration [Filebeat PostgreSQL] ECS", + "savedSearchId": "PostgreSQL Query Durations", + "title": "Query count and cumulated duration [Filebeat PostgreSQL]", "uiStateJSON": { "vis": { "colors": { @@ -22,7 +22,7 @@ "legendOpen": true } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -45,7 +45,7 @@ "customLabel": "Number of queries" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -55,7 +55,7 @@ "field": "postgresql.log.duration" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" } ], "params": { @@ -71,14 +71,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 3 hours" }, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -100,7 +100,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" }, { @@ -114,12 +114,12 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -133,29 +133,29 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Query count and cumulated duration [Filebeat PostgreSQL] ECS", - "winlog.api": "histogram" + "title": "Query count and cumulated duration [Filebeat PostgreSQL]", + "type": "histogram" } }, - "id": "PostgreSQL Query Count and Duration-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "PostgreSQL Query Count and Duration", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ - "user.name", + "postgresql.log.user", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" @@ -171,24 +171,24 @@ "language": "lucene", "query": "postgresql.log.duration:>30" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Slow Queries [Filebeat PostgreSQL] ECS", - "winlog.version": 1 + "title": "Slow Queries [Filebeat PostgreSQL]", + "version": 1 }, - "id": "Slow PostgreSQL Queries-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "Slow PostgreSQL Queries", + "type": "search", + "version": 1 }, { "attributes": { "columns": [ - "user.name", + "postgresql.log.user", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" @@ -204,19 +204,19 @@ "language": "lucene", "query": "postgresql.log.duration:*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Query Durations [Filebeat PostgreSQL] ECS", - "winlog.version": 1 + "title": "Query Durations [Filebeat PostgreSQL]", + "version": 1 }, - "id": "PostgreSQL Query Durations-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "PostgreSQL Query Durations", + "type": "search", + "version": 1 }, { "attributes": { @@ -230,7 +230,7 @@ "language": "lucene", "query": "postgresql.log.query:*" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -239,22 +239,22 @@ "panelsJSON": [ { "col": 1, - "id": "PostgreSQL Query Count and Duration-ecs", + "id": "PostgreSQL Query Count and Duration", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, "columns": [ - "user.name", + "postgresql.log.user", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" ], - "id": "Slow PostgreSQL Queries-ecs", + "id": "Slow PostgreSQL Queries", "panelIndex": 2, "row": 1, "size_x": 6, @@ -263,17 +263,17 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, "columns": [ - "user.name", + "postgresql.log.user", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" ], - "id": "PostgreSQL Query Durations-ecs", + "id": "PostgreSQL Query Durations", "panelIndex": 3, "row": 4, "size_x": 12, @@ -282,18 +282,18 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "[Filebeat PostgreSQL] Query Duration Overview ECS", + "title": "[Filebeat PostgreSQL] Query Duration Overview", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "e4c5f230-87f3-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "e4c5f230-87f3-11e7-ad9c-db80de0bf8d3", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } \ No newline at end of file diff --git a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json index 560182ade37e..91c000ad7ec1 100644 --- a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json +++ b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json @@ -17,12 +17,12 @@ } } }, - "winlog.version": true + "version": true } }, - "title": "Log levels and roles breakdown [Filebeat Redis] ECS", + "title": "Log levels and roles breakdown [Filebeat Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -30,7 +30,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -42,20 +42,20 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "2", "params": { "customLabel": "Log level", - "field": "log.level", + "field": "redis.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -63,15 +63,15 @@ "addTooltip": true, "isDonut": false, "legendPosition": "bottom", - "winlog.api": "pie" + "type": "pie" }, - "title": "Log levels and roles breakdown [Filebeat Redis] ECS", - "winlog.api": "pie" + "title": "Log levels and roles breakdown [Filebeat Redis]", + "type": "pie" } }, - "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -90,10 +90,10 @@ } } }, - "winlog.version": true + "version": true } }, - "title": "Logs over time [Filebeat Redis] ECS", + "title": "Logs over time [Filebeat Redis]", "uiStateJSON": { "vis": { "colors": { @@ -102,7 +102,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -110,7 +110,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -123,19 +123,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "log.level", + "field": "redis.log.level", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -151,14 +151,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per month" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -183,14 +183,14 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "showCircles": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -204,32 +204,32 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Logs over time [Filebeat Redis] ECS", - "winlog.api": "histogram" + "title": "Logs over time [Filebeat Redis]", + "type": "histogram" } }, - "id": "d2864600-478f-11e7-be88-2ddb32f3df97-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "d2864600-478f-11e7-be88-2ddb32f3df97", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ - "host.name", - "log.level", + "beat.name", + "redis.log.level", "redis.log.role", - "message" + "redis.log.message" ], "description": "", "hits": 0, @@ -244,20 +244,20 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "event.module", + "key": "fileset.module", "negate": false, "params": { "query": "redis", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "redis" }, "query": { "match": { - "event.module": { + "fileset.module": { "query": "redis", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -274,16 +274,16 @@ "negate": false, "params": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "log" }, "query": { "match": { "fileset.name": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -295,19 +295,19 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Logs [Filebeat Redis] ECS", - "winlog.version": 1 + "title": "Logs [Filebeat Redis]", + "version": 1 }, - "id": "73613570-4791-11e7-be88-2ddb32f3df97-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "73613570-4791-11e7-be88-2ddb32f3df97", + "type": "search", + "version": 2 }, { "attributes": { @@ -317,10 +317,10 @@ "filter": [] } }, - "savedSearchId": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", - "title": "Top slowest commands [Filebeat Redis] ECS", + "savedSearchId": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", + "title": "Top slowest commands [Filebeat Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -331,7 +331,7 @@ "field": "redis.slowlog.duration.us" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -344,7 +344,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -362,14 +362,14 @@ }, "position": "left", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Duration (microseconds)" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -394,14 +394,14 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "showCircles": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -415,29 +415,29 @@ "position": "bottom", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Command" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Top slowest commands [Filebeat Redis] ECS", - "winlog.api": "histogram" + "title": "Top slowest commands [Filebeat Redis]", + "type": "histogram" } }, - "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ - "host.name", + "beat.name", "message", "redis.slowlog.duration.us", "redis.slowlog.key" @@ -458,19 +458,19 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Slow logs [Filebeat Redis] ECS", - "winlog.version": 1 + "title": "Slow logs [Filebeat Redis]", + "version": 1 }, - "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", + "type": "search", + "version": 2 }, { "attributes": { @@ -489,7 +489,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -498,31 +498,31 @@ "panelsJSON": [ { "col": 1, - "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b-ecs", + "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b", "panelIndex": 2, "row": 5, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 4, - "id": "d2864600-478f-11e7-be88-2ddb32f3df97-ecs", + "id": "d2864600-478f-11e7-be88-2ddb32f3df97", "panelIndex": 3, "row": 5, "size_x": 9, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "host.name", - "log.level", + "beat.name", + "redis.log.level", "redis.log.role", - "message" + "redis.log.message" ], - "id": "73613570-4791-11e7-be88-2ddb32f3df97-ecs", + "id": "73613570-4791-11e7-be88-2ddb32f3df97", "panelIndex": 4, "row": 8, "size_x": 12, @@ -531,26 +531,26 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 7, - "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97-ecs", + "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97", "panelIndex": 5, "row": 1, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "host.name", + "beat.name", "message", "redis.slowlog.duration.us", "redis.slowlog.key" ], - "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", + "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", "panelIndex": 6, "row": 1, "size_x": 6, @@ -559,11 +559,11 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "[Filebeat Redis] Overview ECS", + "title": "[Filebeat Redis] Overview", "uiStateJSON": { "P-5": { "vis": { @@ -571,12 +571,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "7fea2930-478e-11e7-b1f0-cb29bac6bf8b-ecs", - "winlog.api": "dashboard", - "winlog.version": 4 + "id": "7fea2930-478e-11e7-b1f0-cb29bac6bf8b", + "type": "dashboard", + "version": 4 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json index 378f06402723..71245b0e755a 100644 --- a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json +++ b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json @@ -12,9 +12,9 @@ } } }, - "title": "Description [Filebeat Santa] ECS", + "title": "Description [Filebeat Santa]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -22,14 +22,14 @@ "markdown": "![Santa Icon](https://raw.githubusercontent.com/google/santa/master/Source/SantaGUI/Resources/Images.xcassets/AppIcon.appiconset/santa-hat-icon-128.png)\n\nGoogle Santa is a binary whitelisting/blacklisting system for macOS that monitors process executions.", "openLinksInNewTab": false }, - "title": "Description [Filebeat Santa] ECS", - "winlog.api": "markdown" + "title": "Description [Filebeat Santa]", + "type": "markdown" } }, - "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "visualization", + "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307", + "type": "visualization", "updated_at": "2018-12-14T06:31:14.285Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -43,9 +43,9 @@ } } }, - "title": "Decisions [Filebeat Santa] ECS", + "title": "Decisions [Filebeat Santa]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -69,7 +69,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, @@ -82,16 +82,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Decisions [Filebeat Santa] ECS", - "winlog.api": "metrics" + "title": "Decisions [Filebeat Santa]", + "type": "metrics" } }, - "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "visualization", + "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307", + "type": "visualization", "updated_at": "2018-12-14T06:40:02.169Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -105,10 +105,10 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", - "title": "Total Events [Filebeat Santa] ECS", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "title": "Total Events [Filebeat Santa]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -118,7 +118,7 @@ "customLabel": "Total Events" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -147,16 +147,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Total Events [Filebeat Santa] ECS", - "winlog.api": "metric" + "title": "Total Events [Filebeat Santa]", + "type": "metric" } }, - "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "visualization", + "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307", + "type": "visualization", "updated_at": "2018-12-14T06:41:42.712Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -170,8 +170,8 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", - "title": "Decision and Reason [Filebeat Santa] ECS", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "title": "Decision and Reason [Filebeat Santa]", "uiStateJSON": { "vis": { "colors": { @@ -179,7 +179,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -187,7 +187,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -204,7 +204,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -221,7 +221,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -235,16 +235,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Decision and Reason [Filebeat Santa] ECS", - "winlog.api": "pie" + "title": "Decision and Reason [Filebeat Santa]", + "type": "pie" } }, - "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "visualization", + "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307", + "type": "visualization", "updated_at": "2018-12-14T06:47:57.150Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -258,10 +258,10 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", - "title": "Num of Hosts Reporting [Filebeat Santa] ECS", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "title": "Num of Hosts Reporting [Filebeat Santa]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -272,7 +272,7 @@ "field": "agent.hostname" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -301,16 +301,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Num of Hosts Reporting [Filebeat Santa] ECS", - "winlog.api": "metric" + "title": "Num of Hosts Reporting [Filebeat Santa]", + "type": "metric" } }, - "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "visualization", + "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307", + "type": "visualization", "updated_at": "2018-12-14T06:51:31.622Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -324,10 +324,10 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", - "title": "Code Signers [Filebeat Santa] ECS", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "title": "Code Signers [Filebeat Santa]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -335,7 +335,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -351,7 +351,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -361,14 +361,14 @@ "scale": "linear", "showLabel": true }, - "title": "Code Signers [Filebeat Santa] ECS", - "winlog.api": "tagcloud" + "title": "Code Signers [Filebeat Santa]", + "type": "tagcloud" } }, - "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "visualization", + "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307", + "type": "visualization", "updated_at": "2018-12-14T06:57:58.885Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -395,16 +395,16 @@ "negate": false, "params": { "query": "santa", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "santa" }, "query": { "match": { "event.module": { "query": "santa", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -421,16 +421,16 @@ "negate": false, "params": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "log" }, "query": { "match": { "event.dataset": { "query": "log", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -442,20 +442,20 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Santa Logs Search [Filebeat Santa] ECS", - "winlog.version": 1 + "title": "Santa Logs Search [Filebeat Santa]", + "version": 1 }, - "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "search", + "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "type": "search", "updated_at": "2018-12-14T06:57:11.037Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -485,10 +485,10 @@ "x": 0, "y": 0 }, - "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs", + "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -499,10 +499,10 @@ "x": 10, "y": 0 }, - "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs", + "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -513,10 +513,10 @@ "x": 8, "y": 12 }, - "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs", + "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -527,10 +527,10 @@ "x": 36, "y": 12 }, - "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs", + "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -541,10 +541,10 @@ "x": 0, "y": 12 }, - "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs", + "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -555,10 +555,10 @@ "x": 18, "y": 12 }, - "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs", + "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-alpha1-SNAPSHOT" }, { "embeddableConfig": {}, @@ -569,21 +569,21 @@ "x": 0, "y": 22 }, - "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", "panelIndex": "7", - "winlog.api": "search", - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "type": "search", + "version": "7.0.0-alpha1-SNAPSHOT" } ], "timeRestore": false, - "title": "[Filebeat Santa] Overview ECS", - "winlog.version": 1 + "title": "[Filebeat Santa] Overview", + "version": 1 }, - "id": "161855f0-ff6a-11e8-93c5-d5ecd1b3e307-ecs", - "winlog.api": "dashboard", + "id": "161855f0-ff6a-11e8-93c5-d5ecd1b3e307", + "type": "dashboard", "updated_at": "2018-12-14T06:58:23.367Z", - "winlog.version": 5 + "version": 5 } ], - "winlog.version": "7.0.0-alpha1-SNAPSHOT" + "version": "7.0.0-alpha1-SNAPSHOT" } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json index 4467af3d3099..80e62f40e874 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json @@ -8,10 +8,10 @@ "filter": [] } }, - "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", - "title": "Sudo commands by user [Filebeat System] ECS", + "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", + "title": "Sudo commands by user [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -44,7 +44,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -59,13 +59,13 @@ "setYExtents": false, "times": [] }, - "title": "Sudo commands by user ECS", - "winlog.api": "histogram" + "title": "Sudo commands by user", + "type": "histogram" } }, - "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -83,9 +83,9 @@ } } }, - "title": "Sudo errors [Filebeat System] ECS", + "title": "Sudo errors [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -93,7 +93,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -106,7 +106,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -118,7 +118,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -133,13 +133,13 @@ "setYExtents": false, "times": [] }, - "title": "Sudo errors ECS", - "winlog.api": "histogram" + "title": "Sudo errors", + "type": "histogram" } }, - "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -149,8 +149,8 @@ "filter": [] } }, - "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", - "title": "Top sudo commands [Filebeat System] ECS", + "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", + "title": "Top sudo commands [Filebeat System]", "uiStateJSON": { "vis": { "params": { @@ -161,7 +161,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -169,7 +169,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -181,7 +181,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -193,7 +193,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -208,13 +208,13 @@ }, "totalFunc": "sum" }, - "title": "Top sudo commands ECS", - "winlog.api": "table" + "title": "Top sudo commands", + "type": "table" } }, - "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -222,22 +222,22 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System] ECS", + "title": "Dashboards [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" }, - "title": "Dashboards [Filebeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboards [Filebeat System]", + "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -266,12 +266,12 @@ "@timestamp", "desc" ], - "title": "Sudo commands [Filebeat System] ECS", - "winlog.version": 1 + "title": "Sudo commands [Filebeat System]", + "version": 1 }, - "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", + "type": "search", + "version": 2 }, { "attributes": { @@ -290,7 +290,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -299,43 +299,43 @@ "panelsJSON": [ { "col": 1, - "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a", "panelIndex": 1, "row": 6, "size_x": 12, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a", "panelIndex": 2, "row": 10, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a", "panelIndex": 3, "row": 2, "size_x": 12, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", "panelIndex": 4, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat System] Sudo commands ECS", + "title": "[Filebeat System] Sudo commands", "uiStateJSON": { "P-3": { "vis": { @@ -348,12 +348,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs", - "winlog.api": "dashboard", - "winlog.version": 6 + "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a", + "type": "dashboard", + "version": 6 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json index 751cac78ec83..2e7e7fd6f9ba 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "title": "New users [Filebeat System] ECS", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", + "title": "New users [Filebeat System]", "uiStateJSON": { "vis": { "params": { @@ -20,7 +20,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -28,20 +28,20 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "customLabel": "Host", - "field": "host.hostname", + "field": "system.auth.hostname", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -54,20 +54,20 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "4", "params": { "customLabel": "UID", - "field": "user.id", + "field": "system.auth.useradd.uid", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -80,7 +80,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -93,7 +93,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -106,7 +106,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -121,13 +121,13 @@ }, "totalFunc": "sum" }, - "title": "New users ECS", - "winlog.api": "table" + "title": "New users", + "type": "table" } }, - "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -137,10 +137,10 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "title": "New users over time [Filebeat System] ECS", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", + "title": "New users over time [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -148,7 +148,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -161,7 +161,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -173,7 +173,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -188,13 +188,13 @@ "setYExtents": false, "times": [] }, - "title": "New users over time ECS", - "winlog.api": "histogram" + "title": "New users over time", + "type": "histogram" } }, - "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -204,8 +204,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "title": "New users by shell [Filebeat System] ECS", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", + "title": "New users by shell [Filebeat System]", "uiStateJSON": { "vis": { "colors": { @@ -216,7 +216,7 @@ "legendOpen": true } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -224,7 +224,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -236,7 +236,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -248,7 +248,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -258,13 +258,13 @@ "isDonut": false, "legendPosition": "right" }, - "title": "New users by shell ECS", - "winlog.api": "pie" + "title": "New users by shell", + "type": "pie" } }, - "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -274,8 +274,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "title": "New users by home directory [Filebeat System] ECS", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", + "title": "New users by home directory [Filebeat System]", "uiStateJSON": { "vis": { "colors": { @@ -287,7 +287,7 @@ "legendOpen": true } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -295,7 +295,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -307,7 +307,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -319,7 +319,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -329,13 +329,13 @@ "isDonut": false, "legendPosition": "right" }, - "title": "New users by home directory ECS", - "winlog.api": "pie" + "title": "New users by home directory", + "type": "pie" } }, - "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -345,8 +345,8 @@ "filter": [] } }, - "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", - "title": "New groups [Filebeat System] ECS", + "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", + "title": "New groups [Filebeat System]", "uiStateJSON": { "vis": { "params": { @@ -357,7 +357,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -365,7 +365,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -377,19 +377,19 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": { - "field": "group.id", + "field": "system.auth.groupadd.gid", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -404,13 +404,13 @@ }, "totalFunc": "sum" }, - "title": "New groups ECS", - "winlog.api": "table" + "title": "New groups", + "type": "table" } }, - "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "12667040-fa80-11e6-a1df-a78bd7504d38", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -420,10 +420,10 @@ "filter": [] } }, - "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", - "title": "New groups over time [Filebeat System] ECS", + "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", + "title": "New groups over time [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -431,7 +431,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -444,7 +444,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -456,7 +456,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -471,13 +471,13 @@ "setYExtents": false, "times": [] }, - "title": "New groups over time ECS", - "winlog.api": "histogram" + "title": "New groups over time", + "type": "histogram" } }, - "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -485,28 +485,28 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System] ECS", + "title": "Dashboards [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" }, - "title": "Dashboards [Filebeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboards [Filebeat System]", + "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ "system.auth.useradd.name", - "user.id", + "system.auth.useradd.uid", "system.auth.useradd.gid", "system.auth.useradd.home", "system.auth.useradd.shell" @@ -530,18 +530,18 @@ "@timestamp", "desc" ], - "title": "useradd logs [Filebeat System] ECS", - "winlog.version": 1 + "title": "useradd logs [Filebeat System]", + "version": 1 }, - "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", + "type": "search", + "version": 2 }, { "attributes": { "columns": [ "system.auth.groupadd.name", - "group.id" + "system.auth.groupadd.gid" ], "description": "", "hits": 0, @@ -562,12 +562,12 @@ "@timestamp", "desc" ], - "title": "groupadd logs [Filebeat System] ECS", - "winlog.version": 1 + "title": "groupadd logs [Filebeat System]", + "version": 1 }, - "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", + "type": "search", + "version": 2 }, { "attributes": { @@ -586,7 +586,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -595,70 +595,70 @@ "panelsJSON": [ { "col": 1, - "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab", "panelIndex": 1, "row": 2, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab", "panelIndex": 2, "row": 2, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38", "panelIndex": 3, "row": 5, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38", "panelIndex": 4, "row": 5, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", + "id": "12667040-fa80-11e6-a1df-a78bd7504d38", "panelIndex": 5, "row": 8, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38", "panelIndex": 6, "row": 8, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", "panelIndex": 7, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat System] New users and groups ECS", + "title": "[Filebeat System] New users and groups", "uiStateJSON": { "P-1": { "vis": { @@ -681,12 +681,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs", - "winlog.api": "dashboard", - "winlog.version": 6 + "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab", + "type": "dashboard", + "version": 6 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json index 02704e79514b..c310967d41c5 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json @@ -11,12 +11,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.action:Accepted" + "query": "system.auth.ssh.event:Accepted" } } } }, - "title": "Successful SSH logins [Filebeat System] ECS", + "title": "Successful SSH logins [Filebeat System]", "uiStateJSON": { "vis": { "colors": { @@ -28,7 +28,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -36,7 +36,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -49,7 +49,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -61,7 +61,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -76,13 +76,13 @@ "setYExtents": false, "times": [] }, - "title": "Successful SSH logins ECS", - "winlog.api": "histogram" + "title": "Successful SSH logins", + "type": "histogram" } }, - "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -94,7 +94,7 @@ "index": "filebeat-*" } }, - "title": "SSH login attempts [Filebeat System] ECS", + "title": "SSH login attempts [Filebeat System]", "uiStateJSON": { "vis": { "colors": { @@ -104,7 +104,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -112,7 +112,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -125,19 +125,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "event.action", + "field": "system.auth.ssh.event", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -152,13 +152,13 @@ "setYExtents": false, "times": [] }, - "title": "SSH login attempts ECS", - "winlog.api": "histogram" + "title": "SSH login attempts", + "type": "histogram" } }, - "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -171,14 +171,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.action:Failed OR event.action:Invalid" + "query": "system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid" } } } }, - "title": "SSH users of failed login attempts [Filebeat System] ECS", + "title": "SSH users of failed login attempts [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -186,7 +186,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -198,7 +198,7 @@ "size": 50 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -208,13 +208,13 @@ "orientation": "single", "scale": "linear" }, - "title": "SSH users of failed login attempts ECS", - "winlog.api": "tagcloud" + "title": "SSH users of failed login attempts", + "type": "tagcloud" } }, - "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -227,12 +227,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.action:Failed OR event.action:Invalid" + "query": "system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid" } } } }, - "title": "SSH failed login attempts source locations [Filebeat System] ECS", + "title": "SSH failed login attempts source locations [Filebeat System]", "uiStateJSON": { "mapCenter": [ 17.602139123350838, @@ -240,7 +240,7 @@ ], "mapZoom": 2 }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -248,18 +248,18 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location", + "field": "system.auth.ssh.geoip.location", "precision": 2 }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -286,27 +286,27 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "SSH failed login attempts source locations ECS", - "winlog.api": "tile_map" + "title": "SSH failed login attempts source locations", + "type": "tile_map" } }, - "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ - "event.action", + "system.auth.ssh.event", "system.auth.ssh.method", "system.auth.user", - "source.ip", - "source.geo.country_iso_code" + "system.auth.ssh.ip", + "system.auth.ssh.geoip.country_iso_code" ], "description": "", "hits": 0, @@ -327,12 +327,12 @@ "@timestamp", "desc" ], - "title": "SSH login attempts [Filebeat System] ECS", - "winlog.version": 1 + "title": "SSH login attempts [Filebeat System]", + "version": 1 }, - "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "62439dc0-f9c9-11e6-a747-6121780e0414", + "type": "search", + "version": 2 }, { "attributes": { @@ -340,22 +340,22 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System] ECS", + "title": "Dashboards [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" }, - "title": "Dashboards [Filebeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboards [Filebeat System]", + "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -374,7 +374,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -383,50 +383,50 @@ "panelsJSON": [ { "col": 1, - "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a", "panelIndex": 1, "row": 5, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a", "panelIndex": 2, "row": 2, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a", "panelIndex": 3, "row": 8, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d", "panelIndex": 4, "row": 8, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "event.action", + "system.auth.ssh.event", "system.auth.ssh.method", "system.auth.user", - "source.ip", - "source.geo.country_iso_code" + "system.auth.ssh.ip", + "system.auth.ssh.geoip.country_iso_code" ], - "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", + "id": "62439dc0-f9c9-11e6-a747-6121780e0414", "panelIndex": 5, "row": 12, "size_x": 12, @@ -435,20 +435,20 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", "panelIndex": 6, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat System] SSH login attempts ECS", + "title": "[Filebeat System] SSH login attempts", "uiStateJSON": { "P-4": { "mapBounds": { @@ -479,12 +479,12 @@ "mapZoom": 3 } }, - "winlog.version": 1 + "version": 1 }, - "id": "5517a150-f9ce-11e6-8115-a7c18106d86a-ecs", - "winlog.api": "dashboard", - "winlog.version": 7 + "id": "5517a150-f9ce-11e6-8115-a7c18106d86a", + "type": "dashboard", + "version": 7 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json index 9c1c1871c004..24d995932df3 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json @@ -8,10 +8,10 @@ "filter": [] } }, - "savedSearchId": "Syslog-system-logs-ecs", - "title": "Syslog events by hostname [Filebeat System] ECS", + "savedSearchId": "Syslog-system-logs", + "title": "Syslog events by hostname [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -19,7 +19,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -32,19 +32,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "host.hostname", + "field": "system.syslog.hostname", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -61,13 +61,13 @@ "times": [], "yAxis": {} }, - "title": "Syslog events by hostname ECS", - "winlog.api": "histogram" + "title": "Syslog events by hostname", + "type": "histogram" } }, - "id": "Syslog-events-by-hostname-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Syslog-events-by-hostname", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -77,10 +77,10 @@ "filter": [] } }, - "savedSearchId": "Syslog-system-logs-ecs", - "title": "Syslog hostnames and processes [Filebeat System] ECS", + "savedSearchId": "Syslog-system-logs", + "title": "Syslog hostnames and processes [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -88,31 +88,31 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "host.hostname", + "field": "system.syslog.hostname", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": { - "field": "process.name", + "field": "system.syslog.program", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -123,20 +123,20 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Syslog hostnames and processes ECS", - "winlog.api": "pie" + "title": "Syslog hostnames and processes", + "type": "pie" } }, - "id": "Syslog-hostnames-and-processes-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Syslog-hostnames-and-processes", + "type": "visualization", + "version": 2 }, { "attributes": { "columns": [ - "host.hostname", - "process.name", - "message" + "system.syslog.hostname", + "system.syslog.program", + "system.syslog.message" ], "description": "", "hits": 0, @@ -170,12 +170,12 @@ "@timestamp", "desc" ], - "title": "Syslog logs [Filebeat System] ECS", - "winlog.version": 1 + "title": "Syslog logs [Filebeat System]", + "version": 1 }, - "id": "Syslog-system-logs-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "Syslog-system-logs", + "type": "search", + "version": 2 }, { "attributes": { @@ -183,22 +183,22 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System] ECS", + "title": "Dashboards [Filebeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" }, - "title": "Dashboards [Filebeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboards [Filebeat System]", + "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -217,7 +217,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -226,30 +226,30 @@ "panelsJSON": [ { "col": 1, - "id": "Syslog-events-by-hostname-ecs", + "id": "Syslog-events-by-hostname", "panelIndex": 1, "row": 2, "size_x": 8, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "Syslog-hostnames-and-processes-ecs", + "id": "Syslog-hostnames-and-processes", "panelIndex": 2, "row": 2, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, "columns": [ - "host.hostname", - "process.name", - "message" + "system.syslog.hostname", + "system.syslog.program", + "system.syslog.message" ], - "id": "Syslog-system-logs-ecs", + "id": "Syslog-system-logs", "panelIndex": 3, "row": 6, "size_x": 12, @@ -258,27 +258,27 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", "panelIndex": 4, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat System] Syslog dashboard ECS", + "title": "[Filebeat System] Syslog dashboard", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "Filebeat-syslog-dashboard-ecs", - "winlog.api": "dashboard", - "winlog.version": 6 + "id": "Filebeat-syslog-dashboard", + "type": "dashboard", + "version": 6 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json index ec9b5d475362..720432226601 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json @@ -15,9 +15,9 @@ } } }, - "title": "Browsers breakdown [Filebeat Traefik] ECS", + "title": "Browsers breakdown [Filebeat Traefik]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -25,19 +25,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.name", + "field": "traefik.access.user_agent.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -49,7 +49,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -60,13 +60,13 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Traefik Access Browsers ECS", - "winlog.api": "pie" + "title": "Traefik Access Browsers", + "type": "pie" } }, - "id": "Traefik-Access-Browsers-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Traefik-Access-Browsers", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -83,9 +83,9 @@ } } }, - "title": "Operating systems breakdown [Filebeat Traefik] ECS", + "title": "Operating systems breakdown [Filebeat Traefik]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -93,19 +93,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "user_agent.os.name", + "field": "traefik.access.user_agent.os_name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -117,7 +117,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -128,13 +128,13 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Traefik Access OSes ECS", - "winlog.api": "pie" + "title": "Traefik Access OSes", + "type": "pie" } }, - "id": "Traefik-Access-OSes-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Traefik-Access-OSes", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -144,8 +144,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Traefik-module-ecs", - "title": "Response codes over time [Filebeat Traefik] ECS", + "savedSearchId": "Filebeat-Traefik-module", + "title": "Response codes over time [Filebeat Traefik]", "uiStateJSON": { "vis": { "colors": { @@ -154,7 +154,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -162,7 +162,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -175,19 +175,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "traefik.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -204,13 +204,13 @@ "times": [], "yAxis": {} }, - "title": "New Visualization ECS", - "winlog.api": "histogram" + "title": "New Visualization", + "type": "histogram" } }, - "id": "New-Visualization-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "New-Visualization", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -227,7 +227,7 @@ } } }, - "title": "Response codes by top URLs [Filebeat Traefik] ECS", + "title": "Response codes by top URLs [Filebeat Traefik]", "uiStateJSON": { "vis": { "colors": { @@ -236,7 +236,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -244,32 +244,32 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "url.original", + "field": "traefik.access.url", "order": "desc", "orderBy": "1", "row": false, "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "traefik.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -280,13 +280,13 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Traefik Access Response codes by top URLs ECS", - "winlog.api": "pie" + "title": "Traefik Access Response codes by top URLs", + "type": "pie" } }, - "id": "Traefik-Access-Response-codes-by-top-URLs-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Traefik-Access-Response-codes-by-top-URLs", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -316,9 +316,9 @@ } } }, - "title": "Sent Byte Size [Filebeat Traefik] ECS", + "title": "Sent Byte Size [Filebeat Traefik]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -326,10 +326,10 @@ "id": "1", "params": { "customLabel": "Data sent", - "field": "http.response.body.bytes" + "field": "traefik.access.body_sent.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -342,14 +342,14 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": {}, "schema": "radius", - "winlog.api": "count" + "type": "count" } ], "listeners": {}, @@ -370,13 +370,13 @@ "times": [], "yAxis": {} }, - "title": "Sent sizes ECS", - "winlog.api": "line" + "title": "Sent sizes", + "type": "line" } }, - "id": "Sent-sizes-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Sent-sizes", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -386,15 +386,15 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Traefik-module-ecs", - "title": "Access Map [Filebeat Traefik] ECS", + "savedSearchId": "Filebeat-Traefik-module", + "title": "Access Map [Filebeat Traefik]", "uiStateJSON": { "mapCenter": [ 12.039320557540572, -0.17578125 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -402,17 +402,17 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location" + "field": "traefik.access.geoip.location" }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -439,18 +439,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Traefik Access Map ECS", - "winlog.api": "tile_map" + "title": "Traefik Access Map", + "type": "tile_map" } }, - "id": "Traefik-Access-Map-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Traefik-Access-Map", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -488,12 +488,12 @@ "@timestamp", "desc" ], - "title": "Traefik logs [Filebeat Traefik] ECS", - "winlog.version": 1 + "title": "Traefik logs [Filebeat Traefik]", + "version": 1 }, - "id": "Filebeat-Traefik-module-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "Filebeat-Traefik-module", + "type": "search", + "version": 2 }, { "attributes": { @@ -519,61 +519,61 @@ "panelsJSON": [ { "col": 1, - "id": "Traefik-Access-Browsers-ecs", + "id": "Traefik-Access-Browsers", "panelIndex": 3, "row": 10, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "Traefik-Access-OSes-ecs", + "id": "Traefik-Access-OSes", "panelIndex": 4, "row": 10, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "New-Visualization-ecs", + "id": "New-Visualization", "panelIndex": 5, "row": 4, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Traefik-Access-Response-codes-by-top-URLs-ecs", + "id": "Traefik-Access-Response-codes-by-top-URLs", "panelIndex": 6, "row": 7, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "Sent-sizes-ecs", + "id": "Sent-sizes", "panelIndex": 7, "row": 10, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Traefik-Access-Map-ecs", + "id": "Traefik-Access-Map", "panelIndex": 8, "row": 1, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Traefik] Access logs ECS", + "title": "[Filebeat Traefik] Access logs", "uiStateJSON": { "P-4": { "vis": { @@ -587,12 +587,12 @@ ] } }, - "winlog.version": 1 + "version": 1 }, - "id": "Filebeat-Traefik-Dashboard-ecs", - "winlog.api": "dashboard", - "winlog.version": 3 + "id": "Filebeat-Traefik-Dashboard", + "type": "dashboard", + "version": 3 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json index f00806c86066..89ab54f3918a 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json @@ -6,14 +6,14 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Remote IP Timechart [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Remote IP Timechart [Filebeat Traefik] [ML]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -21,7 +21,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -34,19 +34,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "source.address", + "field": "traefik.access.remote_ip", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -63,14 +63,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 5 minutes" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -96,7 +96,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -116,22 +116,22 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "value" + "type": "value" } ] }, - "title": "ML Traefik Access Remote IP Timechart ECS", - "winlog.api": "area" + "title": "ML Traefik Access Remote IP Timechart", + "type": "area" } }, - "id": "ML-Traefik-Access-Remote-IP-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "ML-Traefik-Access-Remote-IP-Timechart", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -141,8 +141,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Response Code Timechart [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Response Code Timechart [Filebeat Traefik] [ML]", "uiStateJSON": { "vis": { "colors": { @@ -151,7 +151,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -159,7 +159,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -172,19 +172,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "traefik.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -201,13 +201,13 @@ "times": [], "yAxis": {} }, - "title": "ML Traefik Access Response Code Timechart ECS", - "winlog.api": "histogram" + "title": "ML Traefik Access Response Code Timechart", + "type": "histogram" } }, - "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Response-Code-Timechart", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -215,8 +215,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Top Remote IPs [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Top Remote IPs [Filebeat Traefik] [ML]", "uiStateJSON": { "vis": { "params": { @@ -227,7 +227,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -235,19 +235,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "source.address", + "field": "traefik.access.remote_ip", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -262,13 +262,13 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top Remote IPs Table ECS", - "winlog.api": "table" + "title": "ML Traefik Access Top Remote IPs Table", + "type": "table" } }, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -278,15 +278,15 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Access Map [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Access Map [Filebeat Traefik] [ML]", "uiStateJSON": { "mapCenter": [ 12.039320557540572, -0.17578125 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -294,17 +294,17 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location" + "field": "traefik.access.geoip.location" }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -331,18 +331,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Traefik Access Map ECS", - "winlog.api": "tile_map" + "title": "ML Traefik Access Map", + "type": "tile_map" } }, - "id": "ML-Traefik-Access-Map-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Map", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -350,8 +350,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Top URLs [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Top URLs [Filebeat Traefik] [ML]", "uiStateJSON": { "vis": { "params": { @@ -362,7 +362,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -370,19 +370,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "url.original", + "field": "traefik.access.url", "order": "desc", "orderBy": "1", "size": 1000 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -397,13 +397,13 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top URLs Table ECS", - "winlog.api": "table" + "title": "ML Traefik Access Top URLs Table", + "type": "table" } }, - "id": "ML-Traefik-Access-Top-URLs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Top-URLs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -441,12 +441,12 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Traefik] ECS", - "winlog.version": 1 + "title": "ML Access Data [Filebeat Traefik]", + "version": 1 }, - "id": "ML-Filebeat-Traefik-Access-ecs", - "winlog.api": "search", - "winlog.version": 3 + "id": "ML-Filebeat-Traefik-Access", + "type": "search", + "version": 3 }, { "attributes": { @@ -465,7 +465,7 @@ } ], "highlightAll": true, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -474,52 +474,52 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Traefik-Access-Remote-IP-Timechart-ecs", + "id": "ML-Traefik-Access-Remote-IP-Timechart", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", + "id": "ML-Traefik-Access-Response-Code-Timechart", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table", "panelIndex": 3, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Traefik-Access-Map-ecs", + "id": "ML-Traefik-Access-Map", "panelIndex": 4, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Traefik-Access-Top-URLs-Table-ecs", + "id": "ML-Traefik-Access-Top-URLs-Table", "panelIndex": 5, "row": 7, "size_x": 12, "size_y": 9, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Traefik] [ML] Remote IP Count Explorer ECS", + "title": "[Filebeat Traefik] [ML] Remote IP Count Explorer", "uiStateJSON": { "P-3": { "vis": { @@ -542,12 +542,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "ML-Traefik-Access-Remote-IP-Count-Explorer-ecs", - "winlog.api": "dashboard", - "winlog.version": 3 + "id": "ML-Traefik-Access-Remote-IP-Count-Explorer", + "type": "dashboard", + "version": 3 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json index 8e8367896bed..b09a006d89d9 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json @@ -6,20 +6,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Unique Count URL Timechart [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Unique Count URL Timechart [Filebeat Traefik] [ML]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "url.original" + "field": "traefik.access.url" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -32,7 +32,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "listeners": {}, @@ -49,14 +49,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per day" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -83,7 +83,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -103,24 +103,24 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Unique count of traefik.access.url" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "ML Traefik Access Unique Count URL Timechart ECS", - "winlog.api": "line" + "title": "ML Traefik Access Unique Count URL Timechart", + "type": "line" } }, - "id": "ML-Traefik-Access-Unique-Count-URL-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "ML-Traefik-Access-Unique-Count-URL-Timechart", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -130,8 +130,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Response Code Timechart [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Response Code Timechart [Filebeat Traefik] [ML]", "uiStateJSON": { "vis": { "colors": { @@ -140,7 +140,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -148,7 +148,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -161,19 +161,19 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { - "field": "http.response.status_code", + "field": "traefik.access.response_code", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -190,13 +190,13 @@ "times": [], "yAxis": {} }, - "title": "ML Traefik Access Response Code Timechart ECS", - "winlog.api": "histogram" + "title": "ML Traefik Access Response Code Timechart", + "type": "histogram" } }, - "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Response-Code-Timechart", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -204,8 +204,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Top Remote IPs [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Top Remote IPs [Filebeat Traefik] [ML]", "uiStateJSON": { "vis": { "params": { @@ -216,7 +216,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -224,19 +224,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "source.address", + "field": "traefik.access.remote_ip", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -251,13 +251,13 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top Remote IPs Table ECS", - "winlog.api": "table" + "title": "ML Traefik Access Top Remote IPs Table", + "type": "table" } }, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -267,15 +267,15 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Access Map [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Access Map [Filebeat Traefik] [ML]", "uiStateJSON": { "mapCenter": [ 12.039320557540572, -0.17578125 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -283,17 +283,17 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { "autoPrecision": true, - "field": "source.geo.location" + "field": "traefik.access.geoip.location" }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "listeners": {}, @@ -320,18 +320,18 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Traefik Access Map ECS", - "winlog.api": "tile_map" + "title": "ML Traefik Access Map", + "type": "tile_map" } }, - "id": "ML-Traefik-Access-Map-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Map", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -339,8 +339,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", - "title": "Top URLs [Filebeat Traefik] [ML] ECS", + "savedSearchId": "ML-Filebeat-Traefik-Access", + "title": "Top URLs [Filebeat Traefik] [ML]", "uiStateJSON": { "vis": { "params": { @@ -351,7 +351,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -359,19 +359,19 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "url.original", + "field": "traefik.access.url", "order": "desc", "orderBy": "1", "size": 1000 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -386,13 +386,13 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top URLs Table ECS", - "winlog.api": "table" + "title": "ML Traefik Access Top URLs Table", + "type": "table" } }, - "id": "ML-Traefik-Access-Top-URLs-Table-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "ML-Traefik-Access-Top-URLs-Table", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -430,12 +430,12 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Traefik] ECS", - "winlog.version": 1 + "title": "ML Access Data [Filebeat Traefik]", + "version": 1 }, - "id": "ML-Filebeat-Traefik-Access-ecs", - "winlog.api": "search", - "winlog.version": 3 + "id": "ML-Filebeat-Traefik-Access", + "type": "search", + "version": 3 }, { "attributes": { @@ -454,7 +454,7 @@ } ], "highlightAll": true, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -463,52 +463,52 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Traefik-Access-Unique-Count-URL-Timechart-ecs", + "id": "ML-Traefik-Access-Unique-Count-URL-Timechart", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", + "id": "ML-Traefik-Access-Response-Code-Timechart", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table", "panelIndex": 3, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ML-Traefik-Access-Map-ecs", + "id": "ML-Traefik-Access-Map", "panelIndex": 4, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ML-Traefik-Access-Top-URLs-Table-ecs", + "id": "ML-Traefik-Access-Top-URLs-Table", "panelIndex": 5, "row": 7, "size_x": 12, "size_y": 8, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Filebeat Traefik] [ML] Remote IP URL Explorer ECS", + "title": "[Filebeat Traefik] [ML] Remote IP URL Explorer", "uiStateJSON": { "P-2": { "vis": { @@ -541,12 +541,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "ML-Traefik-Remote-IP-URL-Explorer-ecs", - "winlog.api": "dashboard", - "winlog.version": 4 + "id": "ML-Traefik-Remote-IP-URL-Explorer", + "type": "dashboard", + "version": 4 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json index 05d6542a9010..e25338f9b982 100644 --- a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json +++ b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json @@ -29,7 +29,7 @@ }, "panelIndex": "1", "panelRefName": "panel_0", - "winlog.version": "7.0.0" + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -42,7 +42,7 @@ }, "panelIndex": "2", "panelRefName": "panel_1", - "winlog.version": "7.0.0" + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -55,37 +55,37 @@ }, "panelIndex": "3", "panelRefName": "panel_2", - "winlog.version": "7.0.0" + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Journalbeat] Overview ECS", - "winlog.version": 1 + "title": "[Journalbeat] Overview", + "version": 1 }, - "id": "effdfcd0-2877-11e9-bc7e-af96a8fe0ddd-ecs", + "id": "effdfcd0-2877-11e9-bc7e-af96a8fe0ddd", "migrationVersion": { "dashboard": "7.0.0" }, "references": [ { - "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", + "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd", "name": "panel_0", - "winlog.api": "search" + "type": "search" }, { - "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", + "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd", "name": "panel_1", - "winlog.api": "search" + "type": "search" }, { - "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", + "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd", "name": "panel_2", - "winlog.api": "search" + "type": "search" } ], - "winlog.api": "dashboard", + "type": "dashboard", "updated_at": "2019-02-04T12:25:20.413Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -106,17 +106,17 @@ "language": "lucene", "query": "syslog.facility:0 AND syslog.priority:\\u003c4" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "[Journalbeat] Kernel errors ECS", - "winlog.version": 1 + "title": "[Journalbeat] Kernel errors", + "version": 1 }, - "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", + "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd", "migrationVersion": { "search": "7.0.0" }, @@ -124,12 +124,12 @@ { "id": "33c018b0-2876-11e9-bc7e-af96a8fe0ddd", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "search", + "type": "search", "updated_at": "2019-02-04T12:19:40.092Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -150,17 +150,17 @@ "language": "lucene", "query": "syslog.facility:4" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "[Journalbeat] Authorization ECS", - "winlog.version": 1 + "title": "[Journalbeat] Authorization", + "version": 1 }, - "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", + "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd", "migrationVersion": { "search": "7.0.0" }, @@ -168,12 +168,12 @@ { "id": "33c018b0-2876-11e9-bc7e-af96a8fe0ddd", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "search", + "type": "search", "updated_at": "2019-02-04T12:20:56.412Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -193,17 +193,17 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "[Journalbeat] Systemd messages ECS", - "winlog.version": 1 + "title": "[Journalbeat] Systemd messages", + "version": 1 }, - "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", + "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd", "migrationVersion": { "search": "7.0.0" }, @@ -211,13 +211,13 @@ { "id": "33c018b0-2876-11e9-bc7e-af96a8fe0ddd", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "search", + "type": "search", "updated_at": "2019-02-04T12:22:19.508Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json index 1dea6873772d..c8eecb62d93e 100644 --- a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json +++ b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json @@ -8,10 +8,10 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD-ecs", - "title": "CPU usage [Metricbeat Apache] ECS", + "savedSearchId": "Apache-HTTPD", + "title": "CPU usage [Metricbeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -21,7 +21,7 @@ "field": "apache.status.cpu.load" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "2", @@ -33,7 +33,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "id": "3", @@ -45,7 +45,7 @@ "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "id": "4", @@ -54,7 +54,7 @@ "field": "apache.status.cpu.user" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "5", @@ -63,7 +63,7 @@ "field": "apache.status.cpu.system" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "6", @@ -72,7 +72,7 @@ "field": "apache.status.cpu.children_user" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "7", @@ -81,7 +81,7 @@ "field": "apache.status.cpu.children_system" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "listeners": {}, @@ -101,13 +101,13 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - CPU ECS", - "winlog.api": "line" + "title": "Apache HTTPD - CPU", + "type": "line" } }, - "id": "Apache-HTTPD-CPU-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Apache-HTTPD-CPU", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -117,8 +117,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD-ecs", - "title": "Hostname list [Metricbeat Apache] ECS", + "savedSearchId": "Apache-HTTPD", + "title": "Hostname list [Metricbeat Apache]", "uiStateJSON": { "vis": { "params": { @@ -129,7 +129,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -138,7 +138,7 @@ "customLabel": "Events count" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -150,7 +150,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -163,13 +163,13 @@ "direction": null } }, - "title": "Apache HTTPD - Hostname list ECS", - "winlog.api": "table" + "title": "Apache HTTPD - Hostname list", + "type": "table" } }, - "id": "Apache-HTTPD-Hostname-list-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Apache-HTTPD-Hostname-list", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -179,10 +179,10 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD-ecs", - "title": "Load1/5/15 [Metricbeat Apache] ECS", + "savedSearchId": "Apache-HTTPD", + "title": "Load1/5/15 [Metricbeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -192,7 +192,7 @@ "field": "apache.status.load.5" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "2", @@ -204,7 +204,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "id": "3", @@ -213,7 +213,7 @@ "field": "apache.status.load.1" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "4", @@ -222,7 +222,7 @@ "field": "apache.status.load.15" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "5", @@ -235,7 +235,7 @@ "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -255,13 +255,13 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Load1/5/15 ECS", - "winlog.api": "line" + "title": "Apache HTTPD - Load1/5/15", + "type": "line" } }, - "id": "Apache-HTTPD-Load1-slash-5-slash-15-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Apache-HTTPD-Load1-slash-5-slash-15", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -271,10 +271,10 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD-ecs", - "title": "Scoreboard [Metricbeat Apache] ECS", + "savedSearchId": "Apache-HTTPD", + "title": "Scoreboard [Metricbeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -284,7 +284,7 @@ "field": "apache.status.scoreboard.closing_connection" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "2", @@ -296,7 +296,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "id": "3", @@ -309,7 +309,7 @@ "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "id": "4", @@ -318,7 +318,7 @@ "field": "apache.status.scoreboard.dns_lookup" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "5", @@ -327,7 +327,7 @@ "field": "apache.status.scoreboard.gracefully_finishing" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "6", @@ -336,7 +336,7 @@ "field": "apache.status.scoreboard.idle_cleanup" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "7", @@ -345,7 +345,7 @@ "field": "apache.status.scoreboard.keepalive" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "8", @@ -354,7 +354,7 @@ "field": "apache.status.scoreboard.logging" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "9", @@ -363,7 +363,7 @@ "field": "apache.status.scoreboard.open_slot" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "10", @@ -372,7 +372,7 @@ "field": "apache.status.scoreboard.reading_request" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "11", @@ -381,7 +381,7 @@ "field": "apache.status.scoreboard.sending_reply" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "12", @@ -390,7 +390,7 @@ "field": "apache.status.scoreboard.starting_up" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "13", @@ -399,7 +399,7 @@ "field": "apache.status.scoreboard.total" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "14", @@ -408,7 +408,7 @@ "field": "apache.status.scoreboard.waiting_for_connection" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "listeners": {}, @@ -428,13 +428,13 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Scoreboard ECS", - "winlog.api": "line" + "title": "Apache HTTPD - Scoreboard", + "type": "line" } }, - "id": "Apache-HTTPD-Scoreboard-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Apache-HTTPD-Scoreboard", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -444,10 +444,10 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD-ecs", - "title": "Total accesses and kbytes [Metricbeat Apache] ECS", + "savedSearchId": "Apache-HTTPD", + "title": "Total accesses and kbytes [Metricbeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -457,7 +457,7 @@ "field": "apache.status.total_kbytes" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "id": "2", @@ -466,7 +466,7 @@ "field": "apache.status.total_accesses" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "listeners": {}, @@ -474,13 +474,13 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Apache HTTPD - Total accesses and kbytes ECS", - "winlog.api": "metric" + "title": "Apache HTTPD - Total accesses and kbytes", + "type": "metric" } }, - "id": "Apache-HTTPD-Total-accesses-and-kbytes-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Apache-HTTPD-Total-accesses-and-kbytes", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -490,10 +490,10 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD-ecs", - "title": "Uptime [Metricbeat Apache] ECS", + "savedSearchId": "Apache-HTTPD", + "title": "Uptime [Metricbeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -503,7 +503,7 @@ "field": "apache.status.uptime.uptime" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "id": "2", @@ -512,7 +512,7 @@ "field": "apache.status.uptime.server_uptime" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "listeners": {}, @@ -520,13 +520,13 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Apache HTTPD - Uptime ECS", - "winlog.api": "metric" + "title": "Apache HTTPD - Uptime", + "type": "metric" } }, - "id": "Apache-HTTPD-Uptime-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Apache-HTTPD-Uptime", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -536,10 +536,10 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD-ecs", - "title": "Workers [Metricbeat Apache] ECS", + "savedSearchId": "Apache-HTTPD", + "title": "Workers [Metricbeat Apache]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -549,7 +549,7 @@ "field": "apache.status.workers.busy" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "id": "2", @@ -561,7 +561,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "id": "3", @@ -574,7 +574,7 @@ "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "id": "4", @@ -583,7 +583,7 @@ "field": "apache.status.workers.idle" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "listeners": {}, @@ -603,13 +603,13 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Workers ECS", - "winlog.api": "line" + "title": "Apache HTTPD - Workers", + "type": "line" } }, - "id": "Apache-HTTPD-Workers-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Apache-HTTPD-Workers", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -638,7 +638,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module: apache" + "query": "metricset.module: apache" } } } @@ -647,12 +647,12 @@ "@timestamp", "desc" ], - "title": "Apache HTTPD ECS", - "winlog.version": 1 + "title": "Apache HTTPD", + "version": 1 }, - "id": "Apache-HTTPD-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "Apache-HTTPD", + "type": "search", + "version": 1 }, { "attributes": { @@ -671,7 +671,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -680,70 +680,70 @@ "panelsJSON": [ { "col": 7, - "id": "Apache-HTTPD-CPU-ecs", + "id": "Apache-HTTPD-CPU", "panelIndex": 1, "row": 10, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Apache-HTTPD-Hostname-list-ecs", + "id": "Apache-HTTPD-Hostname-list", "panelIndex": 2, "row": 1, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Apache-HTTPD-Load1-slash-5-slash-15-ecs", + "id": "Apache-HTTPD-Load1-slash-5-slash-15", "panelIndex": 3, "row": 10, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Apache-HTTPD-Scoreboard-ecs", + "id": "Apache-HTTPD-Scoreboard", "panelIndex": 4, "row": 7, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "Apache-HTTPD-Total-accesses-and-kbytes-ecs", + "id": "Apache-HTTPD-Total-accesses-and-kbytes", "panelIndex": 5, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 4, - "id": "Apache-HTTPD-Uptime-ecs", + "id": "Apache-HTTPD-Uptime", "panelIndex": 6, "row": 1, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Apache-HTTPD-Workers-ecs", + "id": "Apache-HTTPD-Workers", "panelIndex": 7, "row": 4, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat Apache] Overview ECS", + "title": "[Metricbeat Apache] Overview", "uiStateJSON": { "P-2": { "vis": { @@ -770,12 +770,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "Metricbeat-Apache-HTTPD-server-status-ecs", - "winlog.api": "dashboard", - "winlog.version": 3 + "id": "Metricbeat-Apache-HTTPD-server-status", + "type": "dashboard", + "version": 3 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json index 7b753cf42728..81eddab34221 100644 --- a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json +++ b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker-ecs", - "title": "Docker containers [Metricbeat Docker] ECS", + "savedSearchId": "Metricbeat-Docker", + "title": "Docker containers [Metricbeat Docker]", "uiStateJSON": { "vis": { "params": { @@ -20,7 +20,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -28,13 +28,13 @@ "id": "2", "params": { "customLabel": "Name", - "field": "container.name", + "field": "docker.container.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -44,7 +44,7 @@ "field": "docker.cpu.total.pct" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -54,7 +54,7 @@ "field": "docker.diskio.total" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -64,7 +64,7 @@ "field": "docker.memory.usage.pct" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -74,17 +74,17 @@ "field": "docker.memory.rss.total" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, "id": "1", "params": { "customLabel": "Number of Containers", - "field": "container.id" + "field": "docker.container.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "listeners": {}, @@ -99,18 +99,18 @@ }, "totalFunc": "sum" }, - "title": "Docker containers [Metricbeat Docker] ECS", - "winlog.api": "table" + "title": "Docker containers [Metricbeat Docker]", + "type": "table" } }, "col": 1, - "id": "Docker-containers-ecs", + "id": "Docker-containers", "panelIndex": 1, "row": 1, "size_x": 7, "size_y": 5, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -120,8 +120,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker-ecs", - "title": "Number of Containers [Metricbeat Docker] ECS", + "savedSearchId": "Metricbeat-Docker", + "title": "Number of Containers [Metricbeat Docker]", "uiStateJSON": { "vis": { "defaultColors": { @@ -129,7 +129,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -140,7 +140,7 @@ "field": "docker.info.containers.running" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -150,7 +150,7 @@ "field": "docker.info.containers.paused" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -160,7 +160,7 @@ "field": "docker.info.containers.stopped" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "listeners": {}, @@ -200,25 +200,25 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, "handleNoResults": true, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Number of Containers [Metricbeat Docker] ECS", - "winlog.api": "metric" + "title": "Number of Containers [Metricbeat Docker]", + "type": "metric" } }, "col": 8, - "id": "Docker-Number-of-Containers-ecs", + "id": "Docker-Number-of-Containers", "panelIndex": 2, "row": 1, "size_x": 5, "size_y": 2, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -228,10 +228,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker-ecs", - "title": "Docker containers per host [Metricbeat Docker] ECS", + "savedSearchId": "Metricbeat-Docker", + "title": "Docker containers per host [Metricbeat Docker]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -239,23 +239,23 @@ "id": "1", "params": { "customLabel": "Number of containers", - "field": "container.id" + "field": "docker.container.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { "customLabel": "Hosts", - "field": "agent.hostname", + "field": "beat.hostname", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -266,18 +266,18 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Docker containers per host [Metricbeat Docker] ECS", - "winlog.api": "pie" + "title": "Docker containers per host [Metricbeat Docker]", + "type": "pie" } }, "col": 8, - "id": "Docker-containers-per-host-ecs", + "id": "Docker-containers-per-host", "panelIndex": 3, "row": 3, "size_x": 2, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -287,10 +287,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker-ecs", - "title": "Docker images and names [Metricbeat Docker] ECS", + "savedSearchId": "Metricbeat-Docker", + "title": "Docker images and names [Metricbeat Docker]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -298,31 +298,31 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, "id": "2", "params": { - "field": "container.image.name", + "field": "docker.container.image", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": { - "field": "container.name", + "field": "docker.container.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -333,18 +333,18 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Docker images and names [Metricbeat Docker] ECS", - "winlog.api": "pie" + "title": "Docker images and names [Metricbeat Docker]", + "type": "pie" } }, "col": 10, - "id": "Docker-images-and-names-ecs", + "id": "Docker-images-and-names", "panelIndex": 7, "row": 3, "size_x": 3, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -369,14 +369,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module:docker AND metricset.name:cpu" + "query": "metricset.module:docker AND metricset.name:cpu" } } } }, - "title": "CPU usage [Metricbeat Docker] ECS", + "title": "CPU usage [Metricbeat Docker]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -390,7 +390,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -403,20 +403,20 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { "customLabel": "Container name", - "field": "container.name", + "field": "docker.container.name", "order": "desc", "orderBy": "1.75", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -433,12 +433,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -463,7 +463,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -484,30 +484,30 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "CPU usage [Metricbeat Docker] ECS", - "winlog.api": "area" + "title": "CPU usage [Metricbeat Docker]", + "type": "area" } }, "col": 1, - "id": "Docker-CPU-usage-ecs", + "id": "Docker-CPU-usage", "panelIndex": 4, "row": 6, "size_x": 6, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -532,14 +532,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module:docker AND metricset.name:memory" + "query": "metricset.module:docker AND metricset.name:memory" } } } }, - "title": "Memory usage [Metricbeat Docker] ECS", + "title": "Memory usage [Metricbeat Docker]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -550,7 +550,7 @@ "field": "docker.memory.usage.total" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -563,20 +563,20 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { "customLabel": "Container name", - "field": "container.name", + "field": "docker.container.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -593,12 +593,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -623,7 +623,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -644,30 +644,30 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Memory usage [Metricbeat Docker] ECS", - "winlog.api": "area" + "title": "Memory usage [Metricbeat Docker]", + "type": "area" } }, "col": 7, - "id": "Docker-memory-usage-ecs", + "id": "Docker-memory-usage", "panelIndex": 5, "row": 6, "size_x": 6, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -692,14 +692,14 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module:docker AND metricset.name:network" + "query": "metricset.module:docker AND metricset.name:network" } } } }, - "title": "Network IO [Metricbeat Docker] ECS", + "title": "Network IO [Metricbeat Docker]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -710,7 +710,7 @@ "field": "docker.network.in.bytes" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -723,20 +723,20 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { "customLabel": "Container name", - "field": "container.name", + "field": "docker.container.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -746,7 +746,7 @@ "field": "docker.network.out.bytes" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "listeners": {}, @@ -763,12 +763,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -793,7 +793,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -814,30 +814,30 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Network IO [Metricbeat Docker] ECS", - "winlog.api": "area" + "title": "Network IO [Metricbeat Docker]", + "type": "area" } }, "col": 1, - "id": "Docker-Network-IO-ecs", + "id": "Docker-Network-IO", "panelIndex": 6, "row": 9, "size_x": 12, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -866,7 +866,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module:docker" + "query": "metricset.module:docker" } } } @@ -875,12 +875,12 @@ "@timestamp", "desc" ], - "title": "Metricbeat Docker ECS", - "winlog.version": 1 + "title": "Metricbeat Docker", + "version": 1 }, - "id": "Metricbeat-Docker-ecs", - "winlog.api": "search", - "winlog.version": 4 + "id": "Metricbeat-Docker", + "type": "search", + "version": 4 }, { "attributes": { @@ -899,7 +899,7 @@ } ], "highlightAll": true, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -908,70 +908,70 @@ "panelsJSON": [ { "col": 1, - "id": "Docker-containers-ecs", + "id": "Docker-containers", "panelIndex": 1, "row": 1, "size_x": 7, "size_y": 5, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 8, - "id": "Docker-Number-of-Containers-ecs", + "id": "Docker-Number-of-Containers", "panelIndex": 2, "row": 1, "size_x": 5, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 8, - "id": "Docker-containers-per-host-ecs", + "id": "Docker-containers-per-host", "panelIndex": 3, "row": 3, "size_x": 2, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 10, - "id": "Docker-images-and-names-ecs", + "id": "Docker-images-and-names", "panelIndex": 7, "row": 3, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Docker-CPU-usage-ecs", + "id": "Docker-CPU-usage", "panelIndex": 4, "row": 6, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "Docker-memory-usage-ecs", + "id": "Docker-memory-usage", "panelIndex": 5, "row": 6, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Docker-Network-IO-ecs", + "id": "Docker-Network-IO", "panelIndex": 6, "row": 9, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat Docker] Overview ECS", + "title": "[Metricbeat Docker] Overview", "uiStateJSON": { "P-1": { "vis": { @@ -1006,12 +1006,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "AV4REOpp5NkDleZmzKkE-ecs", - "winlog.api": "dashboard", - "winlog.version": 3 + "id": "AV4REOpp5NkDleZmzKkE", + "type": "dashboard", + "version": 3 } ], - "winlog.version": "5.6.0-SNAPSHOT" + "version": "5.6.0-SNAPSHOT" } diff --git a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json index 0b569dc16b93..b308511303dd 100644 --- a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json +++ b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json @@ -17,22 +17,22 @@ } } }, - "title": "Heap Summary [Metricbeat Golang] ECS", + "title": "Heap Summary [Metricbeat Golang]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.total\").label(\"System Total Memory\").yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"min:golang.heap.allocations.allocated\").label(\"Bytes Allocated(min)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.allocated\").label(\"Bytes Allocated(max)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.next_gc_limit\").label(\"GC Limit\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.pause.count\").condition(lt,1, null).points().label(\"GC Cycles(count)\").yaxis(2,label=\"Count\")", "interval": "10s" }, - "title": "Heap Summary [Metricbeat Golang] ECS", - "winlog.api": "timelion" + "title": "Heap Summary [Metricbeat Golang]", + "type": "timelion" } }, - "id": "58000780-f529-11e6-844d-b170e2f0a07e-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "58000780-f529-11e6-844d-b170e2f0a07e", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -51,22 +51,22 @@ } } }, - "title": "Heap [Metricbeat Golang] ECS", + "title": "Heap [Metricbeat Golang]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.total\").label(\"Heap Total\").derivative().movingaverage(30).yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.active\").label(\"Heap Inuse\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.allocated\").label(\"Heap Allocated\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.idle\").label(\"Heap Idle\").movingaverage(30)", "interval": "10s" }, - "title": "Heap [Metricbeat Golang] ECS", - "winlog.api": "timelion" + "title": "Heap [Metricbeat Golang]", + "type": "timelion" } }, - "id": "95388680-f52a-11e6-969c-518c48c913e4-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "95388680-f52a-11e6-969c-518c48c913e4", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -85,22 +85,22 @@ } } }, - "title": "Objects [Metricbeat Golang] ECS", + "title": "Objects [Metricbeat Golang]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.objects\").label(\"Object Count(avg)\").yaxis(1,label=\"Count\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.total\").derivative().label(\"Allocation Rate\").yaxis(2,label=\"Rate\").movingaverage(30)", "interval": "10s" }, - "title": "Objects [Metricbeat Golang] ECS", - "winlog.api": "timelion" + "title": "Objects [Metricbeat Golang]", + "type": "timelion" } }, - "id": "b59a5200-f52a-11e6-969c-518c48c913e4-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "b59a5200-f52a-11e6-969c-518c48c913e4", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -119,22 +119,22 @@ } } }, - "title": "System [Metricbeat Golang] ECS", + "title": "System [Metricbeat Golang]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.total\").label(\"System Total\").yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.obtained\").label(\"System Obtained\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.stack\").label(\"System Stack\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.released\").label(\"System Released\")", "interval": "10s" }, - "title": "System [Metricbeat Golang] ECS", - "winlog.api": "timelion" + "title": "System [Metricbeat Golang]", + "type": "timelion" } }, - "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -153,22 +153,22 @@ } } }, - "title": "GC count [Metricbeat Golang] ECS", + "title": "GC count [Metricbeat Golang]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.count\").label(\"GC Count\").bars().yaxis(label=\"Count\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.total_count\").label(\"GC Rate\").derivative().movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.cpu_fraction\").label(\"CPU Fraction\").yaxis(2,label=\"Fraction\")", "interval": "10s" }, - "title": "GC count [Metricbeat Golang] ECS", - "winlog.api": "timelion" + "title": "GC count [Metricbeat Golang]", + "type": "timelion" } }, - "id": "b046cb80-f52a-11e6-969c-518c48c913e4-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "b046cb80-f52a-11e6-969c-518c48c913e4", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -187,22 +187,22 @@ } } }, - "title": "GC durations [Metricbeat Golang] ECS", + "title": "GC durations [Metricbeat Golang]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.sum.ns\").bars().label(\"sum of GC Pause durations(ns)\").yaxis(label=\"Durations(ns)\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.total_pause.ns\").derivative().movingaverage(30).label(\"Total GC Pause(ns) Rate\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.max.ns\").label(\"Max GC Pause(ns)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.pause.avg.ns\").label(\"Avg GC Pause(ns)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.count\").condition(lt,1, null).label(\"GC Pause count\").points().yaxis(2,label=\"Count\")", "interval": "10s" }, - "title": "GC durations [Metricbeat Golang] ECS", - "winlog.api": "timelion" + "title": "GC durations [Metricbeat Golang]", + "type": "timelion" } }, - "id": "ab226b50-f52a-11e6-969c-518c48c913e4-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "ab226b50-f52a-11e6-969c-518c48c913e4", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -221,7 +221,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -230,68 +230,68 @@ "panelsJSON": [ { "col": 1, - "id": "58000780-f529-11e6-844d-b170e2f0a07e-ecs", + "id": "58000780-f529-11e6-844d-b170e2f0a07e", "panelIndex": 8, "row": 1, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "95388680-f52a-11e6-969c-518c48c913e4-ecs", + "id": "95388680-f52a-11e6-969c-518c48c913e4", "panelIndex": 9, "row": 4, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "b59a5200-f52a-11e6-969c-518c48c913e4-ecs", + "id": "b59a5200-f52a-11e6-969c-518c48c913e4", "panelIndex": 10, "row": 4, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4-ecs", + "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4", "panelIndex": 11, "row": 4, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "b046cb80-f52a-11e6-969c-518c48c913e4-ecs", + "id": "b046cb80-f52a-11e6-969c-518c48c913e4", "panelIndex": 12, "row": 8, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ab226b50-f52a-11e6-969c-518c48c913e4-ecs", + "id": "ab226b50-f52a-11e6-969c-518c48c913e4", "panelIndex": 13, "row": 8, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat Golang] Overview ECS", + "title": "[Metricbeat Golang] Overview", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "f2dc7320-f519-11e6-a3c9-9d1f7c42b045-ecs", - "winlog.api": "dashboard", - "winlog.version": 3 + "id": "f2dc7320-f519-11e6-a3c9-9d1f7c42b045", + "type": "dashboard", + "version": 3 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json index 0c19495a0342..0f69e3e35b02 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -29,10 +29,10 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -42,10 +42,10 @@ "x": 6, "y": 0 }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -55,10 +55,10 @@ "x": 6, "y": 2 }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -68,10 +68,10 @@ "x": 9, "y": 0 }, - "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", + "id": "40bed190-473b-11e8-bc13-1397384faad3", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -81,10 +81,10 @@ "x": 0, "y": 2 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", + "id": "0751ed00-479c-11e8-bc13-1397384faad3", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -94,21 +94,21 @@ "x": 0, "y": 4 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", + "id": "b3463670-47a1-11e8-bc13-1397384faad3", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Backend ECS", - "winlog.version": 1 + "title": "[Metricbeat HAProxy] Backend", + "version": 1 }, - "id": "9151c900-471d-11e8-bc13-1397384faad3-ecs", - "winlog.api": "dashboard", + "id": "9151c900-471d-11e8-bc13-1397384faad3", + "type": "dashboard", "updated_at": "2018-04-24T18:31:25.838Z", - "winlog.version": 15 + "version": 15 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json index 91f7345cd7cd..cf576d4d13a4 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -29,10 +29,10 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -42,21 +42,21 @@ "x": 6, "y": 0 }, - "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", + "id": "86159190-47c5-11e8-bc13-1397384faad3", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Frontend ECS", - "winlog.version": 1 + "title": "[Metricbeat HAProxy] Frontend", + "version": 1 }, - "id": "d5878d00-47c5-11e8-bc13-1397384faad3-ecs", - "winlog.api": "dashboard", + "id": "d5878d00-47c5-11e8-bc13-1397384faad3", + "type": "dashboard", "updated_at": "2018-04-24T18:32:51.945Z", - "winlog.version": 5 + "version": 5 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json index 31a3c8c7a13b..d848cca02b85 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -29,10 +29,10 @@ "x": 0, "y": 5 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -42,10 +42,10 @@ "x": 9, "y": 0 }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -55,10 +55,10 @@ "x": 6, "y": 2 }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -68,10 +68,10 @@ "x": 6, "y": 0 }, - "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", + "id": "40bed190-473b-11e8-bc13-1397384faad3", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -81,10 +81,10 @@ "x": 4, "y": 5 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", + "id": "0751ed00-479c-11e8-bc13-1397384faad3", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -94,10 +94,10 @@ "x": 8, "y": 5 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", + "id": "b3463670-47a1-11e8-bc13-1397384faad3", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -107,10 +107,10 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -120,21 +120,21 @@ "x": 0, "y": 3 }, - "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", + "id": "981d1040-47be-11e8-bc13-1397384faad3", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP backend ECS", - "winlog.version": 1 + "title": "[Metricbeat HAProxy] HTTP backend", + "version": 1 }, - "id": "0836a4b0-47bd-11e8-bc13-1397384faad3-ecs", - "winlog.api": "dashboard", + "id": "0836a4b0-47bd-11e8-bc13-1397384faad3", + "type": "dashboard", "updated_at": "2018-04-24T18:33:28.791Z", - "winlog.version": 6 + "version": 6 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json index 12079bfbbd04..3b97ef38e38b 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -29,10 +29,10 @@ "x": 6, "y": 3 }, - "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", + "id": "86159190-47c5-11e8-bc13-1397384faad3", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -42,10 +42,10 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -55,21 +55,21 @@ "x": 0, "y": 3 }, - "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", + "id": "30956d00-47d7-11e8-bc13-1397384faad3", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP frontend ECS", - "winlog.version": 1 + "title": "[Metricbeat HAProxy] HTTP frontend", + "version": 1 }, - "id": "e9057ae0-47c5-11e8-bc13-1397384faad3-ecs", - "winlog.api": "dashboard", + "id": "e9057ae0-47c5-11e8-bc13-1397384faad3", + "type": "dashboard", "updated_at": "2018-04-24T18:34:15.954Z", - "winlog.version": 5 + "version": 5 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json index d297538157cf..3e3720581bcc 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -29,10 +29,10 @@ "x": 0, "y": 5 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", + "id": "0751ed00-479c-11e8-bc13-1397384faad3", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -42,10 +42,10 @@ "x": 6, "y": 3 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", + "id": "b3463670-47a1-11e8-bc13-1397384faad3", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -55,10 +55,10 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -68,10 +68,10 @@ "x": 0, "y": 3 }, - "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", + "id": "981d1040-47be-11e8-bc13-1397384faad3", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -81,10 +81,10 @@ "x": 6, "y": 0 }, - "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", + "id": "72e84b00-47e1-11e8-bc13-1397384faad3", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -94,21 +94,21 @@ "x": 6, "y": 5 }, - "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", + "id": "976b0910-47e4-11e8-bc13-1397384faad3", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP server ECS", - "winlog.version": 1 + "title": "[Metricbeat HAProxy] HTTP server", + "version": 1 }, - "id": "8cc50a50-47e0-11e8-bc13-1397384faad3-ecs", - "winlog.api": "dashboard", + "id": "8cc50a50-47e0-11e8-bc13-1397384faad3", + "type": "dashboard", "updated_at": "2018-04-24T18:34:50.803Z", - "winlog.version": 9 + "version": 9 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json index ef155375a54f..4260414b2d13 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json @@ -12,7 +12,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -29,11 +29,11 @@ "x": 8, "y": 2 }, - "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", + "id": "79350d50-47db-11e8-bc13-1397384faad3", "panelIndex": "2", "title": "Servers", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -43,11 +43,11 @@ "x": 4, "y": 2 }, - "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", + "id": "8c8f0300-47dc-11e8-bc13-1397384faad3", "panelIndex": "3", "title": "Backends", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -57,11 +57,11 @@ "x": 0, "y": 2 }, - "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", + "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3", "panelIndex": "4", "title": "Frontends", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -71,21 +71,21 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat HAProxy] Overview", + "version": 1 }, - "id": "4b555c30-47dd-11e8-bc13-1397384faad3-ecs", - "winlog.api": "dashboard", + "id": "4b555c30-47dd-11e8-bc13-1397384faad3", + "type": "dashboard", "updated_at": "2018-04-24T18:31:56.356Z", - "winlog.version": 3 + "version": 3 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json index 0517aa4bd534..11d7504d3e71 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json @@ -6,9 +6,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections [Metricbeat HAProxy] ECS", + "title": "Connections [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -24,7 +24,7 @@ "id": "69899960-4719-11e8-a520-3f46123ab5eb" } ], - "filter": "haproxy.stat.component_winlog.api:(0 OR 1)", + "filter": "haproxy.stat.component_type:(0 OR 1)", "gauge_color_rules": [ { "id": "6f171ba0-4719-11e8-a520-3f46123ab5eb" @@ -51,18 +51,18 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "41ff3940-4719-11e8-a520-3f46123ab5eb", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "41ff3940-4719-11e8-a520-3f46123ab5eb", "id": "456a5fa0-4738-11e8-8633-8f8b3acf1566", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -84,16 +84,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy connections ECS", - "winlog.api": "metrics" + "title": "HAProxy connections", + "type": "metrics" } }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-23T20:54:01.082Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -101,9 +101,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Active servers in backend [Metricbeat HAProxy] ECS", + "title": "Active servers in backend [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -122,7 +122,7 @@ "id": "297160c0-471d-11e8-9876-09cc6c85f5f2" } ], - "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", + "filter": "haproxy.stat.component_type:(2 OR 3)", "gauge_color_rules": [ { "gauge": "rgba(255,0,5,1)", @@ -164,7 +164,7 @@ "metric_agg": "count", "numerator": "*", "script": "params.up / (params.down + params.up)", - "winlog.api": "cardinality", + "type": "cardinality", "variables": [ { "field": "61ca57f2-469d-11e7-af02-69e470af7417", @@ -198,7 +198,7 @@ { "field": "haproxy.stat.server.id", "id": "2cba9421-4724-11e8-b854-2f6d2b452362", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -210,16 +210,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "HAProxy active servers in backend ECS", - "winlog.api": "metrics" + "title": "HAProxy active servers in backend", + "type": "metrics" } }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-23T21:36:57.634Z", - "winlog.version": 8 + "version": 8 }, { "attributes": { @@ -227,9 +227,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections per server [Metricbeat HAProxy] ECS", + "title": "Connections per server [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -240,8 +240,8 @@ "id": "978f2660-4735-11e8-b619-8f82b8185e96" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", - "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "filter": "haproxy.stat.component_type:(2 OR 3)", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -259,12 +259,12 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "3ea29000-4735-11e8-b619-8f82b8185e96", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -278,16 +278,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "HAProxy connections per server ECS", - "winlog.api": "metrics" + "title": "HAProxy connections per server", + "type": "metrics" } }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T17:12:35.298Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -295,9 +295,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Downtime seconds [Metricbeat HAProxy] ECS", + "title": "Downtime seconds [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -308,7 +308,7 @@ "id": "c86b8e00-4739-11e8-8953-55bbe33e1362" } ], - "filter": "haproxy.stat.component_winlog.api:1", + "filter": "haproxy.stat.component_type:1", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -326,19 +326,19 @@ { "field": "haproxy.stat.downtime", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "91aa6a20-473a-11e8-8953-55bbe33e1362", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "91aa6a20-473a-11e8-8953-55bbe33e1362", "id": "a8ce7ca0-473a-11e8-8953-55bbe33e1362", "sigma": "", - "winlog.api": "sum_bucket" + "type": "sum_bucket" } ], "point_size": 1, @@ -352,16 +352,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "HAProxy downtime seconds ECS", - "winlog.api": "metrics" + "title": "HAProxy downtime seconds", + "type": "metrics" } }, - "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "40bed190-473b-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-23T21:29:04.708Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -369,9 +369,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average time in queue [Metricbeat HAProxy] ECS", + "title": "Average time in queue [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -394,7 +394,7 @@ { "field": "haproxy.stat.queue.time.avg", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -406,16 +406,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy average time in queue ECS", - "winlog.api": "metrics" + "title": "HAProxy average time in queue", + "type": "metrics" } }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T09:27:25.783Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -423,9 +423,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Traffic volume [Metricbeat HAProxy] ECS", + "title": "Traffic volume [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -448,12 +448,12 @@ { "field": "haproxy.stat.in.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "9814c420-47c4-11e8-994c-81d2daeb7c86", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -475,12 +475,12 @@ { "field": "haproxy.stat.out.bytes", "id": "c89d6340-47c4-11e8-994c-81d2daeb7c86", - "winlog.api": "sum" + "type": "sum" }, { "field": "c89d6340-47c4-11e8-994c-81d2daeb7c86", "id": "c89d6341-47c4-11e8-994c-81d2daeb7c86", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -494,16 +494,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy traffic volume ECS", - "winlog.api": "metrics" + "title": "HAProxy traffic volume", + "type": "metrics" } }, - "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "86159190-47c5-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T14:43:27.616Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -511,9 +511,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "HTTP response codes [Metricbeat HAProxy] ECS", + "title": "HTTP response codes [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -536,18 +536,18 @@ { "field": "haproxy.stat.response.http.2xx", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "973a6de0-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "973a6de0-47bd-11e8-b7ab-dff70b15977c", "id": "4971d580-47e5-11e8-b45e-f10c3845381c", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -569,12 +569,12 @@ { "field": "haproxy.stat.response.http.3xx", "id": "aafd05e1-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "sum" + "type": "sum" }, { "field": "aafd05e1-47bd-11e8-b7ab-dff70b15977c", "id": "aafd05e2-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -596,12 +596,12 @@ { "field": "haproxy.stat.response.http.4xx", "id": "c77191a1-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "sum" + "type": "sum" }, { "field": "c77191a1-47bd-11e8-b7ab-dff70b15977c", "id": "c77191a2-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -623,12 +623,12 @@ { "field": "haproxy.stat.response.http.5xx", "id": "d574e901-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "sum" + "type": "sum" }, { "field": "d574e901-47bd-11e8-b7ab-dff70b15977c", "id": "d5753720-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -650,12 +650,12 @@ { "field": "haproxy.stat.response.http.other", "id": "e3b8a4c1-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "sum" + "type": "sum" }, { "field": "e3b8a4c1-47bd-11e8-b7ab-dff70b15977c", "id": "e3b8a4c2-47bd-11e8-b7ab-dff70b15977c", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -677,12 +677,12 @@ { "field": "haproxy.stat.response.errors", "id": "f9217d41-47be-11e8-b7ab-dff70b15977c", - "winlog.api": "sum" + "type": "sum" }, { "field": "f9217d41-47be-11e8-b7ab-dff70b15977c", "id": "1b7d4400-47bf-11e8-b7ab-dff70b15977c", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -695,16 +695,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy HTTP response codes ECS", - "winlog.api": "metrics" + "title": "HAProxy HTTP response codes", + "type": "metrics" } }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T17:31:30.169Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -712,9 +712,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average response time [Metricbeat HAProxy] ECS", + "title": "Average response time [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -737,7 +737,7 @@ { "field": "haproxy.stat.response.time.avg", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -750,16 +750,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy average response time ECS", - "winlog.api": "metrics" + "title": "HAProxy average response time", + "type": "metrics" } }, - "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "981d1040-47be-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T13:01:49.811Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -767,9 +767,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Requests [Metricbeat HAProxy] ECS", + "title": "Requests [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -792,18 +792,18 @@ { "field": "haproxy.stat.request.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "max" + "type": "max" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "ad38e2c0-47d6-11e8-994c-81d2daeb7c86", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "ad38e2c0-47d6-11e8-994c-81d2daeb7c86", "id": "b1ca03a0-47d6-11e8-994c-81d2daeb7c86", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -825,18 +825,18 @@ { "field": "haproxy.stat.request.errors", "id": "c2f30501-47d6-11e8-994c-81d2daeb7c86", - "winlog.api": "max" + "type": "max" }, { "field": "c2f30501-47d6-11e8-994c-81d2daeb7c86", "id": "c2f30502-47d6-11e8-994c-81d2daeb7c86", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "c2f30502-47d6-11e8-994c-81d2daeb7c86", "id": "c2f30503-47d6-11e8-994c-81d2daeb7c86", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -858,18 +858,18 @@ { "field": "haproxy.stat.request.denied", "id": "11968ce1-47d7-11e8-994c-81d2daeb7c86", - "winlog.api": "max" + "type": "max" }, { "field": "11968ce1-47d7-11e8-994c-81d2daeb7c86", "id": "11968ce2-47d7-11e8-994c-81d2daeb7c86", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "11968ce2-47d7-11e8-994c-81d2daeb7c86", "id": "11968ce3-47d7-11e8-994c-81d2daeb7c86", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -882,16 +882,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy requests ECS", - "winlog.api": "metrics" + "title": "HAProxy requests", + "type": "metrics" } }, - "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "30956d00-47d7-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T15:50:19.344Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -899,9 +899,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average connection time [Metricbeat HAProxy] ECS", + "title": "Average connection time [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -947,7 +947,7 @@ "value": "50" } ], - "winlog.api": "percentile" + "type": "percentile" } ], "point_size": 1, @@ -961,16 +961,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy average connection time ECS", - "winlog.api": "metrics" + "title": "HAProxy average connection time", + "type": "metrics" } }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T08:51:34.252Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -978,9 +978,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Number of server connections [Metricbeat HAProxy] ECS", + "title": "Number of server connections [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -995,7 +995,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", + "filter": "haproxy.stat.component_type:(2 OR 3)", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Number of connections", @@ -1004,18 +1004,18 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "22668d40-47e1-11e8-96ee-d767c73d008a", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "22668d40-47e1-11e8-96ee-d767c73d008a", "id": "2a1d0a00-47e1-11e8-96ee-d767c73d008a", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -1029,16 +1029,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy number of server connections ECS", - "winlog.api": "metrics" + "title": "HAProxy number of server connections", + "type": "metrics" } }, - "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "72e84b00-47e1-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T17:05:00.128Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1046,9 +1046,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Healthcheck [Metricbeat HAProxy] ECS", + "title": "Healthcheck [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1071,25 +1071,25 @@ { "field": "haproxy.stat.downtime", "id": "198f56e1-47e4-11e8-b45e-f10c3845381c", - "winlog.api": "sum" + "type": "sum" }, { "field": "198f56e1-47e4-11e8-b45e-f10c3845381c", "id": "dbf38560-47e6-11e8-b45e-f10c3845381c", "sigma": "", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "dbf38560-47e6-11e8-b45e-f10c3845381c", "id": "62274b80-47e7-11e8-b45e-f10c3845381c", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { "id": "7b7a7300-47e7-11e8-b45e-f10c3845381c", "script": "(params.down > 0) ? 1 : 0", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "62274b80-47e7-11e8-b45e-f10c3845381c", @@ -1117,7 +1117,7 @@ { "field": "haproxy.stat.check.duration", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -1129,16 +1129,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "HAProxy healthcheck ECS", - "winlog.api": "metrics" + "title": "HAProxy healthcheck", + "type": "metrics" } }, - "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "976b0910-47e4-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T17:49:15.393Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -1146,9 +1146,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Servers per connection [Metricbeat HAProxy] ECS", + "title": "Servers per connection [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1159,7 +1159,7 @@ "id": "50830800-47d9-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", "filter": "", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "ignore_global_filter": 0, @@ -1172,7 +1172,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_winlog.api:(2 OR 3)", + "filter": "haproxy.stat.component_type:(2 OR 3)", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Servers", @@ -1181,7 +1181,7 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" } ], "point_size": 1, @@ -1197,16 +1197,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "HAProxy servers per connection ECS", - "winlog.api": "metrics" + "title": "HAProxy servers per connection", + "type": "metrics" } }, - "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "79350d50-47db-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T17:11:53.619Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -1214,9 +1214,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Backends per connection [Metricbeat HAProxy] ECS", + "title": "Backends per connection [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1227,7 +1227,7 @@ "id": "4aeddd40-47dc-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/0836a4b0-47bd-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/0836a4b0-47bd-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1237,7 +1237,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_winlog.api:1", + "filter": "haproxy.stat.component_type:1", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Backends", @@ -1246,7 +1246,7 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" } ], "point_size": 1, @@ -1261,16 +1261,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "HAProxy backends per connection ECS", - "winlog.api": "metrics" + "title": "HAProxy backends per connection", + "type": "metrics" } }, - "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "8c8f0300-47dc-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T16:46:24.802Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1278,9 +1278,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Frontends per connection [Metricbeat HAProxy] ECS", + "title": "Frontends per connection [Metricbeat HAProxy]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1291,7 +1291,7 @@ "id": "b81d8640-47dc-11e8-9a25-99b107967d82" } ], - "drilldown_url": "../app/kibana#/dashboard/e9057ae0-47c5-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/e9057ae0-47c5-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1301,7 +1301,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "haproxy.stat.component_winlog.api:0", + "filter": "haproxy.stat.component_type:0", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", "label": "Frontends", @@ -1310,7 +1310,7 @@ { "field": "haproxy.stat.connection.total", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" } ], "point_size": 1, @@ -1325,17 +1325,17 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "HAProxy frontends per connection ECS", - "winlog.api": "metrics" + "title": "HAProxy frontends per connection", + "type": "metrics" } }, - "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", - "winlog.api": "visualization", + "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3", + "type": "visualization", "updated_at": "2018-04-24T16:54:16.639Z", - "winlog.version": 3 + "version": 3 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json index 54cae3418154..26d9a778a348 100644 --- a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json +++ b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json @@ -6,9 +6,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", + "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -38,7 +38,7 @@ { "field": "kafka.partition.offset.newest", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" } ], "point_size": "0", @@ -64,7 +64,7 @@ { "field": "kafka.consumergroup.offset", "id": "d43034c1-8f1e-11e8-8784-cd0acd161a28", - "winlog.api": "sum" + "type": "sum" } ], "point_size": "1.5", @@ -86,16 +86,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", - "winlog.api": "metrics" + "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka]", + "type": "metrics" } }, - "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", - "winlog.api": "visualization", + "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f", + "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "winlog.version": 9 + "version": 9 }, { "attributes": { @@ -103,9 +103,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Controls [Metricbeat Kafka] ECS", + "title": "Kafka Controls [Metricbeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -119,10 +119,10 @@ "multiselect": true, "order": "desc", "size": 10, - "winlog.api": "terms" + "type": "terms" }, "parent": "", - "winlog.api": "list" + "type": "list" }, { "fieldName": "kafka.partition.id", @@ -133,24 +133,24 @@ "multiselect": true, "order": "desc", "size": 5, - "winlog.api": "terms" + "type": "terms" }, "parent": "1532342651170", - "winlog.api": "list" + "type": "list" } ], "pinFilters": false, "updateFiltersOnChange": true, "useTimeFilter": false }, - "title": "Kafka Controls [Metricbeat Kafka] ECS", - "winlog.api": "input_control_vis" + "title": "Kafka Controls [Metricbeat Kafka]", + "type": "input_control_vis" } }, - "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", - "winlog.api": "visualization", + "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f", + "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "winlog.version": 10 + "version": 10 }, { "attributes": { @@ -158,9 +158,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", + "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -184,17 +184,17 @@ { "field": "kafka.partition.offset.newest", "id": "0dcb8021-8e6d-11e8-bfab-6f29bad3a6f2", - "winlog.api": "max" + "type": "max" }, { "field": "kafka.consumergroup.offset", "id": "4bd11db0-8e6f-11e8-bfab-6f29bad3a6f2", - "winlog.api": "max" + "type": "max" }, { "id": "e0742d50-8e78-11e8-abb3-cf57ca7a810c", "script": "def lag = params.partition - params.consumergroup; if (lag < 0) { return 0 } return lag", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "0dcb8021-8e6d-11e8-bfab-6f29bad3a6f2", @@ -220,16 +220,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", - "winlog.api": "metrics" + "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka]", + "type": "metrics" } }, - "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", - "winlog.api": "visualization", + "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f", + "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "winlog.version": 8 + "version": 8 }, { "attributes": { @@ -249,16 +249,16 @@ "negate": false, "params": { "query": "partition", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "partition" }, "query": { "match": { "metricset.name": { "query": "partition", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -275,16 +275,16 @@ "negate": true, "params": { "query": "__consumer_offsets", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "__consumer_offsets" }, "query": { "match": { "kafka.topic.name": { "query": "__consumer_offsets", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -297,9 +297,9 @@ } } }, - "title": "Kafka Metrics [Metricbeat Kafka] ECS", + "title": "Kafka Metrics [Metricbeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -310,7 +310,7 @@ "field": "kafka.topic.name" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -320,7 +320,7 @@ "field": "kafka.partition.broker.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -330,7 +330,7 @@ "field": "kafka.partition.topic_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -340,7 +340,7 @@ "field": "kafka.partition.topic_broker_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -369,16 +369,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Kafka Metrics [Metricbeat Kafka] ECS", - "winlog.api": "metric" + "title": "Kafka Metrics [Metricbeat Kafka]", + "type": "metric" } }, - "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", - "winlog.api": "visualization", + "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f", + "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "winlog.version": 12 + "version": 12 }, { "attributes": { @@ -386,9 +386,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", + "title": "Consumer Partition Reassignments [Metricbeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -415,18 +415,18 @@ { "field": "kafka.consumergroup.partition", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "6b69c760-8f20-11e8-8927-d7e991b5b6ab", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "id": "976f9d80-8f20-11e8-8927-d7e991b5b6ab", "script": "if (params.sum_partition < 0) { return -1 } else if (params.sum_partition > 0) { return 1 }", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "6b69c760-8f20-11e8-8927-d7e991b5b6ab", @@ -448,16 +448,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", - "winlog.api": "metrics" + "title": "Consumer Partition Reassignments [Metricbeat Kafka]", + "type": "metrics" } }, - "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", - "winlog.api": "visualization", + "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f", + "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "winlog.version": 8 + "version": 8 }, { "attributes": { @@ -477,16 +477,16 @@ "negate": true, "params": { "query": "__consumer_offsets", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "__consumer_offsets" }, "query": { "match": { "kafka.topic.name": { "query": "__consumer_offsets", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -499,9 +499,9 @@ } } }, - "title": "Consumer Metrics [Metricbeat Kafka] ECS", + "title": "Consumer Metrics [Metricbeat Kafka]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -512,7 +512,7 @@ "field": "kafka.consumergroup.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -541,16 +541,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Consumer Metrics [Metricbeat Kafka] ECS", - "winlog.api": "metric" + "title": "Consumer Metrics [Metricbeat Kafka]", + "type": "metric" } }, - "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", - "winlog.api": "visualization", + "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f", + "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "winlog.version": 8 + "version": 8 }, { "attributes": { @@ -565,7 +565,7 @@ } } }, - "title": "Kafka Consumer Group Clients [Metricbeat Kafka] ECS", + "title": "Kafka Consumer Group Clients [Metricbeat Kafka]", "uiStateJSON": { "vis": { "params": { @@ -576,7 +576,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -587,7 +587,7 @@ "field": "kafka.consumergroup.offset" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -604,7 +604,7 @@ "size": 64 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -621,7 +621,7 @@ "size": 64 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -638,7 +638,7 @@ "size": 256 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -652,14 +652,14 @@ }, "totalFunc": "sum" }, - "title": "Kafka Consumer Group Clients [Metricbeat Kafka] ECS", - "winlog.api": "table" + "title": "Kafka Consumer Group Clients [Metricbeat Kafka]", + "type": "table" } }, - "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", - "winlog.api": "visualization", + "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9", + "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -667,7 +667,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Broker Details [Metricbeat Kafka] ECS", + "title": "Kafka Broker Details [Metricbeat Kafka]", "uiStateJSON": { "table": { "sort": { @@ -676,7 +676,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -708,7 +708,7 @@ { "field": "kafka.topic.name", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -737,7 +737,7 @@ { "field": "kafka.partition.topic_id", "id": "b38eb8b0-d2ec-11e8-88c8-af5b2a9ee6b2", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -764,7 +764,7 @@ { "field": "kafka.partition.topic_broker_id", "id": "cf09f050-d2ec-11e8-88c8-af5b2a9ee6b2", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -776,16 +776,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "table" + "type": "table" }, - "title": "Kafka Broker Details [Metricbeat Kafka] ECS", - "winlog.api": "metrics" + "title": "Kafka Broker Details [Metricbeat Kafka]", + "type": "metrics" } }, - "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", - "winlog.api": "visualization", + "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9", + "type": "visualization", "updated_at": "2018-10-18T16:28:30.809Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -793,7 +793,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Topic Details [Metricbeat Kafka] ECS", + "title": "Kafka Topic Details [Metricbeat Kafka]", "uiStateJSON": { "table": { "sort": { @@ -802,7 +802,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -839,7 +839,7 @@ { "field": "kafka.broker.id", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -866,7 +866,7 @@ { "field": "kafka.partition.id", "id": "7d640441-d2f4-11e8-9dd4-c5f03280d7b0", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -893,7 +893,7 @@ { "field": "kafka.partition.topic_broker_id", "id": "ad26e261-d2f4-11e8-9dd4-c5f03280d7b0", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -920,7 +920,7 @@ { "field": "kafka.consumergroup.client.id", "id": "26d2cd91-d2f5-11e8-9dd4-c5f03280d7b0", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -947,7 +947,7 @@ { "field": "kafka.partition.offset.newest", "id": "dc393530-d2f4-11e8-9dd4-c5f03280d7b0", - "winlog.api": "max" + "type": "max" } ], "point_size": 1, @@ -974,7 +974,7 @@ { "field": "kafka.partition.offset.oldest", "id": "11366c81-d2f5-11e8-9dd4-c5f03280d7b0", - "winlog.api": "min" + "type": "min" } ], "point_size": 1, @@ -986,16 +986,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "table" + "type": "table" }, - "title": "Kafka Topic Details [Metricbeat Kafka] ECS", - "winlog.api": "metrics" + "title": "Kafka Topic Details [Metricbeat Kafka]", + "type": "metrics" } }, - "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", - "winlog.api": "visualization", + "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9", + "type": "visualization", "updated_at": "2018-10-18T16:51:33.352Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -1009,7 +1009,7 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1026,11 +1026,11 @@ "x": 0, "y": 20 }, - "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", + "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f", "panelIndex": "1", "title": "Kafka Topic & Consumer Offsets", - "winlog.api": "visualization", - "winlog.version": "6.3.1" + "type": "visualization", + "version": "6.3.1" }, { "gridData": { @@ -1040,11 +1040,11 @@ "x": 0, "y": 0 }, - "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", + "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f", "panelIndex": "3", "title": "Kafka Controls", - "winlog.api": "visualization", - "winlog.version": "6.3.1" + "type": "visualization", + "version": "6.3.1" }, { "gridData": { @@ -1054,11 +1054,11 @@ "x": 0, "y": 6 }, - "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", + "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f", "panelIndex": "6", "title": "Consumer Group Lag by Topic", - "winlog.api": "visualization", - "winlog.version": "6.3.1" + "type": "visualization", + "version": "6.3.1" }, { "embeddableConfig": { @@ -1071,11 +1071,11 @@ "x": 16, "y": 0 }, - "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", + "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f", "panelIndex": "10", "title": "Kafka Metrics", - "winlog.api": "visualization", - "winlog.version": "6.3.1" + "type": "visualization", + "version": "6.3.1" }, { "embeddableConfig": {}, @@ -1086,11 +1086,11 @@ "x": 0, "y": 33 }, - "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", + "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f", "panelIndex": "12", "title": "Consumer Partition Reassignments", - "winlog.api": "visualization", - "winlog.version": "6.3.1" + "type": "visualization", + "version": "6.3.1" }, { "embeddableConfig": {}, @@ -1101,11 +1101,11 @@ "x": 41, "y": 0 }, - "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", + "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f", "panelIndex": "13", "title": "Consumer Metrics", - "winlog.api": "visualization", - "winlog.version": "6.3.1" + "type": "visualization", + "version": "6.3.1" }, { "embeddableConfig": { @@ -1126,11 +1126,11 @@ "x": 24, "y": 27 }, - "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", + "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9", "panelIndex": "14", "title": "Kafka Consumer Group Clients", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -1141,11 +1141,11 @@ "x": 24, "y": 6 }, - "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", + "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9", "panelIndex": "15", "title": "Kafka Brokers", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": { @@ -1163,22 +1163,22 @@ "x": 24, "y": 16 }, - "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", + "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9", "panelIndex": "16", "title": "Kafka Topic Details", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" } ], "timeRestore": false, - "title": "[Metricbeat Kafka] Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat Kafka] Overview", + "version": 1 }, - "id": "ea488d90-8e63-11e8-8fa2-3d5f811fbd0f-ecs", - "winlog.api": "dashboard", + "id": "ea488d90-8e63-11e8-8fa2-3d5f811fbd0f", + "type": "dashboard", "updated_at": "2018-10-18T17:11:35.895Z", - "winlog.version": 23 + "version": 23 } ], - "winlog.version": "6.3.0" + "version": "6.3.0" } diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json index d51b4e8f6ef4..8a1a788513e3 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json @@ -6,9 +6,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Top clients by number of requests ECS", + "title": "Kubernetes API Server: Top clients by number of requests", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -37,12 +37,12 @@ { "field": "kubernetes.apiserver.request.count", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "0e6ff4a0-5792-11e8-8bd0-2180975e72dd", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -64,16 +64,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Kubernetes API Server: Top clients by number of requests ECS", - "winlog.api": "metrics" + "title": "Kubernetes API Server: Top clients by number of requests", + "type": "metrics" } }, - "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", - "winlog.api": "visualization", + "id": "7cbeb750-5794-11e8-afa2-e9067ea62228", + "type": "visualization", "updated_at": "2018-05-14T18:23:10.501Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -81,9 +81,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Requests ECS", + "title": "Kubernetes API Server: Requests", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -107,17 +107,17 @@ { "field": "kubernetes.apiserver.request.latency.sum", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "kubernetes.apiserver.request.count", "id": "a2185e50-57a0-11e8-af57-a1d645d2b569", - "winlog.api": "sum" + "type": "sum" }, { "id": "b09133d0-57a0-11e8-af57-a1d645d2b569", "script": "params.sum / params.count", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "61ca57f2-469d-11e7-af02-69e470af7417", @@ -151,12 +151,12 @@ { "field": "kubernetes.apiserver.request.count", "id": "c001ba50-57a1-11e8-a049-ff54cef064a2", - "winlog.api": "sum" + "type": "sum" }, { "field": "c001ba50-57a1-11e8-a049-ff54cef064a2", "id": "dc83b390-57a1-11e8-a049-ff54cef064a2", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -169,16 +169,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Kubernetes API Server: Requests ECS", - "winlog.api": "metrics" + "title": "Kubernetes API Server: Requests", + "type": "metrics" } }, - "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", - "winlog.api": "visualization", + "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228", + "type": "visualization", "updated_at": "2018-05-14T18:21:27.515Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -186,9 +186,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Top clients by resource ECS", + "title": "Kubernetes API Server: Top clients by resource", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -217,12 +217,12 @@ { "field": "kubernetes.apiserver.request.count", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "0e6ff4a0-5792-11e8-8bd0-2180975e72dd", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -246,16 +246,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Kubernetes API Server: Top clients by resource ECS", - "winlog.api": "metrics" + "title": "Kubernetes API Server: Top clients by resource", + "type": "metrics" } }, - "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", - "winlog.api": "visualization", + "id": "95a7f110-57a2-11e8-afa2-e9067ea62228", + "type": "visualization", "updated_at": "2018-05-14T18:23:50.093Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -269,7 +269,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -287,10 +287,10 @@ "x": 0, "y": 22 }, - "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", + "id": "7cbeb750-5794-11e8-afa2-e9067ea62228", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -301,10 +301,10 @@ "x": 0, "y": 0 }, - "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", + "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -315,21 +315,21 @@ "x": 24, "y": 22 }, - "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", + "id": "95a7f110-57a2-11e8-afa2-e9067ea62228", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" } ], "timeRestore": false, - "title": "[Metricbeat Kubernetes] API server ECS", - "winlog.version": 1 + "title": "[Metricbeat Kubernetes] API server", + "version": 1 }, - "id": "af7225b0-5794-11e8-afa2-e9067ea62228-ecs", - "winlog.api": "dashboard", + "id": "af7225b0-5794-11e8-afa2-e9067ea62228", + "type": "dashboard", "updated_at": "2018-05-14T18:23:55.202Z", - "winlog.version": 5 + "version": 5 } ], - "winlog.version": "6.3.0" + "version": "6.3.0" } diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json index 148a7e3e8077..f4191b01a092 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json @@ -16,15 +16,15 @@ } } }, - "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", + "title": "Available pods per deployment [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "event.module:kubernetes AND metricset.name:state_deployment", + "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", "id": "117fadf0-30df-11e7-8df8-6d3604a72912", "index_pattern": "metricbeat-*", "interval": "auto", @@ -42,7 +42,7 @@ { "field": "kubernetes.deployment.replicas.available", "id": "64456841-30df-11e7-8df8-6d3604a72912", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -62,16 +62,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "Available pods per deployment [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", - "winlog.api": "visualization", + "id": "022a54c0-2bf5-11e7-859b-f78b612cde28", + "type": "visualization", "updated_at": "2018-03-11T20:59:01.845Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -86,9 +86,9 @@ } } }, - "title": "CPU usage by node [Metricbeat Kubernetes] ECS", + "title": "CPU usage by node [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -105,7 +105,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "event.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", + "filter": "metricset.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -130,7 +130,7 @@ { "field": "kubernetes.container.cpu.usage.nanocores", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "winlog.api": "sum" + "type": "sum" } ], "override_index_pattern": 0, @@ -159,12 +159,12 @@ { "field": "kubernetes.node.cpu.capacity.cores", "id": "22f65d41-31a7-11e7-84cc-096d2b38e6e5", - "winlog.api": "avg" + "type": "avg" }, { "id": "4af4c390-34d6-11e7-be88-cb6a123dc1bb", "script": "params.cores * 1000000000", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "22f65d41-31a7-11e7-84cc-096d2b38e6e5", @@ -189,16 +189,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "CPU usage by node [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "CPU usage by node [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", - "winlog.api": "visualization", + "id": "44f12b40-2bf4-11e7-859b-f78b612cde28", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -213,9 +213,9 @@ } } }, - "title": "Kubernetes - Deployments ECS", + "title": "Kubernetes - Deployments", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -232,7 +232,7 @@ "id": "68cdba10-30e0-11e7-8df8-6d3604a72912" } ], - "filter": "event.module:kubernetes AND metricset.name:state_deployment", + "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "69765620-30e0-11e7-8df8-6d3604a72912" @@ -258,7 +258,7 @@ { "field": "kubernetes.deployment.name", "id": "4c4690b2-30e0-11e7-8df8-6d3604a72912", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -270,16 +270,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Kubernetes - Deployments ECS", - "winlog.api": "metrics" + "title": "Kubernetes - Deployments", + "type": "metrics" } }, - "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", - "winlog.api": "visualization", + "id": "cd059410-2bfb-11e7-859b-f78b612cde28", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -294,9 +294,9 @@ } } }, - "title": "Kubernetes - Desired pods ECS", + "title": "Kubernetes - Desired pods", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -313,7 +313,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "event.module:kubernetes AND metricset.name:state_deployment", + "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -340,7 +340,7 @@ { "field": "kubernetes.deployment.replicas.desired", "id": "54cf79a0-30d5-11e7-8df8-6d3604a72912", - "winlog.api": "sum" + "type": "sum" } ], "override_index_pattern": 1, @@ -354,16 +354,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Kubernetes - Desired pods ECS", - "winlog.api": "metrics" + "title": "Kubernetes - Desired pods", + "type": "metrics" } }, - "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", - "winlog.api": "visualization", + "id": "e1018b90-2bfb-11e7-859b-f78b612cde28", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -381,9 +381,9 @@ } } }, - "title": "Memory usage by node [Metricbeat Kubernetes] ECS", + "title": "Memory usage by node [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -399,7 +399,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "event.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", + "filter": "metricset.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -424,17 +424,17 @@ { "field": "kubernetes.container.memory.usage.bytes", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "winlog.api": "sum" + "type": "sum" }, { "field": "0d5c9221-2bf2-11e7-859b-f78b612cde28", "id": "9f0cf900-1ffb-11e8-81f2-43be86397500", - "winlog.api": "cumulative_sum" + "type": "cumulative_sum" }, { "field": "9f0cf900-1ffb-11e8-81f2-43be86397500", "id": "a926e130-1ffb-11e8-81f2-43be86397500", - "winlog.api": "derivative", + "type": "derivative", "unit": "10s" } ], @@ -460,17 +460,17 @@ { "field": "kubernetes.node.memory.capacity.bytes", "id": "8ba3b271-31a7-11e7-84cc-096d2b38e6e5", - "winlog.api": "sum" + "type": "sum" }, { "field": "8ba3b271-31a7-11e7-84cc-096d2b38e6e5", "id": "d1fb2670-1ffb-11e8-81f2-43be86397500", - "winlog.api": "cumulative_sum" + "type": "cumulative_sum" }, { "field": "d1fb2670-1ffb-11e8-81f2-43be86397500", "id": "dc8b01f0-1ffb-11e8-81f2-43be86397500", - "winlog.api": "derivative", + "type": "derivative", "unit": "10s" } ], @@ -486,16 +486,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Memory usage by node [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "Memory usage by node [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", - "winlog.api": "visualization", + "id": "d6564360-2bfc-11e7-859b-f78b612cde28", + "type": "visualization", "updated_at": "2018-03-04T23:15:29.035Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -510,9 +510,9 @@ } } }, - "title": "Network in by node [Metricbeat Kubernetes] ECS", + "title": "Network in by node [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -529,7 +529,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "event.module:kubernetes AND metricset.name:pod", + "filter": "metricset.module:kubernetes AND metricset.name:pod", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -555,18 +555,18 @@ { "field": "kubernetes.pod.network.rx.bytes", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "winlog.api": "sum" + "type": "sum" }, { "field": "0d5c9221-2bf2-11e7-859b-f78b612cde28", "id": "494fc310-2bf7-11e7-859b-f78b612cde28", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "494fc310-2bf7-11e7-859b-f78b612cde28", "id": "37c72a70-3598-11e7-aa4a-8313a0c92a88", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -581,16 +581,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Network in by node [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "Network in by node [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", - "winlog.api": "visualization", + "id": "16fa4470-2bfd-11e7-859b-f78b612cde28", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -605,9 +605,9 @@ } } }, - "title": "Network out by node [Metricbeat Kubernetes] ECS", + "title": "Network out by node [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -624,7 +624,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "event.module:kubernetes AND metricset.name:pod", + "filter": "metricset.module:kubernetes AND metricset.name:pod", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -650,18 +650,18 @@ { "field": "kubernetes.pod.network.tx.bytes", "id": "0d5c9221-2bf2-11e7-859b-f78b612cde28", - "winlog.api": "sum" + "type": "sum" }, { "field": "0d5c9221-2bf2-11e7-859b-f78b612cde28", "id": "494fc310-2bf7-11e7-859b-f78b612cde28", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "494fc310-2bf7-11e7-859b-f78b612cde28", "id": "244c70e0-3598-11e7-aa4a-8313a0c92a88", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -676,16 +676,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Network out by node [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "Network out by node [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", - "winlog.api": "visualization", + "id": "294546b0-30d6-11e7-8df8-6d3604a72912", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -700,9 +700,9 @@ } } }, - "title": "Kubernetes - Nodes ECS", + "title": "Kubernetes - Nodes", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -719,7 +719,7 @@ "id": "68cdba10-30e0-11e7-8df8-6d3604a72912" } ], - "filter": "event.module:kubernetes AND metricset.name:state_node", + "filter": "metricset.module:kubernetes AND metricset.name:state_node", "gauge_color_rules": [ { "id": "69765620-30e0-11e7-8df8-6d3604a72912" @@ -745,7 +745,7 @@ { "field": "kubernetes.node.name", "id": "4c4690b2-30e0-11e7-8df8-6d3604a72912", - "winlog.api": "cardinality" + "type": "cardinality" } ], "point_size": 1, @@ -757,16 +757,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Kubernetes - Nodes ECS", - "winlog.api": "metrics" + "title": "Kubernetes - Nodes", + "type": "metrics" } }, - "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", - "winlog.api": "visualization", + "id": "408fccf0-30d6-11e7-8df8-6d3604a72912", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -781,9 +781,9 @@ } } }, - "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", + "title": "Top CPU intensive pods [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -795,7 +795,7 @@ "id": "802104d0-2bfc-11e7-859b-f78b612cde28" } ], - "filter": "event.module:kubernetes AND metricset.name:container", + "filter": "metricset.module:kubernetes AND metricset.name:container", "id": "5d3692a0-2bfc-11e7-859b-f78b612cde28", "index_pattern": "metricbeat-*", "interval": "auto", @@ -812,18 +812,18 @@ { "field": "kubernetes.container.cpu.usage.core.ns", "id": "5d3692a2-2bfc-11e7-859b-f78b612cde28", - "winlog.api": "sum" + "type": "sum" }, { "field": "5d3692a2-2bfc-11e7-859b-f78b612cde28", "id": "6c905240-2bfc-11e7-859b-f78b612cde28", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "6c905240-2bfc-11e7-859b-f78b612cde28", "id": "9a51f710-359d-11e7-aa4a-8313a0c92a88", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -840,16 +840,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "Top CPU intensive pods [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", - "winlog.api": "visualization", + "id": "58e644f0-30d6-11e7-8df8-6d3604a72912", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -867,9 +867,9 @@ } } }, - "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", + "title": "Top memory intensive pods [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -880,7 +880,7 @@ "id": "802104d0-2bfc-11e7-859b-f78b612cde28" } ], - "filter": "event.module:kubernetes AND metricset.name:container", + "filter": "metricset.module:kubernetes AND metricset.name:container", "id": "5d3692a0-2bfc-11e7-859b-f78b612cde28", "index_pattern": "metricbeat-*", "interval": "auto", @@ -897,17 +897,17 @@ { "field": "kubernetes.container.memory.usage.bytes", "id": "5d3692a2-2bfc-11e7-859b-f78b612cde28", - "winlog.api": "sum" + "type": "sum" }, { "field": "5d3692a2-2bfc-11e7-859b-f78b612cde28", "id": "3972e9f0-256f-11e8-84e6-87221f87ae3b", - "winlog.api": "cumulative_sum" + "type": "cumulative_sum" }, { "field": "3972e9f0-256f-11e8-84e6-87221f87ae3b", "id": "3e9fd5a0-256f-11e8-84e6-87221f87ae3b", - "winlog.api": "derivative", + "type": "derivative", "unit": "10s" } ], @@ -926,16 +926,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "Top memory intensive pods [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", - "winlog.api": "visualization", + "id": "a4c9d360-30df-11e7-8df8-6d3604a72912", + "type": "visualization", "updated_at": "2018-03-11T21:00:49.028Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -950,9 +950,9 @@ } } }, - "title": "Kubernetes - Unavailable pods ECS", + "title": "Kubernetes - Unavailable pods", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -969,7 +969,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "event.module:kubernetes AND metricset.name:state_deployment", + "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -996,7 +996,7 @@ { "field": "kubernetes.deployment.replicas.unavailable", "id": "54cf79a0-30d5-11e7-8df8-6d3604a72912", - "winlog.api": "sum" + "type": "sum" } ], "override_index_pattern": 1, @@ -1009,16 +1009,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Kubernetes - Unavailable pods ECS", - "winlog.api": "metrics" + "title": "Kubernetes - Unavailable pods", + "type": "metrics" } }, - "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", - "winlog.api": "visualization", + "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -1036,15 +1036,15 @@ } } }, - "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", + "title": "Unavailable pods per deployment [Metricbeat Kubernetes]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "event.module:kubernetes AND metricset.name:state_deployment", + "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", "id": "117fadf0-30df-11e7-8df8-6d3604a72912", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1062,7 +1062,7 @@ { "field": "kubernetes.deployment.replicas.unavailable", "id": "64456841-30df-11e7-8df8-6d3604a72912", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -1082,16 +1082,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", - "winlog.api": "metrics" + "title": "Unavailable pods per deployment [Metricbeat Kubernetes]", + "type": "metrics" } }, - "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", - "winlog.api": "visualization", + "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912", + "type": "visualization", "updated_at": "2018-03-11T20:59:18.668Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -1106,9 +1106,9 @@ } } }, - "title": "Kubernetes - Available pods ECS", + "title": "Kubernetes - Available pods", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -1125,7 +1125,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "event.module:kubernetes AND metricset.name:state_deployment", + "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -1152,7 +1152,7 @@ { "field": "kubernetes.deployment.replicas.available", "id": "54cf79a0-30d5-11e7-8df8-6d3604a72912", - "winlog.api": "sum" + "type": "sum" } ], "override_index_pattern": 1, @@ -1167,16 +1167,16 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Kubernetes - Available pods ECS", - "winlog.api": "metrics" + "title": "Kubernetes - Available pods", + "type": "metrics" } }, - "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", - "winlog.api": "visualization", + "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3", + "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -1195,7 +1195,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1211,10 +1211,10 @@ "x": 6, "y": 0 }, - "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", + "id": "022a54c0-2bf5-11e7-859b-f78b612cde28", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1224,10 +1224,10 @@ "x": 0, "y": 6 }, - "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", + "id": "44f12b40-2bf4-11e7-859b-f78b612cde28", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1237,10 +1237,10 @@ "x": 3, "y": 0 }, - "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", + "id": "cd059410-2bfb-11e7-859b-f78b612cde28", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1250,10 +1250,10 @@ "x": 0, "y": 3 }, - "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", + "id": "e1018b90-2bfb-11e7-859b-f78b612cde28", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1263,10 +1263,10 @@ "x": 6, "y": 6 }, - "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", + "id": "d6564360-2bfc-11e7-859b-f78b612cde28", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1276,10 +1276,10 @@ "x": 6, "y": 9 }, - "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", + "id": "16fa4470-2bfd-11e7-859b-f78b612cde28", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1289,10 +1289,10 @@ "x": 0, "y": 9 }, - "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", + "id": "294546b0-30d6-11e7-8df8-6d3604a72912", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1302,10 +1302,10 @@ "x": 0, "y": 0 }, - "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", + "id": "408fccf0-30d6-11e7-8df8-6d3604a72912", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1315,10 +1315,10 @@ "x": 0, "y": 12 }, - "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", + "id": "58e644f0-30d6-11e7-8df8-6d3604a72912", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1328,10 +1328,10 @@ "x": 6, "y": 12 }, - "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", + "id": "a4c9d360-30df-11e7-8df8-6d3604a72912", "panelIndex": "12", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1341,10 +1341,10 @@ "x": 4, "y": 3 }, - "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", + "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912", "panelIndex": "13", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1354,10 +1354,10 @@ "x": 6, "y": 3 }, - "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", + "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912", "panelIndex": "14", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" }, { "gridData": { @@ -1367,21 +1367,21 @@ "x": 2, "y": 3 }, - "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", + "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3", "panelIndex": "15", - "winlog.api": "visualization", - "winlog.version": "6.2.2" + "type": "visualization", + "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat Kubernetes] Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat Kubernetes] Overview", + "version": 1 }, - "id": "AV4RGUqo5NkDleZmzKuZ-ecs", - "winlog.api": "dashboard", + "id": "AV4RGUqo5NkDleZmzKuZ", + "type": "dashboard", "updated_at": "2018-03-11T21:00:58.354Z", - "winlog.version": 4 + "version": 4 } ], - "winlog.version": "6.2.2" + "version": "6.2.2" } diff --git a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json index ffbc1a51d27a..3916d588c72e 100644 --- a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json +++ b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "Hosts [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "Hosts [Metricbeat MongoDB]", "uiStateJSON": { "vis": { "params": { @@ -20,7 +20,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -31,19 +31,19 @@ "field": "mongodb.status.connections.current" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, "id": "2", "params": { - "field": "service.address", + "field": "metricset.host", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -53,7 +53,7 @@ "field": "mongodb.status.memory.bits" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -63,7 +63,7 @@ "field": "mongodb.status.memory.resident.mb" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -73,7 +73,7 @@ "field": "mongodb.status.memory.virtual.mb" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -87,13 +87,13 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat MongoDB] ECS", - "winlog.api": "table" + "title": "Hosts [Metricbeat MongoDB]", + "type": "table" } }, - "id": "MongoDB-hosts-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-hosts", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -103,20 +103,20 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "Engine & Version [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "Engine & Version [Metricbeat MongoDB]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "service.address" + "field": "metricset.host" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -129,20 +129,20 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": { "customLabel": "Version", - "field": "service.version", + "field": "mongodb.status.version", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -151,15 +151,15 @@ "isDonut": true, "legendPosition": "bottom", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "Engine & Version [Metricbeat MongoDB] ECS", - "winlog.api": "pie" + "title": "Engine & Version [Metricbeat MongoDB]", + "type": "pie" } }, - "id": "MongoDB-Engine-ampersand-Version-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-Engine-ampersand-Version", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -169,10 +169,10 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "Operation counters [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "Operation counters [Metricbeat MongoDB]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -183,7 +183,7 @@ "field": "mongodb.status.ops.counters.command" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -196,7 +196,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -206,7 +206,7 @@ "field": "mongodb.status.ops.counters.delete" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -216,7 +216,7 @@ "field": "mongodb.status.ops.counters.getmore" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -226,7 +226,7 @@ "field": "mongodb.status.ops.counters.insert" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -236,7 +236,7 @@ "field": "mongodb.status.ops.counters.query" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -246,7 +246,7 @@ "field": "mongodb.status.ops.replicated.update" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -262,12 +262,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -292,7 +292,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -300,7 +300,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -314,25 +314,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Operation counters [Metricbeat MongoDB] ECS", - "winlog.api": "area" + "title": "Operation counters [Metricbeat MongoDB]", + "type": "area" } }, - "id": "MongoDB-operation-counters-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-operation-counters", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -342,8 +342,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "Concurrent transactions Read [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "Concurrent transactions Read [Metricbeat MongoDB]", "uiStateJSON": { "vis": { "colors": { @@ -352,7 +352,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -363,7 +363,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.read.available" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -376,7 +376,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -386,7 +386,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.read.out" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -402,12 +402,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -432,7 +432,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -440,7 +440,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -454,25 +454,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Concurrent transactions Read [Metricbeat MongoDB] ECS", - "winlog.api": "area" + "title": "Concurrent transactions Read [Metricbeat MongoDB]", + "type": "area" } }, - "id": "MongoDB-Concurrent-transactions-Read-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-Concurrent-transactions-Read", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -482,8 +482,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "Concurrent transactions Write [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "Concurrent transactions Write [Metricbeat MongoDB]", "uiStateJSON": { "vis": { "colors": { @@ -492,7 +492,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -503,7 +503,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.write.available" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -516,7 +516,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -526,7 +526,7 @@ "field": "mongodb.status.wired_tiger.concurrent_transactions.write.out" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -542,12 +542,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -572,7 +572,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -580,7 +580,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -594,25 +594,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Concurrent transactions Write [Metricbeat MongoDB] ECS", - "winlog.api": "area" + "title": "Concurrent transactions Write [Metricbeat MongoDB]", + "type": "area" } }, - "id": "MongoDB-Concurrent-transactions-Write-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-Concurrent-transactions-Write", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -622,10 +622,10 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "Memory stats [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "Memory stats [Metricbeat MongoDB]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -636,7 +636,7 @@ "field": "mongodb.status.memory.mapped.mb" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -649,7 +649,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -659,7 +659,7 @@ "field": "mongodb.status.memory.mapped_with_journal.mb" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -669,7 +669,7 @@ "field": "mongodb.status.memory.resident.mb" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -679,7 +679,7 @@ "field": "mongodb.status.memory.virtual.mb" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -695,12 +695,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -725,7 +725,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -734,7 +734,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -748,25 +748,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Memory stats [Metricbeat MongoDB] ECS", - "winlog.api": "line" + "title": "Memory stats [Metricbeat MongoDB]", + "type": "line" } }, - "id": "MongoDB-memory-stats-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-memory-stats", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -776,10 +776,10 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "Asserts [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "Asserts [Metricbeat MongoDB]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -790,7 +790,7 @@ "field": "mongodb.status.asserts.msg" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -803,7 +803,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -813,7 +813,7 @@ "field": "mongodb.status.asserts.regular" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -823,7 +823,7 @@ "field": "mongodb.status.asserts.rollovers" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -833,7 +833,7 @@ "field": "mongodb.status.asserts.user" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -843,7 +843,7 @@ "field": "mongodb.status.asserts.warning" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "params": { @@ -859,12 +859,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -889,7 +889,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -897,7 +897,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -911,25 +911,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Asserts [Metricbeat MongoDB] ECS", - "winlog.api": "area" + "title": "Asserts [Metricbeat MongoDB]", + "type": "area" } }, - "id": "MongoDB-asserts-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-asserts", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -939,10 +939,10 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search-ecs", - "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", + "savedSearchId": "MongoDB-search", + "title": "WiredTiger Cache [Metricbeat MongoDB]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -953,7 +953,7 @@ "field": "mongodb.status.wired_tiger.cache.maximum.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -966,7 +966,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -976,7 +976,7 @@ "field": "mongodb.status.wired_tiger.cache.used.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -986,7 +986,7 @@ "field": "mongodb.status.wired_tiger.cache.dirty.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -1002,12 +1002,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -1032,7 +1032,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -1040,7 +1040,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -1054,25 +1054,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", - "winlog.api": "area" + "title": "WiredTiger Cache [Metricbeat MongoDB]", + "type": "area" } }, - "id": "MongoDB-WiredTiger-Cache-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "MongoDB-WiredTiger-Cache", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -1101,7 +1101,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module:mongodb" + "query": "metricset.module:mongodb" } } } @@ -1110,12 +1110,12 @@ "@timestamp", "desc" ], - "title": "MongoDB search ECS", - "winlog.version": 1 + "title": "MongoDB search", + "version": 1 }, - "id": "MongoDB-search-ecs", - "winlog.api": "search", - "winlog.version": 1 + "id": "MongoDB-search", + "type": "search", + "version": 1 }, { "attributes": { @@ -1134,7 +1134,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1143,79 +1143,79 @@ "panelsJSON": [ { "col": 1, - "id": "MongoDB-hosts-ecs", + "id": "MongoDB-hosts", "panelIndex": 1, "row": 1, "size_x": 8, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "MongoDB-Engine-ampersand-Version-ecs", + "id": "MongoDB-Engine-ampersand-Version", "panelIndex": 4, "row": 1, "size_x": 4, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "MongoDB-operation-counters-ecs", + "id": "MongoDB-operation-counters", "panelIndex": 2, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "MongoDB-Concurrent-transactions-Read-ecs", + "id": "MongoDB-Concurrent-transactions-Read", "panelIndex": 6, "row": 4, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 10, - "id": "MongoDB-Concurrent-transactions-Write-ecs", + "id": "MongoDB-Concurrent-transactions-Write", "panelIndex": 7, "row": 4, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "MongoDB-memory-stats-ecs", + "id": "MongoDB-memory-stats", "panelIndex": 5, "row": 10, "size_x": 12, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "MongoDB-asserts-ecs", + "id": "MongoDB-asserts", "panelIndex": 3, "row": 7, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "MongoDB-WiredTiger-Cache-ecs", + "id": "MongoDB-WiredTiger-Cache", "panelIndex": 8, "row": 7, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat MongoDB] Overview ECS", + "title": "[Metricbeat MongoDB] Overview", "uiStateJSON": { "P-1": { "vis": { @@ -1228,12 +1228,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "Metricbeat-MongoDB-ecs", - "winlog.api": "dashboard", - "winlog.version": 3 + "id": "Metricbeat-MongoDB", + "type": "dashboard", + "version": 3 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json index 6aa95bd018ab..ae00dabb15d4 100644 --- a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json +++ b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json @@ -6,9 +6,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections rate [Metricbeat MySQL] ECS", + "title": "Connections rate [Metricbeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -32,12 +32,12 @@ { "field": "mysql.status.connections", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "aee9bbf0-f1f3-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -50,16 +50,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Connections rate [Metricbeat MySQL] ECS", - "winlog.api": "metrics" + "title": "Connections rate [Metricbeat MySQL]", + "type": "metrics" } }, - "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", - "winlog.api": "visualization", + "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1", + "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -67,9 +67,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Command rates [Metricbeat MySQL] ECS", + "title": "Command rates [Metricbeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -92,12 +92,12 @@ { "field": "mysql.status.command.select", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "2d149f90-f1f4-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -119,12 +119,12 @@ { "field": "mysql.status.command.insert", "id": "3c2a2a41-f1f4-11e7-a752-236fe3270d99", - "winlog.api": "avg" + "type": "avg" }, { "field": "3c2a2a41-f1f4-11e7-a752-236fe3270d99", "id": "3c2a2a42-f1f4-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -146,12 +146,12 @@ { "field": "mysql.status.command.update", "id": "485ce051-f1f4-11e7-a752-236fe3270d99", - "winlog.api": "avg" + "type": "avg" }, { "field": "485ce051-f1f4-11e7-a752-236fe3270d99", "id": "485ce052-f1f4-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -173,12 +173,12 @@ { "field": "mysql.status.command.delete", "id": "543a4a71-f1f4-11e7-a752-236fe3270d99", - "winlog.api": "avg" + "type": "avg" }, { "field": "543a4a71-f1f4-11e7-a752-236fe3270d99", "id": "543a4a72-f1f4-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -191,16 +191,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Command rates [Metricbeat MySQL] ECS", - "winlog.api": "metrics" + "title": "Command rates [Metricbeat MySQL]", + "type": "metrics" } }, - "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", - "winlog.api": "visualization", + "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1", + "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -208,9 +208,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Running threads [Metricbeat MySQL] ECS", + "title": "Running threads [Metricbeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -234,7 +234,7 @@ { "field": "mysql.status.threads.running", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -246,16 +246,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Running threads [Metricbeat MySQL] ECS", - "winlog.api": "metrics" + "title": "Running threads [Metricbeat MySQL]", + "type": "metrics" } }, - "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", - "winlog.api": "visualization", + "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1", + "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -263,9 +263,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Opened tables rate [Metricbeat MySQL] ECS", + "title": "Opened tables rate [Metricbeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -289,12 +289,12 @@ { "field": "mysql.status.opened_tables", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "9972d250-f1f5-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -307,16 +307,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Opened tables rate [Metricbeat MySQL] ECS", - "winlog.api": "metrics" + "title": "Opened tables rate [Metricbeat MySQL]", + "type": "metrics" } }, - "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", - "winlog.api": "visualization", + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1", + "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -324,9 +324,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Threads created rate [Metricbeat MySQL] ECS", + "title": "Threads created rate [Metricbeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -350,12 +350,12 @@ { "field": "mysql.status.threads.created", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "9972d250-f1f5-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -368,16 +368,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Threads created rate [Metricbeat MySQL] ECS", - "winlog.api": "metrics" + "title": "Threads created rate [Metricbeat MySQL]", + "type": "metrics" } }, - "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", - "winlog.api": "visualization", + "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1", + "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -385,9 +385,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Open files [Metricbeat MySQL] ECS", + "title": "Open files [Metricbeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -411,7 +411,7 @@ { "field": "mysql.status.open.files", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -423,16 +423,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Open files [Metricbeat MySQL] ECS", - "winlog.api": "metrics" + "title": "Open files [Metricbeat MySQL]", + "type": "metrics" } }, - "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", - "winlog.api": "visualization", + "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1", + "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -440,9 +440,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", + "title": "Sent and received bytes rates [Metricbeat MySQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -466,12 +466,12 @@ { "field": "mysql.status.bytes.received", "id": "2b1c2391-f1f7-11e7-a752-236fe3270d99", - "winlog.api": "avg" + "type": "avg" }, { "field": "2b1c2391-f1f7-11e7-a752-236fe3270d99", "id": "2b1c2392-f1f7-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -493,12 +493,12 @@ { "field": "mysql.status.bytes.sent", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "23cfda50-f1f7-11e7-a752-236fe3270d99", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -511,16 +511,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", - "winlog.api": "metrics" + "title": "Sent and received bytes rates [Metricbeat MySQL]", + "type": "metrics" } }, - "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", - "winlog.api": "visualization", + "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1", + "type": "visualization", "updated_at": "2018-01-05T09:15:49.714Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -539,7 +539,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -555,10 +555,10 @@ "x": 0, "y": 3 }, - "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", + "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -568,10 +568,10 @@ "x": 0, "y": 0 }, - "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", + "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -581,10 +581,10 @@ "x": 6, "y": 3 }, - "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", + "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1", "panelIndex": "13", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -594,10 +594,10 @@ "x": 0, "y": 6 }, - "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1", "panelIndex": "14", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -607,10 +607,10 @@ "x": 6, "y": 6 }, - "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", + "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1", "panelIndex": "15", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -620,10 +620,10 @@ "x": 6, "y": 9 }, - "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", + "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1", "panelIndex": "16", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -633,21 +633,21 @@ "x": 0, "y": 9 }, - "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", + "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1", "panelIndex": "17", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" } ], "timeRestore": false, - "title": "[Metricbeat MySQL] Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat MySQL] Overview", + "version": 1 }, - "id": "66881e90-0006-11e7-bf7f-c9acc3d3e306-ecs", - "winlog.api": "dashboard", + "id": "66881e90-0006-11e7-bf7f-c9acc3d3e306", + "type": "dashboard", "updated_at": "2018-01-05T09:14:45.934Z", - "winlog.version": 3 + "version": 3 } ], - "winlog.version": "6.2.4" + "version": "6.2.4" } diff --git a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json index 2571c12ebefd..784f6c8a2ab5 100644 --- a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json +++ b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Subscriptions Info [Metricbeat NATS] ECS", + "title": "Subscriptions Info [Metricbeat NATS]", "uiStateJSON": { "vis": { "params": { @@ -24,7 +24,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -35,7 +35,7 @@ "field": "nats.subscriptions.cache.fanout.avg" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -45,7 +45,7 @@ "field": "nats.subscriptions.cache.fanout.max" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -55,7 +55,7 @@ "field": "nats.subscriptions.cache.hit_rate" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -65,7 +65,7 @@ "field": "nats.subscriptions.cache.size" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -75,7 +75,7 @@ "field": "nats.subscriptions.inserts" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -85,7 +85,7 @@ "field": "nats.subscriptions.matches" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -95,7 +95,7 @@ "field": "nats.subscriptions.removes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -105,7 +105,7 @@ "field": "nats.subscriptions.total" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -120,14 +120,14 @@ }, "totalFunc": "sum" }, - "title": "Subscriptions Info [Metricbeat NATS] ECS", - "winlog.api": "table" + "title": "Subscriptions Info [Metricbeat NATS]", + "type": "table" } }, - "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", - "winlog.api": "visualization", + "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61", + "type": "visualization", "updated_at": "2019-01-24T07:54:30.301Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -142,9 +142,9 @@ } } }, - "title": "Current Memory Usage [Metricbeat NATS] ECS", + "title": "Current Memory Usage [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -155,7 +155,7 @@ "field": "nats.stats.mem.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -184,16 +184,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Current Memory Usage [Metricbeat NATS] ECS", - "winlog.api": "metric" + "title": "Current Memory Usage [Metricbeat NATS]", + "type": "metric" } }, - "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", - "winlog.api": "visualization", + "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61", + "type": "visualization", "updated_at": "2019-01-24T07:56:32.097Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -208,9 +208,9 @@ } } }, - "title": "Server Uptime [Metricbeat NATS] ECS", + "title": "Server Uptime [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -221,7 +221,7 @@ "field": "nats.stats.uptime" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -250,16 +250,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Server Uptime [Metricbeat NATS] ECS", - "winlog.api": "metric" + "title": "Server Uptime [Metricbeat NATS]", + "type": "metric" } }, - "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", - "winlog.api": "visualization", + "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61", + "type": "visualization", "updated_at": "2019-01-24T07:57:04.084Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -274,9 +274,9 @@ } } }, - "title": "Total Connections [Metricbeat NATS] ECS", + "title": "Total Connections [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -287,7 +287,7 @@ "field": "nats.stats.total_connections" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -316,16 +316,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Total Connections [Metricbeat NATS] ECS", - "winlog.api": "metric" + "title": "Total Connections [Metricbeat NATS]", + "type": "metric" } }, - "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", - "winlog.api": "visualization", + "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61", + "type": "visualization", "updated_at": "2019-01-24T07:57:32.006Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -340,9 +340,9 @@ } } }, - "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", + "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -353,7 +353,7 @@ "field": "nats.connections.total" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -366,7 +366,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -376,7 +376,7 @@ "field": "nats.routes.total" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -386,7 +386,7 @@ "field": "nats.stats.remotes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -396,7 +396,7 @@ "field": "nats.subscriptions.total" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -412,12 +412,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -438,7 +438,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" }, { @@ -451,7 +451,7 @@ "mode": "stacked", "show": true, "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" }, { @@ -464,7 +464,7 @@ "mode": "stacked", "show": true, "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" }, { @@ -477,12 +477,12 @@ "mode": "stacked", "show": true, "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -496,25 +496,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Connections" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", - "winlog.api": "area" + "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS]", + "type": "area" } }, - "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", - "winlog.api": "visualization", + "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61", + "type": "visualization", "updated_at": "2019-01-24T07:53:31.785Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -529,9 +529,9 @@ } } }, - "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", + "title": "Subscription Stats Timeline [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -542,7 +542,7 @@ "field": "nats.subscriptions.cache.fanout.avg" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -555,7 +555,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -565,7 +565,7 @@ "field": "nats.subscriptions.cache.fanout.max" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -575,7 +575,7 @@ "field": "nats.subscriptions.inserts" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -585,7 +585,7 @@ "field": "nats.subscriptions.removes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -595,7 +595,7 @@ "field": "nats.subscriptions.matches" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -611,12 +611,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -636,7 +636,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -648,7 +648,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -660,7 +660,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -672,7 +672,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -684,12 +684,12 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -703,25 +703,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Cache Fanout Avg" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", - "winlog.api": "line" + "title": "Subscription Stats Timeline [Metricbeat NATS]", + "type": "line" } }, - "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", - "winlog.api": "visualization", + "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61", + "type": "visualization", "updated_at": "2019-01-23T14:55:04.899Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -736,9 +736,9 @@ } } }, - "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", + "title": "Slow Consumers Timeline [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -749,7 +749,7 @@ "field": "nats.stats.slow_consumers" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -762,7 +762,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -778,12 +778,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -803,12 +803,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -822,25 +822,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Slow Consumers" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", - "winlog.api": "line" + "title": "Slow Consumers Timeline [Metricbeat NATS]", + "type": "line" } }, - "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", - "winlog.api": "visualization", + "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90", + "type": "visualization", "updated_at": "2019-01-23T14:53:57.137Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -855,9 +855,9 @@ } } }, - "title": "IO Bytes Stats [Metricbeat NATS] ECS", + "title": "IO Bytes Stats [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -868,7 +868,7 @@ "field": "nats.stats.in.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -878,7 +878,7 @@ "field": "nats.stats.out.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -891,7 +891,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -907,12 +907,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -932,7 +932,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -944,12 +944,12 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -963,25 +963,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "IO Bytes" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "IO Bytes Stats [Metricbeat NATS] ECS", - "winlog.api": "line" + "title": "IO Bytes Stats [Metricbeat NATS]", + "type": "line" } }, - "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", - "winlog.api": "visualization", + "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90", + "type": "visualization", "updated_at": "2019-01-24T07:48:22.914Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -996,9 +996,9 @@ } } }, - "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", + "title": "Memory Utilization Timeline [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1009,7 +1009,7 @@ "field": "nats.stats.mem.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -1022,7 +1022,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -1038,12 +1038,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1063,12 +1063,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1082,25 +1082,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Memory Avg (Bytes)" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", - "winlog.api": "line" + "title": "Memory Utilization Timeline [Metricbeat NATS]", + "type": "line" } }, - "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", - "winlog.api": "visualization", + "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90", + "type": "visualization", "updated_at": "2019-01-24T07:52:55.445Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -1115,9 +1115,9 @@ } } }, - "title": "IO Messages Stats [Metricbeat NATS] ECS", + "title": "IO Messages Stats [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1128,7 +1128,7 @@ "field": "nats.stats.in.messages" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -1138,7 +1138,7 @@ "field": "nats.stats.out.messages" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -1151,7 +1151,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -1167,12 +1167,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1192,7 +1192,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -1204,12 +1204,12 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1223,25 +1223,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "IO Messages" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "IO Messages Stats [Metricbeat NATS] ECS", - "winlog.api": "line" + "title": "IO Messages Stats [Metricbeat NATS]", + "type": "line" } }, - "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", - "winlog.api": "visualization", + "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb", + "type": "visualization", "updated_at": "2019-01-24T07:47:25.774Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1256,9 +1256,9 @@ } } }, - "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", + "title": "CPU Utilization Timeline [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1269,7 +1269,7 @@ "field": "nats.stats.cpu" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -1282,7 +1282,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -1298,12 +1298,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1323,12 +1323,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1342,25 +1342,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "CPU Avg (%)" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", - "winlog.api": "line" + "title": "CPU Utilization Timeline [Metricbeat NATS]", + "type": "line" } }, - "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", - "winlog.api": "visualization", + "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb", + "type": "visualization", "updated_at": "2019-01-24T07:51:51.767Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1375,9 +1375,9 @@ } } }, - "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", + "title": "Cache Hit Rate Timeline [Metricbeat NATS]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1388,7 +1388,7 @@ "field": "nats.subscriptions.cache.hit_rate" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -1401,7 +1401,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -1417,12 +1417,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1442,12 +1442,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1461,25 +1461,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Cache Hit Rate (%)" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", - "winlog.api": "line" + "title": "Cache Hit Rate Timeline [Metricbeat NATS]", + "type": "line" } }, - "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", - "winlog.api": "visualization", + "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb", + "type": "visualization", "updated_at": "2019-01-23T14:57:20.994Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1493,7 +1493,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1511,10 +1511,10 @@ "x": 0, "y": 45 }, - "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", + "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1525,10 +1525,10 @@ "x": 24, "y": 34 }, - "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", + "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1539,10 +1539,10 @@ "x": 37, "y": 34 }, - "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", + "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1553,10 +1553,10 @@ "x": 24, "y": 41 }, - "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", + "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1567,10 +1567,10 @@ "x": 0, "y": 34 }, - "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", + "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1581,10 +1581,10 @@ "x": 15, "y": 0 }, - "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", + "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61", "panelIndex": "12", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1595,10 +1595,10 @@ "x": 0, "y": 0 }, - "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", + "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90", "panelIndex": "13", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1609,10 +1609,10 @@ "x": 24, "y": 10 }, - "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", + "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90", "panelIndex": "14", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": { @@ -1627,10 +1627,10 @@ "x": 24, "y": 22 }, - "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", + "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90", "panelIndex": "15", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -1641,10 +1641,10 @@ "x": 0, "y": 10 }, - "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", + "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb", "panelIndex": "16", - "winlog.api": "visualization", - "winlog.version": "6.3.2" + "type": "visualization", + "version": "6.3.2" }, { "embeddableConfig": {}, @@ -1655,10 +1655,10 @@ "x": 0, "y": 22 }, - "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", + "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb", "panelIndex": "17", - "winlog.api": "visualization", - "winlog.version": "6.3.2" + "type": "visualization", + "version": "6.3.2" }, { "embeddableConfig": {}, @@ -1669,21 +1669,21 @@ "x": 33, "y": 0 }, - "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", + "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb", "panelIndex": "18", - "winlog.api": "visualization", - "winlog.version": "6.3.2" + "type": "visualization", + "version": "6.3.2" } ], "timeRestore": false, - "title": "[Metricbeat NATS] Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat NATS] Overview", + "version": 1 }, - "id": "Metricbeat-Nats-Dashboard-ecs", - "winlog.api": "dashboard", + "id": "Metricbeat-Nats-Dashboard", + "type": "dashboard", "updated_at": "2019-01-24T08:13:29.732Z", - "winlog.version": 4 + "version": 4 } ], - "winlog.version": "6.3.2" + "version": "6.3.2" } diff --git a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json index ed4742d6b609..513738292a0a 100644 --- a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json +++ b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json @@ -6,9 +6,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Request Rate [Metricbeat Nginx] ECS", + "title": "Request Rate [Metricbeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -32,12 +32,12 @@ { "field": "nginx.stubstatus.requests", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "396ec980-f1a1-11e7-95d0-8ddf041d42a2", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -50,16 +50,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Request Rate [Metricbeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Request Rate [Metricbeat Nginx]", + "type": "metrics" } }, - "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", - "winlog.api": "visualization", + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129", + "type": "visualization", "updated_at": "2018-01-04T22:48:58.542Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -67,9 +67,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", + "title": "Accepts and Handled Rate [Metricbeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -104,12 +104,12 @@ { "field": "nginx.stubstatus.accepts", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "396ec980-f1a1-11e7-95d0-8ddf041d42a2", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -132,12 +132,12 @@ { "field": "nginx.stubstatus.handled", "id": "56dd33b1-f1a3-11e7-95d0-8ddf041d42a2", - "winlog.api": "avg" + "type": "avg" }, { "field": "56dd33b1-f1a3-11e7-95d0-8ddf041d42a2", "id": "56dd33b2-f1a3-11e7-95d0-8ddf041d42a2", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -150,16 +150,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Accepts and Handled Rate [Metricbeat Nginx]", + "type": "metrics" } }, - "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", - "winlog.api": "visualization", + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129", + "type": "visualization", "updated_at": "2018-01-04T23:07:23.056Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -167,9 +167,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Drops Rate [Metricbeat Nginx] ECS", + "title": "Drops Rate [Metricbeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -193,12 +193,12 @@ { "field": "nginx.stubstatus.dropped", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "396ec980-f1a1-11e7-95d0-8ddf041d42a2", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -211,16 +211,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Drops Rate [Metricbeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Drops Rate [Metricbeat Nginx]", + "type": "metrics" } }, - "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", - "winlog.api": "visualization", + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129", + "type": "visualization", "updated_at": "2018-01-04T22:51:46.375Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -228,9 +228,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Active connections [Metricbeat Nginx] ECS", + "title": "Active connections [Metricbeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -253,7 +253,7 @@ { "field": "nginx.stubstatus.active", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -265,16 +265,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Active connections [Metricbeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Active connections [Metricbeat Nginx]", + "type": "metrics" } }, - "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", - "winlog.api": "visualization", + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129", + "type": "visualization", "updated_at": "2018-01-04T23:09:55.944Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -282,9 +282,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", + "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -308,7 +308,7 @@ { "field": "nginx.stubstatus.reading", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -329,7 +329,7 @@ { "field": "nginx.stubstatus.writing", "id": "b1773681-f1a4-11e7-95d0-8ddf041d42a2", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -350,7 +350,7 @@ { "field": "nginx.stubstatus.waiting", "id": "b68aa6c1-f1a4-11e7-95d0-8ddf041d42a2", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -362,16 +362,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", - "winlog.api": "metrics" + "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx]", + "type": "metrics" } }, - "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", - "winlog.api": "visualization", + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129", + "type": "visualization", "updated_at": "2018-01-04T23:13:23.859Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -385,7 +385,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -402,10 +402,10 @@ "x": 6, "y": 0 }, - "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -415,10 +415,10 @@ "x": 6, "y": 3 }, - "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -428,10 +428,10 @@ "x": 0, "y": 3 }, - "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -441,10 +441,10 @@ "x": 0, "y": 0 }, - "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -454,21 +454,21 @@ "x": 0, "y": 6 }, - "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" } ], "timeRestore": false, - "title": "[Metricbeat Nginx] Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat Nginx] Overview", + "version": 1 }, - "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs", - "winlog.api": "dashboard", + "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129", + "type": "dashboard", "updated_at": "2018-01-04T23:14:26.755Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "6.2.4" + "version": "6.2.4" } diff --git a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json index f6d3370186f9..3b5e1ad38e43 100644 --- a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json +++ b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json @@ -8,10 +8,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", - "title": "Memory Usage [Metricbeat RabbitMQ] ECS", + "savedSearchId": "Metricbeat-Rabbitmq", + "title": "Memory Usage [Metricbeat RabbitMQ]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "json": "" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -49,7 +49,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -70,13 +70,13 @@ "times": [], "yAxis": {} }, - "title": "RabbitMQ Memory Usage ECS", - "winlog.api": "line" + "title": "RabbitMQ Memory Usage", + "type": "line" } }, - "id": "RabbitMQ-Memory-Usage-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "RabbitMQ-Memory-Usage", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -86,10 +86,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", - "title": "Number of Nodes [Metricbeat RabbitMQ] ECS", + "savedSearchId": "Metricbeat-Rabbitmq", + "title": "Number of Nodes [Metricbeat RabbitMQ]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -100,7 +100,7 @@ "field": "rabbitmq.node.name" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "listeners": {}, @@ -108,13 +108,13 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Rabbitmq-Number-of-Nodes-ecs ECS", - "winlog.api": "metric" + "title": "Rabbitmq-Number-of-Nodes", + "type": "metric" } }, - "id": "Rabbitmq-Number-of-Nodes-ecs ECS", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "Rabbitmq-Number-of-Nodes", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -124,10 +124,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", - "title": "Erlang Process Usage [Metricbeat RabbitMQ] ECS", + "savedSearchId": "Metricbeat-Rabbitmq", + "title": "Erlang Process Usage [Metricbeat RabbitMQ]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -138,7 +138,7 @@ "field": "rabbitmq.node.proc.used" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -151,7 +151,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -164,7 +164,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -185,13 +185,13 @@ "times": [], "yAxis": {} }, - "title": "RabbitMQ Erlang Process Usage ECS", - "winlog.api": "line" + "title": "RabbitMQ Erlang Process Usage", + "type": "line" } }, - "id": "RabbitMQ-Erlang-Process-Usage-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "RabbitMQ-Erlang-Process-Usage", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -201,10 +201,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", - "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", + "savedSearchId": "Metricbeat-Rabbitmq", + "title": "Queue Index Operations [Metricbeat RabbitMQ]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -215,7 +215,7 @@ "field": "rabbitmq.node.queue.index.read.count" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -228,7 +228,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -238,7 +238,7 @@ "field": "rabbitmq.node.queue.index.journal_write.count" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -248,7 +248,7 @@ "field": "rabbitmq.node.queue.index.write.count" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "params": { @@ -264,12 +264,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -294,7 +294,7 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -303,7 +303,7 @@ "showCircles": false, "smoothLines": false, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -317,25 +317,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", - "winlog.api": "line" + "title": "Queue Index Operations [Metricbeat RabbitMQ]", + "type": "line" } }, - "id": "RabbitMQ-Queue-Index-Operations-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "RabbitMQ-Queue-Index-Operations", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -361,7 +361,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module:rabbitmq" + "query": "metricset.module:rabbitmq" } } } @@ -370,12 +370,12 @@ "@timestamp", "desc" ], - "title": "Metricbeat-Rabbitmq-ecs ECS", - "winlog.version": 1 + "title": "Metricbeat-Rabbitmq", + "version": 1 }, - "id": "Metricbeat-Rabbitmq-ecs ECS", - "winlog.api": "search", - "winlog.version": 1 + "id": "Metricbeat-Rabbitmq", + "type": "search", + "version": 1 }, { "attributes": { @@ -394,7 +394,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -403,43 +403,43 @@ "panelsJSON": [ { "col": 1, - "id": "RabbitMQ-Memory-Usage-ecs", + "id": "RabbitMQ-Memory-Usage", "panelIndex": 8, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 8, - "id": "Rabbitmq-Number-of-Nodes-ecs ECS", + "id": "Rabbitmq-Number-of-Nodes", "panelIndex": 2, "row": 1, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "RabbitMQ-Erlang-Process-Usage-ecs", + "id": "RabbitMQ-Erlang-Process-Usage", "panelIndex": 10, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "RabbitMQ-Queue-Index-Operations-ecs", + "id": "RabbitMQ-Queue-Index-Operations", "panelIndex": 9, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat RabbitMQ] Overview ECS", + "title": "[Metricbeat RabbitMQ] Overview", "uiStateJSON": { "P-2": { "vis": { @@ -449,12 +449,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "AV4YobKIge1VCbKU_qVo-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "AV4YobKIge1VCbKU_qVo", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0-beta1-SNAPSHOT" + "version": "6.0.0-beta1-SNAPSHOT" } diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json index e659d2bc8e1e..ccf3508789cc 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json @@ -12,9 +12,9 @@ } } }, - "title": "Keyspace selector [Redis] ECS", + "title": "Keyspace selector [Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -29,24 +29,24 @@ "multiselect": true, "order": "desc", "size": 5, - "winlog.api": "terms" + "type": "terms" }, "parent": "", - "winlog.api": "list" + "type": "list" } ], "pinFilters": false, "updateFiltersOnChange": true, "useTimeFilter": false }, - "title": "Keyspace selector [Redis] ECS", - "winlog.api": "input_control_vis" + "title": "Keyspace selector [Redis]", + "type": "input_control_vis" } }, - "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", - "winlog.api": "visualization", + "id": "00d39210-050d-11e9-9c60-d582a238e2c5", + "type": "visualization", "updated_at": "2018-12-21T11:19:04.179Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -66,16 +66,16 @@ "negate": false, "params": { "query": "list", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "list" }, "query": { "match": { "redis.key.type": { "query": "list", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -88,9 +88,9 @@ } } }, - "title": "Lists length [Redis] ECS", + "title": "Lists length [Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -101,7 +101,7 @@ "field": "redis.key.length" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -118,7 +118,7 @@ "size": 16 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -135,7 +135,7 @@ "size": 20 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -156,7 +156,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -172,12 +172,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -198,12 +198,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -217,25 +217,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Number of elements" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Lists length [Redis] ECS", - "winlog.api": "line" + "title": "Lists length [Redis]", + "type": "line" } }, - "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", - "winlog.api": "visualization", + "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5", + "type": "visualization", "updated_at": "2018-12-21T11:22:12.807Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -250,13 +250,13 @@ } } }, - "title": "Keys by type [Redis] ECS", + "title": "Keys by type [Redis]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -267,7 +267,7 @@ "field": "redis.key.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -284,7 +284,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -306,7 +306,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -322,12 +322,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -347,12 +347,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -366,25 +366,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Number of keys" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Keys by type [Redis] ECS", - "winlog.api": "line" + "title": "Keys by type [Redis]", + "type": "line" } }, - "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", - "winlog.api": "visualization", + "id": "4435ac40-050e-11e9-9c60-d582a238e2c5", + "type": "visualization", "updated_at": "2018-12-21T11:23:46.207Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -404,16 +404,16 @@ "negate": false, "params": { "query": "string", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "string" }, "query": { "match": { "redis.key.type": { "query": "string", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -426,9 +426,9 @@ } } }, - "title": "Average string key size [Redis] ECS", + "title": "Average string key size [Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -439,7 +439,7 @@ "field": "redis.key.length" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -456,7 +456,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -477,7 +477,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -493,12 +493,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -518,12 +518,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -537,25 +537,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Average key size" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Average string key size [Redis] ECS", - "winlog.api": "line" + "title": "Average string key size [Redis]", + "type": "line" } }, - "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", - "winlog.api": "visualization", + "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5", + "type": "visualization", "updated_at": "2018-12-21T11:28:20.970Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -577,7 +577,7 @@ "gte": 0, "lt": null }, - "winlog.api": "range", + "type": "range", "value": "0 to +∞" }, "range": { @@ -595,9 +595,9 @@ } } }, - "title": "Average keys TTL [Redis] ECS", + "title": "Average keys TTL [Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -608,7 +608,7 @@ "field": "redis.key.expire.ttl" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -625,7 +625,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -642,7 +642,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -663,7 +663,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -679,12 +679,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -704,12 +704,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -723,25 +723,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Average TTL" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Average keys TTL [Redis] ECS", - "winlog.api": "line" + "title": "Average keys TTL [Redis]", + "type": "line" } }, - "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", - "winlog.api": "visualization", + "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5", + "type": "visualization", "updated_at": "2018-12-21T11:34:03.597Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -765,7 +765,7 @@ "db0", "db1" ], - "winlog.api": "phrases", + "type": "phrases", "value": "db0, db1" }, "query": { @@ -808,11 +808,11 @@ "x": 0, "y": 0 }, - "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", + "id": "00d39210-050d-11e9-9c60-d582a238e2c5", "panelIndex": "1", "title": "Keyspace selector", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" }, { "embeddableConfig": {}, @@ -823,11 +823,11 @@ "x": 12, "y": 0 }, - "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", + "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5", "panelIndex": "2", "title": "Lists length", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" }, { "embeddableConfig": { @@ -842,11 +842,11 @@ "x": 0, "y": 5 }, - "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", + "id": "4435ac40-050e-11e9-9c60-d582a238e2c5", "panelIndex": "3", "title": "Keys by type", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" }, { "embeddableConfig": {}, @@ -857,11 +857,11 @@ "x": 0, "y": 15 }, - "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", + "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5", "panelIndex": "4", "title": "Average size of string keys", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" }, { "embeddableConfig": {}, @@ -872,22 +872,22 @@ "x": 24, "y": 15 }, - "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", + "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5", "panelIndex": "5", "title": "Average keys TTL", - "winlog.api": "visualization", - "winlog.version": "6.5.2" + "type": "visualization", + "version": "6.5.2" } ], "timeRestore": false, - "title": "[Metricbeat Redis] Keys ECS", - "winlog.version": 1 + "title": "[Metricbeat Redis] Keys", + "version": 1 }, - "id": "28969190-0511-11e9-9c60-d582a238e2c5-ecs", - "winlog.api": "dashboard", + "id": "28969190-0511-11e9-9c60-d582a238e2c5", + "type": "dashboard", "updated_at": "2018-12-21T11:39:13.143Z", - "winlog.version": 4 + "version": 4 } ], - "winlog.version": "6.5.2" + "version": "6.5.2" } diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json index d4a8a8c10ef5..f244f0cb8532 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis-ecs", - "title": "Clients [Metricbeat Redis] ECS", + "savedSearchId": "Metricbeat-Redis", + "title": "Clients [Metricbeat Redis]", "uiStateJSON": { "vis": { "defaultColors": { @@ -17,7 +17,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -28,7 +28,7 @@ "field": "redis.info.clients.connected" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "listeners": {}, @@ -68,25 +68,25 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, "handleNoResults": true, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Clients [Metricbeat Redis] ECS", - "winlog.api": "metric" + "title": "Clients [Metricbeat Redis]", + "type": "metric" } }, "col": 1, - "id": "Redis-Clients-Metrics-ecs", + "id": "Redis-Clients-Metrics", "panelIndex": 2, "row": 1, "size_x": 3, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -96,8 +96,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis-ecs", - "title": "Connected clients [Metricbeat Redis] ECS", + "savedSearchId": "Metricbeat-Redis", + "title": "Connected clients [Metricbeat Redis]", "uiStateJSON": { "vis": { "colors": { @@ -105,7 +105,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -116,7 +116,7 @@ "field": "redis.info.clients.connected" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -129,7 +129,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -139,7 +139,7 @@ "field": "redis.info.clients.blocked" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "listeners": {}, @@ -156,12 +156,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -184,7 +184,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], @@ -204,30 +204,30 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Connected clients [Metricbeat Redis] ECS", - "winlog.api": "histogram" + "title": "Connected clients [Metricbeat Redis]", + "type": "histogram" } }, "col": 4, - "id": "Redis-Connected-clients-ecs", + "id": "Redis-Connected-clients", "panelIndex": 1, "row": 1, "size_x": 5, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -237,8 +237,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis-ecs", - "title": "Hosts [Metricbeat Redis] ECS", + "savedSearchId": "Metricbeat-Redis", + "title": "Hosts [Metricbeat Redis]", "uiStateJSON": { "vis": { "params": { @@ -249,20 +249,20 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "2", "params": { - "field": "service.address", + "field": "metricset.host", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -272,17 +272,17 @@ "field": "redis.info.server.uptime" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, "id": "6", "params": { "customLabel": "PID", - "field": "process.pid" + "field": "redis.info.server.process_id" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -292,7 +292,7 @@ "field": "redis.info.memory.used.peak" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -302,7 +302,7 @@ "field": "redis.info.cpu.used.user" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -312,7 +312,7 @@ "field": "redis.info.cpu.used.sys" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "listeners": {}, @@ -327,18 +327,18 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat Redis] ECS", - "winlog.api": "table" + "title": "Hosts [Metricbeat Redis]", + "type": "table" } }, "col": 1, - "id": "Redis-hosts-ecs", + "id": "Redis-hosts", "panelIndex": 3, "row": 4, "size_x": 12, "size_y": 2, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -348,10 +348,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis-ecs", - "title": "Server Versions [Metricbeat Redis] ECS", + "savedSearchId": "Metricbeat-Redis", + "title": "Server Versions [Metricbeat Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -359,23 +359,23 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "service.address" + "field": "metricset.host" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { "customLabel": "Multiplexing API", - "field": "service.version", + "field": "redis.info.server.version", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -386,18 +386,18 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Server Versions [Metricbeat Redis] ECS", - "winlog.api": "pie" + "title": "Server Versions [Metricbeat Redis]", + "type": "pie" } }, "col": 1, - "id": "Redis-Server-Versions-ecs", + "id": "Redis-Server-Versions", "panelIndex": 4, "row": 6, "size_x": 4, "size_y": 2, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -407,10 +407,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis-ecs", - "title": "Server mode [Metricbeat Redis] ECS", + "savedSearchId": "Metricbeat-Redis", + "title": "Server mode [Metricbeat Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -418,10 +418,10 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "service.address" + "field": "metricset.host" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -434,7 +434,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -445,18 +445,18 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Server mode [Metricbeat Redis] ECS", - "winlog.api": "pie" + "title": "Server mode [Metricbeat Redis]", + "type": "pie" } }, "col": 5, - "id": "Redis-server-mode-ecs", + "id": "Redis-server-mode", "panelIndex": 5, "row": 6, "size_x": 4, "size_y": 2, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -466,10 +466,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis-ecs", - "title": "Multiplexing API [Metricbeat Redis] ECS", + "savedSearchId": "Metricbeat-Redis", + "title": "Multiplexing API [Metricbeat Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -477,10 +477,10 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "service.address" + "field": "metricset.host" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -493,7 +493,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -504,18 +504,18 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Multiplexing API [Metricbeat Redis] ECS", - "winlog.api": "pie" + "title": "Multiplexing API [Metricbeat Redis]", + "type": "pie" } }, "col": 9, - "id": "Redis-multiplexing-API-ecs", + "id": "Redis-multiplexing-API", "panelIndex": 6, "row": 6, "size_x": 3, "size_y": 2, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -525,10 +525,10 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis-ecs", - "title": "Keyspaces [Metricbeat Redis] ECS", + "savedSearchId": "Metricbeat-Redis", + "title": "Keyspaces [Metricbeat Redis]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -539,7 +539,7 @@ "field": "redis.keyspace.keys" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -552,7 +552,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -565,7 +565,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -582,12 +582,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -612,7 +612,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -633,30 +633,30 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Keyspaces [Metricbeat Redis] ECS", - "winlog.api": "area" + "title": "Keyspaces [Metricbeat Redis]", + "type": "area" } }, "col": 9, - "id": "Redis-Keyspaces-ecs", + "id": "Redis-Keyspaces", "panelIndex": 7, "row": 1, "size_x": 4, "size_y": 3, - "winlog.api": "visualization", - "winlog.version": 2 + "type": "visualization", + "version": 2 }, { "attributes": { @@ -685,7 +685,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "event.module:redis" + "query": "metricset.module:redis" } } } @@ -694,12 +694,12 @@ "@timestamp", "desc" ], - "title": "Metricbeat Redis ECS", - "winlog.version": 1 + "title": "Metricbeat Redis", + "version": 1 }, - "id": "Metricbeat-Redis-ecs", - "winlog.api": "search", - "winlog.version": 7 + "id": "Metricbeat-Redis", + "type": "search", + "version": 7 }, { "attributes": { @@ -718,7 +718,7 @@ } ], "highlightAll": true, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -727,70 +727,70 @@ "panelsJSON": [ { "col": 1, - "id": "Redis-Clients-Metrics-ecs", + "id": "Redis-Clients-Metrics", "panelIndex": 2, "row": 1, "size_x": 3, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 4, - "id": "Redis-Connected-clients-ecs", + "id": "Redis-Connected-clients", "panelIndex": 1, "row": 1, "size_x": 5, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Redis-hosts-ecs", + "id": "Redis-hosts", "panelIndex": 3, "row": 4, "size_x": 12, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Redis-Server-Versions-ecs", + "id": "Redis-Server-Versions", "panelIndex": 4, "row": 6, "size_x": 4, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "Redis-server-mode-ecs", + "id": "Redis-server-mode", "panelIndex": 5, "row": 6, "size_x": 4, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "Redis-multiplexing-API-ecs", + "id": "Redis-multiplexing-API", "panelIndex": 6, "row": 6, "size_x": 3, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "Redis-Keyspaces-ecs", + "id": "Redis-Keyspaces", "panelIndex": 7, "row": 1, "size_x": 4, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat Redis] Overview ECS", + "title": "[Metricbeat Redis] Overview", "uiStateJSON": { "P-2": { "vis": { @@ -815,12 +815,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "AV4YjZ5pux-M-tCAunxK-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "AV4YjZ5pux-M-tCAunxK", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "5.6.0-SNAPSHOT" + "version": "5.6.0-SNAPSHOT" } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json index 6e560643627f..411d4b4310d2 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json @@ -18,7 +18,7 @@ } } }, - "title": "Container CPU usage [Metricbeat System] ECS", + "title": "Container CPU usage [Metricbeat System]", "uiStateJSON": { "vis": { "params": { @@ -29,7 +29,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -40,7 +40,7 @@ "field": "system.process.cgroup.cpuacct.stats.user.ns" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -50,7 +50,7 @@ "field": "system.process.cgroup.cpu.cfs.quota.us" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -63,7 +63,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -73,7 +73,7 @@ "field": "system.process.cgroup.cpu.stats.throttled.ns" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, @@ -83,20 +83,20 @@ "field": "system.process.cgroup.cpuacct.stats.system.ns" }, "schema": "metric", - "winlog.api": "max" + "type": "max" }, { "enabled": true, "id": "6", "params": { "customLabel": "Process name", - "field": "process.name", + "field": "system.process.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -110,13 +110,13 @@ }, "totalFunc": "sum" }, - "title": "Container CPU usage [Metricbeat System] ECS", - "winlog.api": "table" + "title": "Container CPU usage [Metricbeat System]", + "type": "table" } }, - "id": "Container-CPU-usage-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Container-CPU-usage", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -135,22 +135,22 @@ } } }, - "title": "System Navigation [Metricbeat System] ECS", + "title": "System Navigation [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" }, - "title": "System Navigation [Metricbeat System] ECS", - "winlog.api": "markdown" + "title": "System Navigation [Metricbeat System]", + "type": "markdown" } }, - "id": "System-Navigation-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "System-Navigation", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -170,7 +170,7 @@ } } }, - "title": "Container Memory stats [Metricbeat System] ECS", + "title": "Container Memory stats [Metricbeat System]", "uiStateJSON": { "vis": { "params": { @@ -181,7 +181,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -192,7 +192,7 @@ "field": "system.process.cgroup.memory.mem.usage.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -202,7 +202,7 @@ "field": "system.process.cgroup.memory.mem.usage.max.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -212,7 +212,7 @@ "field": "system.process.cgroup.memory.stats.page_faults" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -222,7 +222,7 @@ "field": "system.process.cgroup.memory.stats.pages_in" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -232,7 +232,7 @@ "field": "system.process.cgroup.memory.stats.pages_out" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -245,7 +245,7 @@ "size": 50 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -255,7 +255,7 @@ "field": "system.process.cgroup.memory.stats.inactive_file.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -265,20 +265,20 @@ "field": "system.process.cgroup.memory.stats.major_page_faults" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, "id": "8", "params": { "customLabel": "Process name", - "field": "process.name", + "field": "system.process.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -288,7 +288,7 @@ "field": "system.process.cgroup.memory.mem.failures" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -298,7 +298,7 @@ "field": "system.process.cgroup.memory.kmem_tcp.usage.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -308,7 +308,7 @@ "field": "system.process.cgroup.memory.stats.rss_huge.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -318,7 +318,7 @@ "field": "system.process.cgroup.memory.stats.rss.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -328,7 +328,7 @@ "field": "system.process.cgroup.memory.stats.swap.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -338,7 +338,7 @@ "field": "system.process.cgroup.blkio.total.ios" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -352,13 +352,13 @@ }, "totalFunc": "sum" }, - "title": "Container Memory stats [Metricbeat System] ECS", - "winlog.api": "table" + "title": "Container Memory stats [Metricbeat System]", + "type": "table" } }, - "id": "Container-Memory-stats-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Container-Memory-stats", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -378,7 +378,7 @@ } } }, - "title": "Container Block IO [Metricbeat System] ECS", + "title": "Container Block IO [Metricbeat System]", "uiStateJSON": { "vis": { "params": { @@ -389,7 +389,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -400,7 +400,7 @@ "field": "system.process.cgroup.blkio.total.bytes" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -410,7 +410,7 @@ "field": "system.process.cgroup.blkio.total.ios" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -423,20 +423,20 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "4", "params": { "customLabel": "Process name", - "field": "process.name", + "field": "system.process.name", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -450,13 +450,13 @@ }, "totalFunc": "sum" }, - "title": "Container Block IO [Metricbeat System] ECS", - "winlog.api": "table" + "title": "Container Block IO [Metricbeat System]", + "type": "table" } }, - "id": "Container-Block-IO-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "Container-Block-IO", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -475,7 +475,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -484,43 +484,43 @@ "panelsJSON": [ { "col": 1, - "id": "Container-CPU-usage-ecs", + "id": "Container-CPU-usage", "panelIndex": 2, "row": 2, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "System-Navigation-ecs", + "id": "System-Navigation", "panelIndex": 3, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Container-Memory-stats-ecs", + "id": "Container-Memory-stats", "panelIndex": 4, "row": 5, "size_x": 12, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Container-Block-IO-ecs", + "id": "Container-Block-IO", "panelIndex": 5, "row": 8, "size_x": 12, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat System] Containers overview ECS", + "title": "[Metricbeat System] Containers overview", "uiStateJSON": { "P-2": { "vis": { @@ -553,12 +553,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "CPU-slash-Memory-per-container-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "CPU-slash-Memory-per-container", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "6.0.0-rc1-SNAPSHOT" + "version": "6.0.0-rc1-SNAPSHOT" } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json index 2adba2d39b8c..59c466dd0bad 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json @@ -13,9 +13,9 @@ } } }, - "title": "Network Traffic (Packets) [Metricbeat System] ECS", + "title": "Network Traffic (Packets) [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -40,24 +40,24 @@ { "field": "system.network.in.packets", "id": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "max" + "type": "max" }, { "field": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", "id": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", "id": "c0da3d80-1b93-11e7-8ada-3df93aab833e", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { "function": "sum", "id": "ecaad010-2c2c-11e7-be71-3162da85303f", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": "0", @@ -80,18 +80,18 @@ { "field": "system.network.out.packets", "id": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "max" + "type": "max" }, { "field": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", "id": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "id": "17e597a0-faa1-11e6-86b1-cd7735ff7e23", "script": "params.rate != null && params.rate > 0 ? params.rate * -1 : null", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", @@ -103,7 +103,7 @@ { "function": "sum", "id": "fe5fbdc0-2c2c-11e7-be71-3162da85303f", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": "0", @@ -116,15 +116,15 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Mericbeat: Network Traffic (Packets) ECS", - "winlog.api": "metrics" + "title": "Mericbeat: Network Traffic (Packets)", + "type": "metrics" } }, - "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -142,9 +142,9 @@ } } }, - "title": "System Load [Metricbeat System] ECS", + "title": "System Load [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -167,7 +167,7 @@ { "field": "system.load.1", "id": "f62671e1-1b14-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -188,7 +188,7 @@ { "field": "system.load.5", "id": "1c324851-1b15-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -209,7 +209,7 @@ { "field": "system.load.15", "id": "32880e50-1b15-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -221,15 +221,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "System Load [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "System Load [Metricbeat System]", + "type": "metrics" } }, - "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "4d546850-1b15-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -244,9 +244,9 @@ } } }, - "title": "Network Traffic (Bytes) [Metricbeat System] ECS", + "title": "Network Traffic (Bytes) [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -271,24 +271,24 @@ { "field": "system.network.in.bytes", "id": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "max" + "type": "max" }, { "field": "da1046f2-faa0-11e6-86b1-cd7735ff7e23", "id": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "f41f9280-faa0-11e6-86b1-cd7735ff7e23", "id": "a87398e0-1b93-11e7-8ada-3df93aab833e", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { "function": "sum", "id": "2d533df0-2c2d-11e7-be71-3162da85303f", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": "0", @@ -311,18 +311,18 @@ { "field": "system.network.out.bytes", "id": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "max" + "type": "max" }, { "field": "fbbd7e30-faa0-11e6-86b1-cd7735ff7e23", "id": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "id": "17e597a0-faa1-11e6-86b1-cd7735ff7e23", "script": "params.rate != null && params.rate > 0 ? params.rate * -1 : null", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "fbbd7e31-faa0-11e6-86b1-cd7735ff7e23", @@ -334,7 +334,7 @@ { "function": "sum", "id": "533da9b0-2c2d-11e7-be71-3162da85303f", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": "0", @@ -347,15 +347,15 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Mericbeat: Network Traffic (Bytes) ECS", - "winlog.api": "metrics" + "title": "Mericbeat: Network Traffic (Bytes)", + "type": "metrics" } }, - "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -373,9 +373,9 @@ } } }, - "title": "Memory Usage [Metricbeat System] ECS", + "title": "Memory Usage [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -398,7 +398,7 @@ { "field": "system.memory.actual.used.bytes", "id": "4ff61fd1-1b16-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -419,17 +419,17 @@ { "field": "system.memory.actual.used.bytes", "id": "753a6081-1b16-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" }, { "field": "system.memory.used.bytes", "id": "7c9d3f00-1b16-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" }, { "id": "869cc160-1b16-11e7-b09e-037021c4f8df", "script": "params.actual != null && params.used != null ? params.used - params.actual : null", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "753a6081-1b16-11e7-b09e-037021c4f8df", @@ -462,7 +462,7 @@ { "field": "system.memory.free", "id": "32f46f42-1b16-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -474,15 +474,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Memory Usage [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Memory Usage [Metricbeat System]", + "type": "metrics" } }, - "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -500,9 +500,9 @@ } } }, - "title": "Top Processes By CPU [Metricbeat System] ECS", + "title": "Top Processes By CPU [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -534,29 +534,29 @@ { "field": "system.process.cpu.total.pct", "id": "5f5b8d52-1b18-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "process.name", + "terms_field": "system.process.name", "terms_order_by": "5f5b8d52-1b18-11e7-b09e-037021c4f8df" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Top Processes By CPU [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Top Processes By CPU [Metricbeat System]", + "type": "metrics" } }, - "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -574,9 +574,9 @@ } } }, - "title": "Processes By Memory [Metricbeat System] ECS", + "title": "Processes By Memory [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -620,29 +620,29 @@ { "field": "system.process.memory.rss.pct", "id": "edfceb32-1b18-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "process.name", + "terms_field": "system.process.name", "terms_order_by": "edfceb32-1b18-11e7-b09e-037021c4f8df" } ], "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Processes By Memory [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Processes By Memory [Metricbeat System]", + "type": "metrics" } }, - "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "2e224660-1b19-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -660,9 +660,9 @@ } } }, - "title": "CPU Usage [Metricbeat System] ECS", + "title": "CPU Usage [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -685,7 +685,7 @@ { "field": "system.cpu.user.pct", "id": "80a04952-1b19-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -706,7 +706,7 @@ { "field": "system.cpu.system.pct", "id": "993acf31-1b19-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -727,7 +727,7 @@ { "field": "system.cpu.nice.pct", "id": "65ca5cf0-1b1a-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -748,7 +748,7 @@ { "field": "system.cpu.irq.pct", "id": "741b5f21-1b1a-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -769,7 +769,7 @@ { "field": "system.cpu.softirq.pct", "id": "2efc5d41-1b1a-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -790,7 +790,7 @@ { "field": "system.cpu.iowait.pct", "id": "ae644a31-1b19-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": "0", @@ -802,15 +802,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "CPU Usage [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "CPU Usage [Metricbeat System]", + "type": "metrics" } }, - "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -828,9 +828,9 @@ } } }, - "title": "Disk IO (Bytes) [Metricbeat System] ECS", + "title": "Disk IO (Bytes) [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -854,18 +854,18 @@ { "field": "system.diskio.read.bytes", "id": "d3c67db2-1b1a-11e7-b09e-037021c4f8df", - "winlog.api": "max" + "type": "max" }, { "field": "d3c67db2-1b1a-11e7-b09e-037021c4f8df", "id": "f55b9910-1b1a-11e7-b09e-037021c4f8df", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "f55b9910-1b1a-11e7-b09e-037021c4f8df", "id": "dcbbb100-1b93-11e7-8ada-3df93aab833e", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" } ], @@ -888,18 +888,18 @@ { "field": "system.diskio.write.bytes", "id": "144124d1-1b1b-11e7-b09e-037021c4f8df", - "winlog.api": "max" + "type": "max" }, { "field": "144124d1-1b1b-11e7-b09e-037021c4f8df", "id": "144124d2-1b1b-11e7-b09e-037021c4f8df", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "id": "144124d4-1b1b-11e7-b09e-037021c4f8df", "script": "params.rate > 0 ? params.rate * -1 : 0", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "144124d2-1b1b-11e7-b09e-037021c4f8df", @@ -919,15 +919,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Disk IO (Bytes) [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Disk IO (Bytes) [Metricbeat System]", + "type": "metrics" } }, - "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -945,9 +945,9 @@ } } }, - "title": "Load Gauge [Metricbeat System] ECS", + "title": "Load Gauge [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -983,7 +983,7 @@ { "field": "system.load.5", "id": "fdcc6182-1b90-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -995,15 +995,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Load Gauge [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Load Gauge [Metricbeat System]", + "type": "metrics" } }, - "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -1021,9 +1021,9 @@ } } }, - "title": "CPU Usage Gauge [Metricbeat System] ECS", + "title": "CPU Usage Gauge [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1071,22 +1071,22 @@ { "field": "system.cpu.user.pct", "id": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "avg" + "type": "avg" }, { "field": "system.cpu.system.pct", "id": "225c2140-5fd7-11e7-a63a-a937b7c1a7e1", - "winlog.api": "avg" + "type": "avg" }, { "field": "system.cpu.cores", "id": "837a30c0-5fd7-11e7-a63a-a937b7c1a7e1", - "winlog.api": "avg" + "type": "avg" }, { "id": "587aa510-1b91-11e7-bec4-a5e9ec5cab8b", "script": "params.n > 0 ? (params.user+params.system)/params.n : null", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", @@ -1115,15 +1115,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "CPU Usage Gauge [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "CPU Usage Gauge [Metricbeat System]", + "type": "metrics" } }, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -1141,9 +1141,9 @@ } } }, - "title": "Memory Usage Gauge [Metricbeat System] ECS", + "title": "Memory Usage Gauge [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1191,7 +1191,7 @@ { "field": "system.memory.actual.used.pct", "id": "9f51b732-1b91-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -1203,15 +1203,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Memory Usage Gauge [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Memory Usage Gauge [Metricbeat System]", + "type": "metrics" } }, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -1229,9 +1229,9 @@ } } }, - "title": "Inbound Traffic [Metricbeat System] ECS", + "title": "Inbound Traffic [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1260,24 +1260,24 @@ { "field": "system.network.in.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { "function": "sum", "id": "c40e18f0-2c55-11e7-a0ad-277ce466684d", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -1300,18 +1300,18 @@ { "field": "system.network.in.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { @@ -1319,7 +1319,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -1333,15 +1333,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Inbound Traffic [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Inbound Traffic [Metricbeat System]", + "type": "metrics" } }, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -1359,9 +1359,9 @@ } } }, - "title": "Outbound Traffic [Metricbeat System] ECS", + "title": "Outbound Traffic [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1390,24 +1390,24 @@ { "field": "system.network.out.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { "function": "sum", "id": "a1737470-2c55-11e7-a0ad-277ce466684d", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -1430,18 +1430,18 @@ { "field": "system.network.out.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { @@ -1449,7 +1449,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -1463,15 +1463,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Outbound Traffic [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Outbound Traffic [Metricbeat System]", + "type": "metrics" } }, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -1489,9 +1489,9 @@ } } }, - "title": "Disk Usage [Metricbeat System] ECS", + "title": "Disk Usage [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1535,7 +1535,7 @@ { "field": "system.filesystem.used.pct", "id": "9f7e48a2-1b95-11e7-8ada-3df93aab833e", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -1548,15 +1548,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Disk Usage [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Disk Usage [Metricbeat System]", + "type": "metrics" } }, - "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -1575,22 +1575,22 @@ } } }, - "title": "System Navigation [Metricbeat System] ECS", + "title": "System Navigation [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" }, - "title": "System Navigation [Metricbeat System] ECS", - "winlog.api": "markdown" + "title": "System Navigation [Metricbeat System]", + "type": "markdown" } }, - "id": "System-Navigation-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "System-Navigation", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -1608,9 +1608,9 @@ } } }, - "title": "Swap usage [Metricbeat System] ECS", + "title": "Swap usage [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1658,7 +1658,7 @@ { "field": "system.memory.swap.used.pct", "id": "cee2fd22-4d59-11e7-aee5-fdc812cc3bec", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -1670,15 +1670,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Swap usage [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Swap usage [Metricbeat System]", + "type": "metrics" } }, - "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -1693,9 +1693,9 @@ } } }, - "title": "Memory usage vs total ECS", + "title": "Memory usage vs total", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "listeners": {}, @@ -1724,7 +1724,7 @@ { "field": "system.memory.actual.used.bytes", "id": "6bc65722-4d5c-11e7-aa29-87a97a796de6", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -1745,7 +1745,7 @@ { "field": "system.memory.total", "id": "b8fe6821-4d5c-11e7-aa29-87a97a796de6", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -1756,15 +1756,15 @@ ], "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Memory usage vs total ECS", - "winlog.api": "metrics" + "title": "Memory usage vs total", + "type": "metrics" } }, - "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -1782,9 +1782,9 @@ } } }, - "title": "Disk used [Metricbeat System] ECS", + "title": "Disk used [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1832,17 +1832,17 @@ { "field": "system.fsstat.total_size.used", "id": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", - "winlog.api": "avg" + "type": "avg" }, { "field": "system.fsstat.total_size.total", "id": "57c96ee0-4d54-11e7-b5f2-2b7c1895bf32", - "winlog.api": "avg" + "type": "avg" }, { "id": "6304cca0-4d54-11e7-b5f2-2b7c1895bf32", "script": "params.total != null && params.total > 0 ? params.used/params.total : null", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", @@ -1866,15 +1866,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Disk used [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Disk used [Metricbeat System]", + "type": "metrics" } }, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -1892,9 +1892,9 @@ } } }, - "title": "Packetloss [Metricbeat System] ECS", + "title": "Packetloss [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -1922,7 +1922,7 @@ { "field": "system.network.in.dropped", "id": "6984af12-4d5d-11e7-aa29-87a97a796de6", - "winlog.api": "max" + "type": "max" } ], "point_size": 1, @@ -1943,7 +1943,7 @@ { "field": "system.network.out.dropped", "id": "ac2e6b31-4d5d-11e7-aa29-87a97a796de6", - "winlog.api": "max" + "type": "max" } ], "point_size": 1, @@ -1955,15 +1955,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Packetloss [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Packetloss [Metricbeat System]", + "type": "metrics" } }, - "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "96976150-4d5d-11e7-aa29-87a97a796de6", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -1981,9 +1981,9 @@ } } }, - "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", + "title": "Interfaces by Incoming traffic [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -2011,7 +2011,7 @@ { "field": "system.network.in.bytes", "id": "42ced5a1-4d60-11e7-9a4c-ed99bbcaa42b", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -2025,15 +2025,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Interfaces by Incoming traffic [Metricbeat System]", + "type": "metrics" } }, - "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -2051,9 +2051,9 @@ } } }, - "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", + "title": "Interfaces by Outgoing traffic [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -2081,7 +2081,7 @@ { "field": "system.network.out.bytes", "id": "9cdba912-4d60-11e7-9a4c-ed99bbcaa42b", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -2095,15 +2095,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Interfaces by Outgoing traffic [Metricbeat System]", + "type": "metrics" } }, - "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -2120,7 +2120,7 @@ } } }, - "title": "Number of processes [Metricbeat System] ECS", + "title": "Number of processes [Metricbeat System]", "uiStateJSON": { "vis": { "defaultColors": { @@ -2128,7 +2128,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -2136,10 +2136,10 @@ "id": "1", "params": { "customLabel": "Processes", - "field": "process.pid" + "field": "system.process.pid" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "listeners": {}, @@ -2179,19 +2179,19 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Number of processes ECS", - "winlog.api": "metric" + "title": "Number of processes", + "type": "metric" } }, - "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -2199,22 +2199,22 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Tip [Metricbeat System] ECS", + "title": "Tip [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**TIP:** To select another host, go to the [System Overview](#/dashboard/Metricbeat-system-overview-ecs) dashboard and double-click a host name." + "markdown": "**TIP:** To select another host, go to the [System Overview](#/dashboard/Metricbeat-system-overview) dashboard and double-click a host name." }, - "title": "Tip [Metricbeat System] ECS", - "winlog.api": "markdown" + "title": "Tip [Metricbeat System]", + "type": "markdown" } }, - "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -2226,9 +2226,9 @@ "highlightAll": true, "query": { "language": "lucene", - "query": "host.name:\"CHANGEME_HOSTNAME\"" + "query": "beat.name:\"CHANGEME_HOSTNAME\"" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -2237,214 +2237,214 @@ "panelsJSON": [ { "col": 1, - "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23", "panelIndex": 1, "row": 12, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", + "id": "4d546850-1b15-11e7-b09e-037021c4f8df", "panelIndex": 2, "row": 6, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df", "panelIndex": 3, "row": 12, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df", "panelIndex": 4, "row": 9, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df", "panelIndex": 5, "row": 15, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", + "id": "2e224660-1b19-11e7-b09e-037021c4f8df", "panelIndex": 6, "row": 15, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df", "panelIndex": 7, "row": 6, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df", "panelIndex": 8, "row": 9, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b", "panelIndex": 9, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", "panelIndex": 10, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 3, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", "panelIndex": 11, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", "panelIndex": 12, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", "panelIndex": 13, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e", "panelIndex": 14, "row": 4, "size_x": 4, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "System-Navigation-ecs", + "id": "System-Navigation", "panelIndex": 16, "row": 1, "size_x": 6, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec", "panelIndex": 21, "row": 4, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 3, - "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6", "panelIndex": 22, "row": 4, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", "panelIndex": 23, "row": 4, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 11, - "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", + "id": "96976150-4d5d-11e7-aa29-87a97a796de6", "panelIndex": 25, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b", "panelIndex": 27, "row": 18, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b", "panelIndex": 28, "row": 18, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4", "panelIndex": 29, "row": 4, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295", "panelIndex": 30, "row": 1, "size_x": 6, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat System] Host overview ECS", + "title": "[Metricbeat System] Host overview", "uiStateJSON": { "P-29": { "vis": { @@ -2454,12 +2454,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "79ffd6e0-faa0-11e6-947f-177f697178b8-ecs", - "winlog.api": "dashboard", - "winlog.version": 12 + "id": "79ffd6e0-faa0-11e6-947f-177f697178b8", + "type": "dashboard", + "version": 12 } ], - "winlog.version": "6.0.0-rc1-SNAPSHOT" + "version": "6.0.0-rc1-SNAPSHOT" } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json index 53482452e566..4dc8714925c9 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json @@ -17,22 +17,22 @@ } } }, - "title": "System Navigation [Metricbeat System] ECS", + "title": "System Navigation [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" }, - "title": "System Navigation [Metricbeat System] ECS", - "winlog.api": "markdown" + "title": "System Navigation [Metricbeat System]", + "type": "markdown" } }, - "id": "System-Navigation-ecs", - "winlog.api": "visualization", - "winlog.version": 3 + "id": "System-Navigation", + "type": "visualization", + "version": 3 }, { "attributes": { @@ -52,7 +52,7 @@ } } }, - "title": "Number of hosts [Metricbeat System] ECS", + "title": "Number of hosts [Metricbeat System]", "uiStateJSON": { "vis": { "defaultColors": { @@ -60,7 +60,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -68,10 +68,10 @@ "id": "1", "params": { "customLabel": "Number of hosts", - "field": "host.name" + "field": "beat.name" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -110,19 +110,19 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Number of hosts [Metricbeat System] ECS", - "winlog.api": "metric" + "title": "Number of hosts [Metricbeat System]", + "type": "metric" } }, - "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -140,9 +140,9 @@ } } }, - "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", + "title": "Top Hosts By Memory (Realtime) [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -168,7 +168,7 @@ "value": 0.85 } ], - "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(query_string:(analyze_wildcard:!t,query:'host.name:\"{{key}}\"')))", + "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8?_a=(query:(query_string:(analyze_wildcard:!t,query:'beat.name:\"{{key}}\"')))", "filter": "", "id": "31e5afa0-1b1c-11e7-b09e-037021c4f8df", "index_pattern": "metricbeat-*", @@ -186,14 +186,14 @@ { "field": "system.memory.actual.used.pct", "id": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "host.name", + "terms_field": "beat.name", "terms_order_by": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", "terms_size": "10" } @@ -201,15 +201,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Top Hosts By Memory (Realtime) [Metricbeat System]", + "type": "metrics" } }, - "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -227,9 +227,9 @@ } } }, - "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", + "title": "Top Hosts By CPU (Realtime) [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -255,7 +255,7 @@ "value": 0.85 } ], - "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(query_string:(analyze_wildcard:!t,query:'host.name:\"{{key}}\"')))", + "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8?_a=(query:(query_string:(analyze_wildcard:!t,query:'beat.name:\"{{key}}\"')))", "filter": "", "id": "31e5afa0-1b1c-11e7-b09e-037021c4f8df", "index_pattern": "metricbeat-*", @@ -273,14 +273,14 @@ { "field": "system.cpu.user.pct", "id": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "host.name", + "terms_field": "beat.name", "terms_order_by": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", "terms_size": "10" } @@ -288,15 +288,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "top_n" + "type": "top_n" }, - "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Top Hosts By CPU (Realtime) [Metricbeat System]", + "type": "metrics" } }, - "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -316,7 +316,7 @@ } } }, - "title": "Hosts histogram by CPU usage [Metricbeat System] ECS", + "title": "Hosts histogram by CPU usage [Metricbeat System]", "uiStateJSON": { "vis": { "defaultColors": { @@ -327,7 +327,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -338,7 +338,7 @@ "field": "system.cpu.user.pct" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -351,20 +351,20 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": { "customLabel": "Hosts", - "field": "host.name", + "field": "beat.name", "order": "desc", "orderBy": "1", "size": 20 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -379,7 +379,7 @@ "percentageMode": false, "setColorRange": false, "times": [], - "winlog.api": "heatmap", + "type": "heatmap", "valueAxes": [ { "id": "ValueAxis-1", @@ -390,20 +390,20 @@ }, "scale": { "defaultYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": false, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Hosts histogram by CPU usage [Metricbeat System] ECS", - "winlog.api": "heatmap" + "title": "Hosts histogram by CPU usage [Metricbeat System]", + "type": "heatmap" } }, - "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -421,9 +421,9 @@ } } }, - "title": "Inbound Traffic [Metricbeat System] ECS", + "title": "Inbound Traffic [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -452,24 +452,24 @@ { "field": "system.network.in.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { "function": "sum", "id": "c40e18f0-2c55-11e7-a0ad-277ce466684d", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -492,18 +492,18 @@ { "field": "system.network.in.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { @@ -511,7 +511,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -525,15 +525,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Inbound Traffic [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Inbound Traffic [Metricbeat System]", + "type": "metrics" } }, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -551,9 +551,9 @@ } } }, - "title": "Outbound Traffic [Metricbeat System] ECS", + "title": "Outbound Traffic [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -582,24 +582,24 @@ { "field": "system.network.out.bytes", "id": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "0c761592-1b92-11e7-bec4-a5e9ec5cab8b", "id": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "1s" }, { "field": "1d659060-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f2074f70-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { "function": "sum", "id": "a1737470-2c55-11e7-a0ad-277ce466684d", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -622,18 +622,18 @@ { "field": "system.network.out.bytes", "id": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "max" + "type": "max" }, { "field": "37f72b50-1b92-11e7-bec4-a5e9ec5cab8b", "id": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "derivative", + "type": "derivative", "unit": "" }, { "field": "37f72b51-1b92-11e7-bec4-a5e9ec5cab8b", "id": "f9da2dd0-1b92-11e7-a416-41f5ccdba2e6", - "winlog.api": "positive_only", + "type": "positive_only", "unit": "" }, { @@ -641,7 +641,7 @@ "function": "overall_sum", "id": "3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b", "sigma": "", - "winlog.api": "series_agg" + "type": "series_agg" } ], "point_size": 1, @@ -655,15 +655,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "Outbound Traffic [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Outbound Traffic [Metricbeat System]", + "type": "metrics" } }, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -681,9 +681,9 @@ } } }, - "title": "Disk used [Metricbeat System] ECS", + "title": "Disk used [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -731,17 +731,17 @@ { "field": "system.fsstat.total_size.used", "id": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", - "winlog.api": "avg" + "type": "avg" }, { "field": "system.fsstat.total_size.total", "id": "57c96ee0-4d54-11e7-b5f2-2b7c1895bf32", - "winlog.api": "avg" + "type": "avg" }, { "id": "6304cca0-4d54-11e7-b5f2-2b7c1895bf32", "script": "params.total != null && params.total > 0 ? params.used/params.total : null", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32", @@ -765,15 +765,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Disk used [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Disk used [Metricbeat System]", + "type": "metrics" } }, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -791,9 +791,9 @@ } } }, - "title": "Memory Usage Gauge [Metricbeat System] ECS", + "title": "Memory Usage Gauge [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -841,7 +841,7 @@ { "field": "system.memory.actual.used.pct", "id": "9f51b732-1b91-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -853,15 +853,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Memory Usage Gauge [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "Memory Usage Gauge [Metricbeat System]", + "type": "metrics" } }, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -879,9 +879,9 @@ } } }, - "title": "CPU Usage Gauge [Metricbeat System] ECS", + "title": "CPU Usage Gauge [Metricbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -929,22 +929,22 @@ { "field": "system.cpu.user.pct", "id": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", - "winlog.api": "avg" + "type": "avg" }, { "field": "system.cpu.system.pct", "id": "225c2140-5fd7-11e7-a63a-a937b7c1a7e1", - "winlog.api": "avg" + "type": "avg" }, { "field": "system.cpu.cores", "id": "837a30c0-5fd7-11e7-a63a-a937b7c1a7e1", - "winlog.api": "avg" + "type": "avg" }, { "id": "587aa510-1b91-11e7-bec4-a5e9ec5cab8b", "script": "params.n > 0 ? (params.user+params.system)/params.n : null", - "winlog.api": "calculation", + "type": "calculation", "variables": [ { "field": "4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b", @@ -973,15 +973,15 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "gauge" + "type": "gauge" }, - "title": "CPU Usage Gauge [Metricbeat System] ECS", - "winlog.api": "metrics" + "title": "CPU Usage Gauge [Metricbeat System]", + "type": "metrics" } }, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -1000,7 +1000,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1009,97 +1009,97 @@ "panelsJSON": [ { "col": 1, - "id": "System-Navigation-ecs", + "id": "System-Navigation", "panelIndex": 9, "row": 1, "size_x": 12, "size_y": 1, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9", "panelIndex": 11, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b", "panelIndex": 12, "row": 4, "size_x": 6, "size_y": 5, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df", "panelIndex": 13, "row": 4, "size_x": 6, "size_y": 5, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9", "panelIndex": 14, "row": 9, "size_x": 12, "size_y": 6, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", "panelIndex": 16, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 11, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", "panelIndex": 17, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", "panelIndex": 18, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", "panelIndex": 19, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 3, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", "panelIndex": 20, "row": 2, "size_x": 2, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat System] Overview ECS", + "title": "[Metricbeat System] Overview", "uiStateJSON": { "P-11": { "vis": { @@ -1147,12 +1147,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "Metricbeat-system-overview-ecs", - "winlog.api": "dashboard", - "winlog.version": 2 + "id": "Metricbeat-system-overview", + "type": "dashboard", + "version": 2 } ], - "winlog.version": "6.0.0-rc1-SNAPSHOT" + "version": "6.0.0-rc1-SNAPSHOT" } diff --git a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json index 37444b561f4f..17b1158e8285 100644 --- a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json +++ b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json @@ -6,21 +6,21 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Overview [Metricbeat uWSGI] ECS", + "title": "Overview [Metricbeat uWSGI]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "params": { "expression": ".es(metric=avg:uwsgi.status.total.requests).derivative().label('Requests').title('Overview of requests per period'),\n.es(metric=avg:uwsgi.status.total.exceptions).derivative().label('Exceptions'),\n.es(metric=max:uwsgi.status.worker.avg_rt).label('Average response time').yaxis(2)", "interval": "15s" }, - "title": "Overview [Metricbeat uWSGI] ECS", - "winlog.api": "timelion" + "title": "Overview [Metricbeat uWSGI]", + "type": "timelion" } }, - "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -28,21 +28,21 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Memory usage [Metricbeat uWSGI] ECS", + "title": "Memory usage [Metricbeat uWSGI]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "params": { "expression": ".es(metric=max:uwsgi.status.worker.rss).label('Currently used (rss)').title('Memory usage'),\n.es(metric=max:uwsgi.status.worker.vsz).label('Assigned (vsz)').yaxis(2)", "interval": "15s" }, - "title": "Memory usage [Metricbeat uWSGI] ECS", - "winlog.api": "timelion" + "title": "Memory usage [Metricbeat uWSGI]", + "type": "timelion" } }, - "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -50,21 +50,21 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Workers [Metricbeat uWSGI] ECS", + "title": "Workers [Metricbeat uWSGI]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "params": { "expression": ".es(split=uwsgi.status.core.id:16,metric=max:uwsgi.status.core.requests.total).derivative().bars().title('Requests handled by each thread (core) per period')", "interval": "15s" }, - "title": "Workers [Metricbeat uWSGI] ECS", - "winlog.api": "timelion" + "title": "Workers [Metricbeat uWSGI]", + "type": "timelion" } }, - "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -72,21 +72,21 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Errors [Metricbeat uWSGI] ECS", + "title": "Errors [Metricbeat uWSGI]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "params": { "expression": ".es(metric=max:uwsgi.status.total.read_errors).label('Read errors').title('Errors'),\n.es(metric=max:uwsgi.status.total.write_errors).label('Write errors'),\n.es(metric=max:uwsgi.status.worker.harakiri_count).label('Timeouted requests')", "interval": "15s" }, - "title": "Errors [Metricbeat uWSGI] ECS", - "winlog.api": "timelion" + "title": "Errors [Metricbeat uWSGI]", + "type": "timelion" } }, - "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -102,21 +102,21 @@ "index": "metricbeat-*", "query": { "language": "lucene", - "query": "event.module: uwsgi" + "query": "metricset.module: uwsgi" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Metricbeat uWSGI status-ecs ECS", - "winlog.version": 1 + "title": "Metricbeat uWSGI status", + "version": 1 }, - "id": "Metricbeat uWSGI status-ecs ECS", - "winlog.api": "search", - "winlog.version": 1 + "id": "Metricbeat uWSGI status", + "type": "search", + "version": 1 }, { "attributes": { @@ -130,7 +130,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -139,50 +139,50 @@ "panelsJSON": [ { "col": 1, - "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de-ecs", + "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de", "panelIndex": 1, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de-ecs", + "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de", "panelIndex": 2, "row": 1, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de-ecs", + "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de", "panelIndex": 3, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de-ecs", + "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de", "panelIndex": 4, "row": 4, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat uWSGI] Overview ECS", + "title": "[Metricbeat uWSGI] Overview", "uiStateJSON": {}, - "winlog.version": 1 + "version": 1 }, - "id": "32fca290-f0af-11e7-b9ff-9f96241065de-ecs", - "winlog.api": "dashboard", - "winlog.version": 1 + "id": "32fca290-f0af-11e7-b9ff-9f96241065de", + "type": "dashboard", + "version": 1 } ], - "winlog.version": "6.0.0-rc1" + "version": "6.0.0-rc1" } diff --git a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json index 83135d353e7b..576b3702f512 100644 --- a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json +++ b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json @@ -13,7 +13,7 @@ } } }, - "title": "Service States [Metricbeat Windows] ECS", + "title": "Service States [Metricbeat Windows]", "uiStateJSON": { "vis": { "params": { @@ -24,7 +24,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -39,7 +39,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -52,20 +52,20 @@ "size": 100 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "5", "params": { "customLabel": "Host", - "field": "host.name", + "field": "beat.name", "order": "desc", "orderBy": "_term", "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -105,13 +105,13 @@ "params": [], "title": "Order Agg" }, - "winlog.api": "max" + "type": "max" }, "orderBy": "custom", "size": 1 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -151,13 +151,13 @@ "params": [], "title": "Order Agg" }, - "winlog.api": "max" + "type": "max" }, "orderBy": "custom", "size": 1 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -171,13 +171,13 @@ }, "totalFunc": "sum" }, - "title": "Service States [Metricbeat Windows] ECS", - "winlog.api": "table" + "title": "Service States [Metricbeat Windows]", + "type": "table" } }, - "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b", + "type": "visualization", + "version": 1 }, { "attributes": { @@ -191,8 +191,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", - "title": "Hosts [Metricbeat Windows] ECS", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", + "title": "Hosts [Metricbeat Windows]", "uiStateJSON": { "vis": { "params": { @@ -203,7 +203,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -214,20 +214,20 @@ "field": "windows.service.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, "id": "2", "params": { "customLabel": "Host", - "field": "host.name", + "field": "beat.name", "order": "desc", "orderBy": "1", "size": 100 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -241,13 +241,13 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat Windows] ECS", - "winlog.api": "table" + "title": "Hosts [Metricbeat Windows]", + "type": "table" } }, - "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -261,10 +261,10 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", - "title": "Startup States [Metricbeat Windows] ECS", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", + "title": "Startup States [Metricbeat Windows]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -275,7 +275,7 @@ "field": "windows.service.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -288,7 +288,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -301,7 +301,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -309,15 +309,15 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Startup States [Metricbeat Windows] ECS", - "winlog.api": "pie" + "title": "Startup States [Metricbeat Windows]", + "type": "pie" } }, - "id": "830c45f0-c991-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "830c45f0-c991-11e7-9835-2f31fe08873b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -331,8 +331,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", - "title": "Unique Services [Metricbeat Windows] ECS", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", + "title": "Unique Services [Metricbeat Windows]", "uiStateJSON": { "vis": { "defaultColors": { @@ -340,7 +340,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -351,7 +351,7 @@ "field": "windows.service.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -389,19 +389,19 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Unique Services [Metricbeat Windows] ECS", - "winlog.api": "metric" + "title": "Unique Services [Metricbeat Windows]", + "type": "metric" } }, - "id": "35f5ad60-c996-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "visualization", - "winlog.version": 2 + "id": "35f5ad60-c996-11e7-9835-2f31fe08873b", + "type": "visualization", + "version": 2 }, { "attributes": { @@ -422,7 +422,7 @@ "index": "metricbeat-*", "key": "windows.service.exit_code", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } }, @@ -438,16 +438,16 @@ "negate": true, "params": { "query": "0", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "0" }, "query": { "match": { "windows.service.exit_code": { "query": "0", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -464,16 +464,16 @@ "negate": true, "params": { "query": "ERROR_SERVICE_NEVER_STARTED", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "ERROR_SERVICE_NEVER_STARTED" }, "query": { "match": { "windows.service.exit_code": { "query": "ERROR_SERVICE_NEVER_STARTED", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -485,8 +485,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", - "title": "Non-zero Service Exit Codes [Metricbeat Windows] ECS", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", + "title": "Non-zero Service Exit Codes [Metricbeat Windows]", "uiStateJSON": { "vis": { "defaultColors": { @@ -494,7 +494,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -505,7 +505,7 @@ "field": "windows.service.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -543,24 +543,24 @@ "labelColor": false, "subText": "" }, - "winlog.api": "simple", + "type": "simple", "useRange": false, "verticalSplit": false }, - "winlog.api": "gauge" + "type": "gauge" }, - "title": "Non-zero Service Exit Codes [Metricbeat Windows] ECS", - "winlog.api": "metric" + "title": "Non-zero Service Exit Codes [Metricbeat Windows]", + "type": "metric" } }, - "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "visualization", - "winlog.version": 1 + "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b", + "type": "visualization", + "version": 1 }, { "attributes": { "columns": [ - "host.name", + "beat.name", "windows.service.display_name", "windows.service.state", "windows.service.start_type", @@ -581,20 +581,20 @@ "alias": null, "disabled": false, "index": "metricbeat-*", - "key": "event.module", + "key": "metricset.module", "negate": false, "params": { "query": "windows", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "windows" }, "query": { "match": { - "event.module": { + "metricset.module": { "query": "windows", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -611,16 +611,16 @@ "negate": false, "params": { "query": "service", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "service" }, "query": { "match": { "metricset.name": { "query": "service", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -632,19 +632,19 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Services [Metricbeat Windows] ECS", - "winlog.version": 1 + "title": "Services [Metricbeat Windows]", + "version": 1 }, - "id": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "search", - "winlog.version": 2 + "id": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", + "type": "search", + "version": 2 }, { "attributes": { @@ -658,7 +658,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -667,52 +667,52 @@ "panelsJSON": [ { "col": 4, - "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b-ecs", + "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b", "panelIndex": 1, "row": 4, "size_x": 9, "size_y": 5, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b-ecs", + "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b", "panelIndex": 2, "row": 4, "size_x": 3, "size_y": 5, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "830c45f0-c991-11e7-9835-2f31fe08873b-ecs", + "id": "830c45f0-c991-11e7-9835-2f31fe08873b", "panelIndex": 3, "row": 1, "size_x": 4, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 5, - "id": "35f5ad60-c996-11e7-9835-2f31fe08873b-ecs", + "id": "35f5ad60-c996-11e7-9835-2f31fe08873b", "panelIndex": 4, "row": 1, "size_x": 4, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b-ecs", + "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b", "panelIndex": 5, "row": 1, "size_x": 4, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Metricbeat Windows] Services ECS", + "title": "[Metricbeat Windows] Services", "uiStateJSON": { "P-1": { "vis": { @@ -749,12 +749,12 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "d9eba730-c991-11e7-9835-2f31fe08873b-ecs", - "winlog.api": "dashboard", - "winlog.version": 6 + "id": "d9eba730-c991-11e7-9835-2f31fe08873b", + "type": "dashboard", + "version": 6 } ], - "winlog.version": "6.0.0" + "version": "6.0.0" } \ No newline at end of file diff --git a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json index ed1950a42fb8..eae9c76f04ac 100644 --- a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json +++ b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json @@ -12,9 +12,9 @@ } } }, - "title": "Approximate data size [Metricbeat Zookeeper] ECS", + "title": "Approximate data size [Metricbeat Zookeeper]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -39,7 +39,7 @@ { "field": "zookeeper.mntr.approximate_data_size", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -51,16 +51,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Approximate data size [Metricbeat Zookeeper] ECS", - "winlog.api": "metrics" + "title": "Approximate data size [Metricbeat Zookeeper]", + "type": "metrics" } }, - "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", - "winlog.api": "visualization", + "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4", + "type": "visualization", "updated_at": "2019-01-30T13:29:19.163Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -74,9 +74,9 @@ } } }, - "title": "Latency [Metricbeat Zookeeper] ECS", + "title": "Latency [Metricbeat Zookeeper]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -101,7 +101,7 @@ { "field": "zookeeper.mntr.latency.avg", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -113,16 +113,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Latency [Metricbeat Zookeeper] ECS", - "winlog.api": "metrics" + "title": "Latency [Metricbeat Zookeeper]", + "type": "metrics" } }, - "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", - "winlog.api": "visualization", + "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4", + "type": "visualization", "updated_at": "2019-01-30T13:29:05.974Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -136,9 +136,9 @@ } } }, - "title": "Alive Connections [Metricbeat Zookeeper] ECS", + "title": "Alive Connections [Metricbeat Zookeeper]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -163,7 +163,7 @@ { "field": "zookeeper.mntr.num_alive_connections", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -175,16 +175,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Alive Connections [Metricbeat Zookeeper] ECS", - "winlog.api": "metrics" + "title": "Alive Connections [Metricbeat Zookeeper]", + "type": "metrics" } }, - "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", - "winlog.api": "visualization", + "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4", + "type": "visualization", "updated_at": "2019-01-30T13:28:52.034Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -198,9 +198,9 @@ } } }, - "title": "Used file descriptors [Metricbeat Zookeeper] ECS", + "title": "Used file descriptors [Metricbeat Zookeeper]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -226,17 +226,17 @@ "field": "zookeeper.mntr.open_file_descriptor_count", "id": "b92e4550-231a-11e9-9e57-679640dc0c7c", "metric_agg": "avg", - "winlog.api": "avg" + "type": "avg" }, { "field": "zookeeper.mntr.max_file_descriptor_count", "id": "918d0c60-231b-11e9-9e57-679640dc0c7c", - "winlog.api": "avg" + "type": "avg" }, { "id": "7e4d11e0-231b-11e9-9e57-679640dc0c7c", "script": "params.a/params.b", - "winlog.api": "math", + "type": "math", "variables": [ { "field": "b92e4550-231a-11e9-9e57-679640dc0c7c", @@ -271,7 +271,7 @@ { "field": "zookeeper.mntr.open_file_descriptor_count", "id": "dffaffe1-23cc-11e9-b1ff-37c851471450", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -283,16 +283,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Used file descriptors [Metricbeat Zookeeper] ECS", - "winlog.api": "metrics" + "title": "Used file descriptors [Metricbeat Zookeeper]", + "type": "metrics" } }, - "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", - "winlog.api": "visualization", + "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4", + "type": "visualization", "updated_at": "2019-01-30T13:28:22.583Z", - "winlog.version": 5 + "version": 5 }, { "attributes": { @@ -306,9 +306,9 @@ } } }, - "title": "Packets received / sent [Metricbeat Zookeeper] ECS", + "title": "Packets received / sent [Metricbeat Zookeeper]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -333,12 +333,12 @@ { "field": "zookeeper.mntr.packets.received", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" }, { "field": "61ca57f2-469d-11e7-af02-69e470af7417", "id": "34949540-231c-11e9-9707-f128cdaa3bf2", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -366,12 +366,12 @@ { "field": "zookeeper.mntr.packets.sent", "id": "753b2e61-231c-11e9-9707-f128cdaa3bf2", - "winlog.api": "avg" + "type": "avg" }, { "field": "753b2e61-231c-11e9-9707-f128cdaa3bf2", "id": "7ed33c60-231c-11e9-9707-f128cdaa3bf2", - "winlog.api": "derivative", + "type": "derivative", "unit": "" } ], @@ -384,16 +384,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Packets received / sent [Metricbeat Zookeeper] ECS", - "winlog.api": "metrics" + "title": "Packets received / sent [Metricbeat Zookeeper]", + "type": "metrics" } }, - "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", - "winlog.api": "visualization", + "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4", + "type": "visualization", "updated_at": "2019-01-30T13:26:42.583Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -423,11 +423,11 @@ "x": 0, "y": 15 }, - "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", + "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4", "panelIndex": "1", "title": "Approximate data size", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -438,11 +438,11 @@ "x": 15, "y": 15 }, - "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", + "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4", "panelIndex": "2", "title": "Latency", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -453,11 +453,11 @@ "x": 32, "y": 15 }, - "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", + "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4", "panelIndex": "3", "title": "Alive Connections", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -468,11 +468,11 @@ "x": 23, "y": 0 }, - "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", + "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4", "panelIndex": "4", "title": "Used file descriptors", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -483,22 +483,22 @@ "x": 0, "y": 0 }, - "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", + "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4", "panelIndex": "5", "title": "Packets received / sent", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" } ], "timeRestore": false, - "title": "[Metricbeat Zookeeper] Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat Zookeeper] Overview", + "version": 1 }, - "id": "467207a0-231e-11e9-bb66-8baac426dfd4-ecs", - "winlog.api": "dashboard", + "id": "467207a0-231e-11e9-bb66-8baac426dfd4", + "type": "dashboard", "updated_at": "2019-01-30T13:34:01.235Z", - "winlog.version": 6 + "version": 6 } ], - "winlog.version": "7.0.0-alpha2" + "version": "7.0.0-alpha2" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json index 1e71f776dd83..44b3958925d8 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json @@ -15,10 +15,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra ResponseKeyspace [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra ResponseKeyspace [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -26,7 +26,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -50,7 +50,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -61,14 +61,14 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra ResponseKeyspace ECS", - "winlog.api": "pie" + "title": "Cassandra ResponseKeyspace", + "type": "pie" } }, - "id": "Cassandra-ResponseKeyspace-ecs", - "winlog.api": "visualization", + "id": "Cassandra-ResponseKeyspace", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -85,10 +85,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra ResponseType [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra ResponseType [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -96,7 +96,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -108,7 +108,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -119,14 +119,14 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra ResponseType ECS", - "winlog.api": "pie" + "title": "Cassandra ResponseType", + "type": "pie" } }, - "id": "Cassandra-ResponseType-ecs", - "winlog.api": "visualization", + "id": "Cassandra-ResponseType", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -143,10 +143,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra ResponseTime [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra ResponseTime [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -163,7 +163,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -178,7 +178,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -194,12 +194,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -226,7 +226,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -235,7 +235,7 @@ "showCircles": true, "smoothLines": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -251,26 +251,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "square root" + "type": "square root" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Cassandra ResponseTime [Packetbeat] ECS", - "winlog.api": "line" + "title": "Cassandra ResponseTime [Packetbeat]", + "type": "line" } }, - "id": "Cassandra-ResponseTime-ecs", - "winlog.api": "visualization", + "id": "Cassandra-ResponseTime", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -287,10 +287,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra RequestCount [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra RequestCount [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -298,7 +298,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -311,7 +311,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "listeners": {}, @@ -332,14 +332,14 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCount ECS", - "winlog.api": "line" + "title": "Cassandra RequestCount", + "type": "line" } }, - "id": "Cassandra-RequestCount-ecs", - "winlog.api": "visualization", + "id": "Cassandra-RequestCount", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -356,10 +356,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra Ops [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra Ops [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -367,7 +367,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -379,7 +379,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -391,7 +391,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -402,14 +402,14 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra Ops ECS", - "winlog.api": "pie" + "title": "Cassandra Ops", + "type": "pie" } }, - "id": "Cassandra-Ops-ecs", - "winlog.api": "visualization", + "id": "Cassandra-Ops", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -426,10 +426,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra RequestCountStackByType [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra RequestCountStackByType [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -437,7 +437,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -450,7 +450,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -462,7 +462,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -479,14 +479,14 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCountStackByType ECS", - "winlog.api": "histogram" + "title": "Cassandra RequestCountStackByType", + "type": "histogram" } }, - "id": "Cassandra-RequestCountStackByType-ecs", - "winlog.api": "visualization", + "id": "Cassandra-RequestCountStackByType", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -503,10 +503,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra ResponseCountStackByType [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra ResponseCountStackByType [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -514,7 +514,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -527,7 +527,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -539,7 +539,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -556,14 +556,14 @@ "times": [], "yAxis": {} }, - "title": "Cassandra ResponseCountStackByType ECS", - "winlog.api": "histogram" + "title": "Cassandra ResponseCountStackByType", + "type": "histogram" } }, - "id": "Cassandra-ResponseCountStackByType-ecs", - "winlog.api": "visualization", + "id": "Cassandra-ResponseCountStackByType", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -580,10 +580,10 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra RequestCountByType [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra RequestCountByType [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -591,7 +591,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -604,7 +604,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -616,14 +616,14 @@ "size": 10 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "4", "params": {}, "schema": "radius", - "winlog.api": "count" + "type": "count" } ], "listeners": {}, @@ -644,14 +644,14 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCountByType ECS", - "winlog.api": "line" + "title": "Cassandra RequestCountByType", + "type": "line" } }, - "id": "Cassandra-RequestCountByType-ecs", - "winlog.api": "visualization", + "id": "Cassandra-RequestCountByType", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -668,17 +668,17 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "title": "Cassandra ResponseCountByType [Packetbeat] ECS", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", + "title": "Cassandra ResponseCountByType [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -690,7 +690,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "id": "3", @@ -701,13 +701,13 @@ "size": 10 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "id": "4", "params": {}, "schema": "radius", - "winlog.api": "count" + "type": "count" } ], "listeners": {}, @@ -727,14 +727,14 @@ "times": [], "yAxis": {} }, - "title": "Cassandra: ResponseCountByType ECS", - "winlog.api": "line" + "title": "Cassandra: ResponseCountByType", + "type": "line" } }, - "id": "Cassandra-ResponseCountByType-ecs", - "winlog.api": "visualization", + "id": "Cassandra-ResponseCountByType", + "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -753,24 +753,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -797,16 +797,16 @@ "negate": false, "params": { "query": "QUERY", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "QUERY" }, "query": { "match": { "cassandra.request.headers.op": { "query": "QUERY", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -823,16 +823,16 @@ "negate": true, "params": { "query": "ERROR", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "ERROR" }, "query": { "match": { "cassandra.response.headers.op": { "query": "ERROR", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -862,20 +862,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Cassandra Query Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "Cassandra Query Search [Packetbeat]", + "version": 1 }, - "id": "Cassandra-QueryView-ecs", - "winlog.api": "search", + "id": "Cassandra-QueryView", + "type": "search", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -899,16 +899,16 @@ "negate": false, "params": { "query": "cassandra", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "cassandra" }, "query": { "match": { "event.dataset": { "query": "cassandra", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -920,20 +920,20 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Cassandra Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "Cassandra Search [Packetbeat]", + "version": 1 }, - "id": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", - "winlog.api": "search", + "id": "eaa83e60-190b-11e9-be0d-adde5066235e", + "type": "search", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -952,7 +952,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -961,93 +961,93 @@ "panelsJSON": [ { "col": 10, - "id": "Cassandra-ResponseKeyspace-ecs", + "id": "Cassandra-ResponseKeyspace", "panelIndex": 3, "row": 3, "size_x": 3, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "Cassandra-ResponseType-ecs", + "id": "Cassandra-ResponseType", "panelIndex": 4, "row": 3, "size_x": 3, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Cassandra-ResponseTime-ecs", + "id": "Cassandra-ResponseTime", "panelIndex": 9, "row": 5, "size_x": 12, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 4, - "id": "Cassandra-RequestCount-ecs", + "id": "Cassandra-RequestCount", "panelIndex": 10, "row": 1, "size_x": 9, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 4, - "id": "Cassandra-Ops-ecs", + "id": "Cassandra-Ops", "panelIndex": 11, "row": 3, "size_x": 3, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Cassandra-RequestCountStackByType-ecs", + "id": "Cassandra-RequestCountStackByType", "panelIndex": 15, "row": 7, "size_x": 12, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Cassandra-ResponseCountStackByType-ecs", + "id": "Cassandra-ResponseCountStackByType", "panelIndex": 16, "row": 9, "size_x": 12, "size_y": 2, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Cassandra-RequestCountByType-ecs", + "id": "Cassandra-RequestCountByType", "panelIndex": 17, "row": 11, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "Cassandra-ResponseCountByType-ecs", + "id": "Cassandra-ResponseCountByType", "panelIndex": 18, "row": 11, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": 19, "row": 1, "size_x": 3, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, @@ -1057,7 +1057,7 @@ "cassandra.response.result.rows.meta.table", "cassandra.response.result.rows.num_rows" ], - "id": "Cassandra-QueryView-ecs", + "id": "Cassandra-QueryView", "panelIndex": 20, "row": 14, "size_x": 12, @@ -1066,11 +1066,11 @@ "@timestamp", "desc" ], - "winlog.api": "search" + "type": "search" } ], "timeRestore": false, - "title": "[Packetbeat] Cassandra ECS", + "title": "[Packetbeat] Cassandra", "uiStateJSON": { "P-10": { "vis": { @@ -1088,13 +1088,13 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "Packetbeat-Cassandra-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-Cassandra", + "type": "dashboard", "updated_at": "2019-01-18T23:49:20.964Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json index 367adb6e86b4..b273b09b4c3f 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json @@ -6,9 +6,9 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Message Types over Time [Packetbeat DHCPv4] ECS", + "title": "Message Types over Time [Packetbeat DHCPv4]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -20,7 +20,7 @@ } ], "drop_last_bucket": 1, - "filter": "winlog.api:dhcpv4", + "filter": "type:dhcpv4", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "ignore_global_filter": 0, "index_pattern": "packetbeat-*", @@ -31,7 +31,7 @@ "chart_type": "line", "color": "#68BC00", "fill": 0.5, - "filter": "NOT dhcpv4.option.message_winlog.api:nak NOT dhcpv4.option.message_winlog.api:decline", + "filter": "NOT dhcpv4.option.message_type:nak NOT dhcpv4.option.message_type:decline", "formatter": "number", "id": "8abe6eb0-8ba9-11e8-ae15-bdcba81344e6", "label": "Response", @@ -39,7 +39,7 @@ "metrics": [ { "id": "8abe6eb1-8ba9-11e8-ae15-bdcba81344e6", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, @@ -53,7 +53,7 @@ "chart_type": "line", "color": "rgba(244,78,59,1)", "fill": 0.5, - "filter": "dhcpv4.option.message_winlog.api:nak", + "filter": "dhcpv4.option.message_type:nak", "formatter": "number", "id": "ae5610d0-8ba9-11e8-ae15-bdcba81344e6", "label": "nak", @@ -61,7 +61,7 @@ "metrics": [ { "id": "ae5610d1-8ba9-11e8-ae15-bdcba81344e6", - "winlog.api": "count" + "type": "count" } ], "point_size": "3", @@ -75,7 +75,7 @@ "chart_type": "line", "color": "rgba(244,78,59,1)", "fill": 0.5, - "filter": "dhcpv4.option.message_winlog.api:decline", + "filter": "dhcpv4.option.message_type:decline", "formatter": "number", "id": "cf7ba180-8ba9-11e8-ae15-bdcba81344e6", "label": "decline", @@ -83,7 +83,7 @@ "metrics": [ { "id": "cf7ba181-8ba9-11e8-ae15-bdcba81344e6", - "winlog.api": "count" + "type": "count" } ], "point_size": "3", @@ -96,16 +96,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Message Types over Time [Packetbeat DHCPv4] ECS", - "winlog.api": "metrics" + "title": "Message Types over Time [Packetbeat DHCPv4]", + "type": "metrics" } }, - "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", - "winlog.api": "visualization", + "id": "8460fcd0-8baa-11e8-9676-ef67484126fb", + "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -115,14 +115,14 @@ "filter": [], "query": { "language": "kuery", - "query": "dhcpv4.option.message_winlog.api:nak OR dhcpv4.option.message_winlog.api:decline" + "query": "dhcpv4.option.message_type:nak OR dhcpv4.option.message_type:decline" } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", - "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", + "title": "NAK and Decline Count [Packetbeat DHCPv4]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -130,7 +130,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -159,16 +159,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", - "winlog.api": "metric" + "title": "NAK and Decline Count [Packetbeat DHCPv4]", + "type": "metric" } }, - "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", - "winlog.api": "visualization", + "id": "4ad9db20-8bab-11e8-9676-ef67484126fb", + "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -182,10 +182,10 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", - "title": "Message Types [Packetbeat DHCPv4] ECS", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", + "title": "Message Types [Packetbeat DHCPv4]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -193,7 +193,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -210,7 +210,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -227,7 +227,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -241,16 +241,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Message Types [Packetbeat DHCPv4] ECS", - "winlog.api": "pie" + "title": "Message Types [Packetbeat DHCPv4]", + "type": "pie" } }, - "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", - "winlog.api": "visualization", + "id": "418dfbe0-8bac-11e8-9676-ef67484126fb", + "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -281,16 +281,16 @@ "negate": false, "params": { "query": "dhcpv4", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "dhcpv4" }, "query": { "match": { "event.dataset": { "query": "dhcpv4", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -302,20 +302,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "DHCPv4 [Packetbeat] ECS", - "winlog.version": 1 + "title": "DHCPv4 [Packetbeat]", + "version": 1 }, - "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", - "winlog.api": "search", + "id": "b8992150-8ba8-11e8-9676-ef67484126fb", + "type": "search", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -329,10 +329,10 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", - "title": "Transaction Count [Packetbeat DHCPv4] ECS", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", + "title": "Transaction Count [Packetbeat DHCPv4]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -343,7 +343,7 @@ "field": "dhcpv4.transaction_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -372,16 +372,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Transaction Count [Packetbeat DHCPv4] ECS", - "winlog.api": "metric" + "title": "Transaction Count [Packetbeat DHCPv4]", + "type": "metric" } }, - "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", - "winlog.api": "visualization", + "id": "d0120dc0-8bac-11e8-9676-ef67484126fb", + "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -395,10 +395,10 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", - "title": "Client Count [Packetbeat DHCPv4] ECS", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", + "title": "Client Count [Packetbeat DHCPv4]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -409,7 +409,7 @@ "field": "dhcpv4.client_mac" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -438,16 +438,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Client Count [Packetbeat DHCPv4] ECS", - "winlog.api": "metric" + "title": "Client Count [Packetbeat DHCPv4]", + "type": "metric" } }, - "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", - "winlog.api": "visualization", + "id": "11d33ea0-8bad-11e8-9676-ef67484126fb", + "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -461,10 +461,10 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", - "title": "Data Transfer [Packetbeat DHCPv4] ECS", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", + "title": "Data Transfer [Packetbeat DHCPv4]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -475,7 +475,7 @@ "field": "client.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -485,7 +485,7 @@ "field": "server.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" } ], "params": { @@ -514,16 +514,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Data Transfer [Packetbeat DHCPv4] ECS", - "winlog.api": "metric" + "title": "Data Transfer [Packetbeat DHCPv4]", + "type": "metric" } }, - "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", - "winlog.api": "visualization", + "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb", + "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -537,7 +537,7 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -555,10 +555,10 @@ "x": 0, "y": 7 }, - "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", + "id": "8460fcd0-8baa-11e8-9676-ef67484126fb", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -569,10 +569,10 @@ "x": 0, "y": 0 }, - "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", + "id": "4ad9db20-8bab-11e8-9676-ef67484126fb", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -583,10 +583,10 @@ "x": 37, "y": 0 }, - "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", + "id": "418dfbe0-8bac-11e8-9676-ef67484126fb", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -597,10 +597,10 @@ "x": 0, "y": 16 }, - "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "id": "b8992150-8ba8-11e8-9676-ef67484126fb", "panelIndex": "5", - "winlog.api": "search", - "winlog.version": "6.3.0" + "type": "search", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -611,10 +611,10 @@ "x": 8, "y": 0 }, - "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", + "id": "d0120dc0-8bac-11e8-9676-ef67484126fb", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -625,10 +625,10 @@ "x": 16, "y": 0 }, - "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", + "id": "11d33ea0-8bad-11e8-9676-ef67484126fb", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -639,21 +639,21 @@ "x": 24, "y": 0 }, - "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", + "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" } ], "timeRestore": false, - "title": "[Packetbeat] DHCPv4 ECS", - "winlog.version": 1 + "title": "[Packetbeat] DHCPv4", + "version": 1 }, - "id": "a7b35890-8baa-11e8-9676-ef67484126fb-ecs", - "winlog.api": "dashboard", + "id": "a7b35890-8baa-11e8-9676-ef67484126fb", + "type": "dashboard", "updated_at": "2019-01-18T23:49:22.006Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json index 2d514085d2a6..1bd84d87367e 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Query Summary [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Query Summary [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -33,7 +33,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -43,7 +43,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -53,7 +53,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -84,16 +84,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "DNS Query Summary [Packetbeat] ECS", - "winlog.api": "metric" + "title": "DNS Query Summary [Packetbeat]", + "type": "metric" } }, - "id": "DNS-Query-Summary-ecs", - "winlog.api": "visualization", + "id": "DNS-Query-Summary", + "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -108,8 +108,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Request Status Over Time [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Request Status Over Time [Packetbeat]", "uiStateJSON": { "vis": { "colors": { @@ -118,7 +118,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -126,7 +126,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -141,7 +141,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -157,7 +157,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -173,12 +173,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -201,7 +201,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -209,7 +209,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -225,26 +225,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "DNS Request Status Over Time [Packetbeat] ECS", - "winlog.api": "area" + "title": "DNS Request Status Over Time [Packetbeat]", + "type": "area" } }, - "id": "DNS-Request-Status-Over-Time-ecs", - "winlog.api": "visualization", + "id": "DNS-Request-Status-Over-Time", + "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -264,10 +264,10 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Question Types [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Question Types [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -275,7 +275,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -291,7 +291,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -306,16 +306,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "DNS Question Types [Packetbeat] ECS", - "winlog.api": "pie" + "title": "DNS Question Types [Packetbeat]", + "type": "pie" } }, - "id": "DNS-Question-Types-ecs", - "winlog.api": "visualization", + "id": "DNS-Question-Types", + "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -335,16 +335,16 @@ "negate": false, "params": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -370,8 +370,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Top 10 Questions [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Top 10 Questions [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -382,7 +382,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -390,7 +390,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -407,7 +407,7 @@ "size": 30 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -421,14 +421,14 @@ }, "totalFunc": "sum" }, - "title": "DNS Top 10 Questions [Packetbeat] ECS", - "winlog.api": "table" + "title": "DNS Top 10 Questions [Packetbeat]", + "type": "table" } }, - "id": "DNS-Top-10-Questions-ecs", - "winlog.api": "visualization", + "id": "DNS-Top-10-Questions", + "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -456,8 +456,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Response Codes [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Response Codes [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -468,7 +468,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -476,7 +476,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -493,7 +493,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -507,14 +507,14 @@ }, "totalFunc": "sum" }, - "title": "DNS Response Codes [Packetbeat] ECS", - "winlog.api": "table" + "title": "DNS Response Codes [Packetbeat]", + "type": "table" } }, - "id": "DNS-Response-Codes-ecs", - "winlog.api": "visualization", + "id": "DNS-Response-Codes", + "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -528,8 +528,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat]", "uiStateJSON": { "vis": { "colors": { @@ -539,7 +539,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -555,7 +555,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -565,7 +565,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "min" + "type": "min" }, { "enabled": true, @@ -575,7 +575,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -585,7 +585,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "max" + "type": "max" } ], "params": { @@ -601,12 +601,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -627,7 +627,7 @@ "mode": "stacked", "show": true, "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" }, { @@ -640,7 +640,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" }, { @@ -653,12 +653,12 @@ "mode": "stacked", "show": true, "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -672,25 +672,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Average event.duration" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat] ECS", - "winlog.api": "area" + "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat]", + "type": "area" } }, - "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", - "winlog.api": "visualization", + "id": "735d25c0-1459-11e9-9de0-f98d1808db8e", + "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -704,10 +704,10 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Client and Servers Pie Chart [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -715,7 +715,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -732,7 +732,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -749,7 +749,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -763,16 +763,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", - "winlog.api": "pie" + "title": "DNS Client and Servers Pie Chart [Packetbeat]", + "type": "pie" } }, - "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", - "winlog.api": "visualization", + "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e", + "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -799,16 +799,16 @@ "negate": false, "params": { "query": "dns", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "dns" }, "query": { "match": { "network.protocol": { "query": "dns", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -833,20 +833,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat] ECS", - "winlog.version": 1 + "title": "DNS Protocol [Packetbeat]", + "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "winlog.api": "search", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -876,10 +876,10 @@ "x": 0, "y": 0 }, - "id": "DNS-Query-Summary-ecs", + "id": "DNS-Query-Summary", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -890,10 +890,10 @@ "x": 24, "y": 0 }, - "id": "DNS-Request-Status-Over-Time-ecs", + "id": "DNS-Request-Status-Over-Time", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -904,10 +904,10 @@ "x": 0, "y": 15 }, - "id": "DNS-Question-Types-ecs", + "id": "DNS-Question-Types", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -918,10 +918,10 @@ "x": 0, "y": 30 }, - "id": "DNS-Top-10-Questions-ecs", + "id": "DNS-Top-10-Questions", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -932,10 +932,10 @@ "x": 24, "y": 30 }, - "id": "DNS-Response-Codes-ecs", + "id": "DNS-Response-Codes", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -946,10 +946,10 @@ "x": 24, "y": 15 }, - "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", + "id": "735d25c0-1459-11e9-9de0-f98d1808db8e", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -960,21 +960,21 @@ "x": 13, "y": 15 }, - "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", + "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] DNS Overview ECS", - "winlog.version": 1 + "title": "[Packetbeat] DNS Overview", + "version": 1 }, - "id": "65120940-1454-11e9-9de0-f98d1808db8e-ecs", - "winlog.api": "dashboard", + "id": "65120940-1454-11e9-9de0-f98d1808db8e", + "type": "dashboard", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json index 6511a8bb887d..10fc0e2cf1a8 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "Unique FQDNs per eTLD+1 ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "Unique FQDNs per eTLD+1", "uiStateJSON": { "vis": { "colors": { @@ -18,7 +18,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -29,7 +29,7 @@ "field": "dns.question.name" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -42,7 +42,7 @@ "size": 20 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -59,14 +59,14 @@ "times": [], "yAxis": {} }, - "title": "Unique FQDNs per eTLD+1 ECS", - "winlog.api": "histogram" + "title": "Unique FQDNs per eTLD+1", + "type": "histogram" } }, - "id": "Unique-FQDNs-per-eTLD 1-ecs", - "winlog.api": "visualization", + "id": "Unique-FQDNs-per-eTLD 1", + "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -76,8 +76,8 @@ "filter": [] } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "Unique FQDNs per eTLD+1 Table ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "Unique FQDNs per eTLD+1 Table", "uiStateJSON": { "vis": { "params": { @@ -88,7 +88,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -98,7 +98,7 @@ "customLabel": "" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -111,7 +111,7 @@ "size": 20 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -121,7 +121,7 @@ "field": "dns.question.name" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "listeners": {}, @@ -136,14 +136,14 @@ }, "totalFunc": "sum" }, - "title": "Unique FQDNs per eTLD+1 Table ECS", - "winlog.api": "table" + "title": "Unique FQDNs per eTLD+1 Table", + "type": "table" } }, - "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", - "winlog.api": "visualization", + "id": "Unique-FQDNs-per-eTLD 1-Table", + "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -157,8 +157,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "Bytes Transferred per Domain ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "Bytes Transferred per Domain", "uiStateJSON": { "vis": { "colors": { @@ -169,7 +169,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -180,7 +180,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -197,7 +197,7 @@ "size": 20 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -207,7 +207,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" } ], "params": { @@ -223,12 +223,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": true, @@ -249,7 +249,7 @@ }, "mode": "normal", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" }, { @@ -259,14 +259,14 @@ }, "mode": "normal", "show": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -282,26 +282,26 @@ "defaultYExtents": true, "mode": "grouped", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Bytes Transferred per Domain ECS", - "winlog.api": "histogram" + "title": "Bytes Transferred per Domain", + "type": "histogram" } }, - "id": "Bytes-Transferred-per-Domain-ecs", - "winlog.api": "visualization", + "id": "Bytes-Transferred-per-Domain", + "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -315,13 +315,13 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "winlog.api:dns" + "query": "type:dns" } } } } }, - "title": "Top Domains by Data Volume ECS", + "title": "Top Domains by Data Volume", "uiStateJSON": { "vis": { "params": { @@ -332,7 +332,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -343,7 +343,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -360,7 +360,7 @@ "size": 20 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -370,7 +370,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" } ], "params": { @@ -384,14 +384,14 @@ }, "totalFunc": "sum" }, - "title": "Top Domains by Data Volume ECS", - "winlog.api": "table" + "title": "Top Domains by Data Volume", + "type": "table" } }, - "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", - "winlog.api": "visualization", + "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d", + "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -418,16 +418,16 @@ "negate": false, "params": { "query": "dns", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "dns" }, "query": { "match": { "network.protocol": { "query": "dns", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -452,20 +452,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat] ECS", - "winlog.version": 1 + "title": "DNS Protocol [Packetbeat]", + "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "winlog.api": "search", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -477,9 +477,9 @@ "highlightAll": true, "query": { "language": "lucene", - "query": "NOT dns.question.winlog.api:PTR" + "query": "NOT dns.question.type:PTR" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -510,10 +510,10 @@ "x": 0, "y": 0 }, - "id": "Unique-FQDNs-per-eTLD 1-ecs", + "id": "Unique-FQDNs-per-eTLD 1", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -533,10 +533,10 @@ "x": 0, "y": 35 }, - "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", + "id": "Unique-FQDNs-per-eTLD 1-Table", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -551,10 +551,10 @@ "x": 0, "y": 20 }, - "id": "Bytes-Transferred-per-Domain-ecs", + "id": "Bytes-Transferred-per-Domain", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -574,21 +574,21 @@ "x": 24, "y": 35 }, - "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", + "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] DNS Tunneling ECS", - "winlog.version": 1 + "title": "[Packetbeat] DNS Tunneling", + "version": 1 }, - "id": "DNS-Unique-Domains-ecs", - "winlog.api": "dashboard", + "id": "DNS-Unique-Domains", + "type": "dashboard", "updated_at": "2019-01-18T23:49:23.036Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json index 52b48ea3a4bd..231114356807 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search-ecs", - "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", + "savedSearchId": "Packetbeat-Flows-Search", + "title": "Top Hosts Creating Traffic [Packetbeat Flows]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -26,7 +26,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -41,7 +41,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -58,7 +58,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -74,12 +74,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -102,7 +102,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -110,7 +110,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -126,26 +126,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", - "winlog.api": "area" + "title": "Top Hosts Creating Traffic [Packetbeat Flows]", + "type": "area" } }, - "id": "Top-hosts-creating-traffic-ecs", - "winlog.api": "visualization", + "id": "Top-hosts-creating-traffic", + "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -164,24 +164,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -195,10 +195,10 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search-ecs", - "title": "Connections over time [Packetbeat Flows] ECS", + "savedSearchId": "Packetbeat-Flows-Search", + "title": "Connections over time [Packetbeat Flows]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -209,7 +209,7 @@ "field": "flow.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -224,7 +224,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -240,12 +240,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -268,7 +268,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -276,7 +276,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -292,26 +292,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Connections over time [Packetbeat Flows] ECS", - "winlog.api": "area" + "title": "Connections over time [Packetbeat Flows]", + "type": "area" } }, - "id": "Connections-over-time-ecs", - "winlog.api": "visualization", + "id": "Connections-over-time", + "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -325,10 +325,10 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search-ecs", - "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", + "savedSearchId": "Packetbeat-Flows-Search", + "title": "Top Hosts Receiving Traffic [Packetbeat Flows]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -339,7 +339,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -354,7 +354,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -371,7 +371,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -387,12 +387,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -415,7 +415,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -423,7 +423,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -439,26 +439,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", - "winlog.api": "area" + "title": "Top Hosts Receiving Traffic [Packetbeat Flows]", + "type": "area" } }, - "id": "Top-hosts-receiving-traffic-ecs", - "winlog.api": "visualization", + "id": "Top-hosts-receiving-traffic", + "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -472,8 +472,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search-ecs", - "title": "Network Traffic Between Hosts [Packetbeat Flows] ECS", + "savedSearchId": "Packetbeat-Flows-Search", + "title": "Network Traffic Between Hosts [Packetbeat Flows]", "uiStateJSON": { "vis": { "params": { @@ -484,7 +484,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -495,7 +495,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -505,7 +505,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -522,7 +522,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -539,7 +539,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -553,19 +553,19 @@ }, "totalFunc": "sum" }, - "title": "Network Traffic Between Hosts [Packetbeat Flows] ECS", - "winlog.api": "table" + "title": "Network Traffic Between Hosts [Packetbeat Flows]", + "type": "table" } }, - "id": "Network-traffic-between-your-hosts-ecs", - "winlog.api": "visualization", + "id": "Network-traffic-between-your-hosts", + "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ - "winlog.api", + "type", "event.start", "event.end", "source.ip", @@ -600,24 +600,24 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "winlog.api: flow" + "query": "type: flow" } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Flows Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "Flows Search [Packetbeat]", + "version": 1 }, - "id": "Packetbeat-Flows-Search-ecs", - "winlog.api": "search", + "id": "Packetbeat-Flows-Search", + "type": "search", "updated_at": "2019-01-18T23:49:25.168Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -631,7 +631,7 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -646,10 +646,10 @@ "x": 0, "y": 25 }, - "id": "Top-hosts-creating-traffic-ecs", + "id": "Top-hosts-creating-traffic", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -659,10 +659,10 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -672,10 +672,10 @@ "x": 12, "y": 0 }, - "id": "Connections-over-time-ecs", + "id": "Connections-over-time", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -685,10 +685,10 @@ "x": 24, "y": 25 }, - "id": "Top-hosts-receiving-traffic-ecs", + "id": "Top-hosts-receiving-traffic", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -708,21 +708,21 @@ "x": 0, "y": 60 }, - "id": "Network-traffic-between-your-hosts-ecs", + "id": "Network-traffic-between-your-hosts", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] Flows ECS", - "winlog.version": 1 + "title": "[Packetbeat] Flows", + "version": 1 }, - "id": "Packetbeat-Flows-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-Flows", + "type": "dashboard", "updated_at": "2019-01-18T23:49:25.168Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json index e5d8911530c8..0f0034d7c69b 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "title": "HTTP Transactions [Packetbeat] ECS", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "title": "HTTP Transactions [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -54,12 +54,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -80,14 +80,14 @@ }, "mode": "stacked", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -103,26 +103,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "HTTP Transactions [Packetbeat] ECS", - "winlog.api": "histogram" + "title": "HTTP Transactions [Packetbeat]", + "type": "histogram" } }, - "id": "Web-transactions-ecs", - "winlog.api": "visualization", + "id": "Web-transactions", + "type": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -138,20 +138,20 @@ "alias": null, "disabled": false, "index": "packetbeat-*", - "key": "winlog.api", + "key": "type", "negate": false, "params": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -180,19 +180,19 @@ } } }, - "title": "HTTP error codes [Packetbeat] ECS", + "title": "HTTP error codes [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "enabled": true, "id": "1", "params": { - "field": "winlog.api" + "field": "type" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -209,7 +209,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -225,12 +225,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -251,14 +251,14 @@ }, "mode": "stacked", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -274,26 +274,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "HTTP error codes [Packetbeat] ECS", - "winlog.api": "histogram" + "title": "HTTP error codes [Packetbeat]", + "type": "histogram" } }, - "id": "HTTP-error-codes-ecs", - "winlog.api": "visualization", + "id": "HTTP-error-codes", + "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -313,16 +313,16 @@ "negate": false, "params": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -341,7 +341,7 @@ "gte": 200, "lt": 299 }, - "winlog.api": "range", + "type": "range", "value": "200 to 299" }, "range": { @@ -370,9 +370,9 @@ } } }, - "title": "HTTP error codes evolution [Packetbeat] ECS", + "title": "HTTP error codes evolution [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -380,7 +380,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -395,7 +395,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -412,7 +412,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -428,12 +428,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -460,7 +460,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -469,7 +469,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -485,26 +485,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "HTTP error codes evolution [Packetbeat] ECS", - "winlog.api": "line" + "title": "HTTP error codes evolution [Packetbeat]", + "type": "line" } }, - "id": "HTTP-error-codes-evolution-ecs", - "winlog.api": "visualization", + "id": "HTTP-error-codes-evolution", + "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -523,24 +523,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -554,10 +554,10 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "title": "Total number of HTTP transactions [Packetbeat] ECS", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "title": "Total number of HTTP transactions [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -565,7 +565,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -596,16 +596,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Total number of HTTP transactions [Packetbeat] ECS", - "winlog.api": "metric" + "title": "Total number of HTTP transactions [Packetbeat]", + "type": "metric" } }, - "id": "Total-number-of-HTTP-transactions-ecs", - "winlog.api": "visualization", + "id": "Total-number-of-HTTP-transactions", + "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -619,10 +619,10 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "title": "HTTP status codes for the top queries [Packetbeat] ECS", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "title": "HTTP status codes for the top queries [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -630,7 +630,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -648,7 +648,7 @@ "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -665,7 +665,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -680,16 +680,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "HTTP status codes for the top queries [Packetbeat] ECS", - "winlog.api": "pie" + "title": "HTTP status codes for the top queries [Packetbeat]", + "type": "pie" } }, - "id": "HTTP-codes-for-the-top-queries-ecs", - "winlog.api": "visualization", + "id": "HTTP-codes-for-the-top-queries", + "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -703,8 +703,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "title": "Top 10 HTTP requests [Packetbeat] ECS", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "title": "Top 10 HTTP requests [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -715,7 +715,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -723,7 +723,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -739,7 +739,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -753,14 +753,14 @@ }, "totalFunc": "sum" }, - "title": "Top 10 HTTP requests [Packetbeat] ECS", - "winlog.api": "table" + "title": "Top 10 HTTP requests [Packetbeat]", + "type": "table" } }, - "id": "Top-10-HTTP-requests-ecs", - "winlog.api": "visualization", + "id": "Top-10-HTTP-requests", + "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -784,16 +784,16 @@ "negate": false, "params": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -805,20 +805,20 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "HTTP Transactions Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "HTTP Transactions Search [Packetbeat]", + "version": 1 }, - "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "search", + "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "type": "search", "updated_at": "2019-01-19T00:21:43.886Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -837,7 +837,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -852,10 +852,10 @@ "x": 12, "y": 0 }, - "id": "Web-transactions-ecs", + "id": "Web-transactions", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -865,10 +865,10 @@ "x": 0, "y": 35 }, - "id": "HTTP-error-codes-ecs", + "id": "HTTP-error-codes", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -878,10 +878,10 @@ "x": 24, "y": 35 }, - "id": "HTTP-error-codes-evolution-ecs", + "id": "HTTP-error-codes-evolution", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -891,10 +891,10 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -911,10 +911,10 @@ "x": 0, "y": 20 }, - "id": "Total-number-of-HTTP-transactions-ecs", + "id": "Total-number-of-HTTP-transactions", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -924,10 +924,10 @@ "x": 12, "y": 20 }, - "id": "HTTP-codes-for-the-top-queries-ecs", + "id": "HTTP-codes-for-the-top-queries", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -947,21 +947,21 @@ "x": 0, "y": 50 }, - "id": "Top-10-HTTP-requests-ecs", + "id": "Top-10-HTTP-requests", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] HTTP ECS", - "winlog.version": 1 + "title": "[Packetbeat] HTTP", + "version": 1 }, - "id": "Packetbeat-HTTP-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-HTTP", + "type": "dashboard", "updated_at": "2019-01-18T23:49:26.207Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json index e84ce2d1f935..71e509b05f4c 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json @@ -17,24 +17,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -48,10 +48,10 @@ } } }, - "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", - "title": "MongoDB errors [Packetbeat] ECS", + "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", + "title": "MongoDB errors [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -59,7 +59,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -74,7 +74,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -91,7 +91,7 @@ "size": 3 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -107,7 +107,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -123,12 +123,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -155,7 +155,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -165,7 +165,7 @@ "smoothLines": false, "spyPerPage": 10, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -181,26 +181,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MongoDB errors [Packetbeat] ECS", - "winlog.api": "line" + "title": "MongoDB errors [Packetbeat]", + "type": "line" } }, - "id": "MongoDB-errors-ecs", - "winlog.api": "visualization", + "id": "MongoDB-errors", + "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -214,10 +214,10 @@ } } }, - "savedSearchId": "MongoDB-transactions-ecs", - "title": "MongoDB Commands [Packetbeat] ECS", + "savedSearchId": "MongoDB-transactions", + "title": "MongoDB Commands [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -225,7 +225,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -240,7 +240,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -256,7 +256,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -272,12 +272,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -300,7 +300,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -308,7 +308,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -324,26 +324,26 @@ "defaultYExtents": false, "mode": "silhouette", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MongoDB Commands [Packetbeat] ECS", - "winlog.api": "area" + "title": "MongoDB Commands [Packetbeat]", + "type": "area" } }, - "id": "MongoDB-commands-ecs", - "winlog.api": "visualization", + "id": "MongoDB-commands", + "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -357,10 +357,10 @@ } } }, - "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", - "title": "MongoDB errors per collection [Packetbeat] ECS", + "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", + "title": "MongoDB errors per collection [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -368,7 +368,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -383,7 +383,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -399,7 +399,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -415,12 +415,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -447,7 +447,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -457,7 +457,7 @@ "smoothLines": false, "spyPerPage": 10, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -473,26 +473,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MongoDB errors per collection [Packetbeat] ECS", - "winlog.api": "line" + "title": "MongoDB errors per collection [Packetbeat]", + "type": "line" } }, - "id": "MongoDB-errors-per-collection-ecs", - "winlog.api": "visualization", + "id": "MongoDB-errors-per-collection", + "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -506,10 +506,10 @@ } } }, - "savedSearchId": "MongoDB-transactions-ecs", - "title": "MongoDB in/out throughput [Packetbeat] ECS", + "savedSearchId": "MongoDB-transactions", + "title": "MongoDB in/out throughput [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -519,7 +519,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -534,7 +534,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -543,7 +543,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" } ], "params": { @@ -559,12 +559,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -591,7 +591,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -604,7 +604,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -613,7 +613,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -629,26 +629,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MongoDB in/out throughput [Packetbeat] ECS", - "winlog.api": "line" + "title": "MongoDB in/out throughput [Packetbeat]", + "type": "line" } }, - "id": "MongoDB-in-slash-out-throughput-ecs", - "winlog.api": "visualization", + "id": "MongoDB-in-slash-out-throughput", + "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -662,10 +662,10 @@ } } }, - "savedSearchId": "MongoDB-transactions-ecs", - "title": "MongoDB response times by collection [Packetbeat] ECS", + "savedSearchId": "MongoDB-transactions", + "title": "MongoDB response times by collection [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -678,7 +678,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -693,7 +693,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -709,14 +709,14 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "4", "params": {}, "schema": "radius", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -732,12 +732,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -764,7 +764,7 @@ "radiusRatio": "9", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -773,7 +773,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -789,26 +789,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MongoDB response times by collection [Packetbeat] ECS", - "winlog.api": "line" + "title": "MongoDB response times by collection [Packetbeat]", + "type": "line" } }, - "id": "MongoDB-response-times-by-collection-ecs", - "winlog.api": "visualization", + "id": "MongoDB-response-times-by-collection", + "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -822,8 +822,8 @@ } } }, - "savedSearchId": "MongoDB-transactions-ecs", - "title": "Top slowest MongoDB queries [Packetbeat] ECS", + "savedSearchId": "MongoDB-transactions", + "title": "Top slowest MongoDB queries [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -834,7 +834,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -847,7 +847,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -863,7 +863,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -877,14 +877,14 @@ }, "totalFunc": "sum" }, - "title": "Top slowest MongoDB queries [Packetbeat] ECS", - "winlog.api": "table" + "title": "Top slowest MongoDB queries [Packetbeat]", + "type": "table" } }, - "id": "Top-slowest-MongoDB-queries-ecs", - "winlog.api": "visualization", + "id": "Top-slowest-MongoDB-queries", + "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -898,10 +898,10 @@ } } }, - "savedSearchId": "MongoDB-transactions-with-write-concern-0-ecs", - "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", + "savedSearchId": "MongoDB-transactions-with-write-concern-0", + "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -909,7 +909,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -924,14 +924,14 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": {}, "schema": "radius", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -947,12 +947,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -979,7 +979,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -988,7 +988,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -1004,26 +1004,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", - "winlog.api": "line" + "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat]", + "type": "line" } }, - "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", - "winlog.api": "visualization", + "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0", + "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1043,20 +1043,20 @@ "alias": null, "disabled": false, "index": "packetbeat-*", - "key": "winlog.api", + "key": "type", "negate": false, "params": { "query": "mongodb", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "mongodb" }, "query": { "match": { - "winlog.api": { + "type": { "query": "mongodb", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1073,16 +1073,16 @@ "negate": true, "params": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1094,26 +1094,26 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "MongoDB errors [Packetbeat] ECS", - "winlog.version": 1 + "title": "MongoDB errors [Packetbeat]", + "version": 1 }, - "id": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "search", + "id": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", + "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status", @@ -1136,16 +1136,16 @@ "negate": false, "params": { "query": "mongodb", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "mongodb" }, "query": { "match": { "event.dataset": { "query": "mongodb", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1174,26 +1174,26 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "MongoDB Transaction Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "MongoDB Transaction Search [Packetbeat]", + "version": 1 }, - "id": "MongoDB-transactions-ecs", - "winlog.api": "search", + "id": "MongoDB-transactions", + "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status", @@ -1216,16 +1216,16 @@ "negate": false, "params": { "query": "mongodb", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "mongodb" }, "query": { "match": { "event.dataset": { "query": "mongodb", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1254,20 +1254,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "MongoDB transactions with write concern 0 [Packetbeat] ECS", - "winlog.version": 1 + "title": "MongoDB transactions with write concern 0 [Packetbeat]", + "version": 1 }, - "id": "MongoDB-transactions-with-write-concern-0-ecs", - "winlog.api": "search", + "id": "MongoDB-transactions-with-write-concern-0", + "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1281,7 +1281,7 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1296,10 +1296,10 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1309,10 +1309,10 @@ "x": 12, "y": 0 }, - "id": "MongoDB-errors-ecs", + "id": "MongoDB-errors", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1322,10 +1322,10 @@ "x": 32, "y": 0 }, - "id": "MongoDB-commands-ecs", + "id": "MongoDB-commands", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1335,10 +1335,10 @@ "x": 0, "y": 20 }, - "id": "MongoDB-errors-per-collection-ecs", + "id": "MongoDB-errors-per-collection", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1348,10 +1348,10 @@ "x": 16, "y": 20 }, - "id": "MongoDB-in-slash-out-throughput-ecs", + "id": "MongoDB-in-slash-out-throughput", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1361,10 +1361,10 @@ "x": 0, "y": 35 }, - "id": "MongoDB-response-times-by-collection-ecs", + "id": "MongoDB-response-times-by-collection", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1384,10 +1384,10 @@ "x": 32, "y": 35 }, - "id": "Top-slowest-MongoDB-queries-ecs", + "id": "Top-slowest-MongoDB-queries", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1397,21 +1397,21 @@ "x": 32, "y": 20 }, - "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", + "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] MongoDB ECS", - "winlog.version": 1 + "title": "[Packetbeat] MongoDB", + "version": 1 }, - "id": "Packetbeat-MongoDB-performance-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-MongoDB-performance", + "type": "dashboard", "updated_at": "2019-01-18T23:49:27.239Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json index 500c9a4d49f8..6ac6876e0583 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "MySQL-errors-ecs", - "title": "MySQL Errors [Packetbeat] ECS", + "savedSearchId": "MySQL-errors", + "title": "MySQL Errors [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -54,12 +54,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -82,7 +82,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -90,7 +90,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -106,26 +106,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MySQL Errors [Packetbeat] ECS", - "winlog.api": "area" + "title": "MySQL Errors [Packetbeat]", + "type": "area" } }, - "id": "MySQL-Errors-ecs", - "winlog.api": "visualization", + "id": "MySQL-Errors", + "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -139,10 +139,10 @@ } } }, - "savedSearchId": "MySQL-Transactions-ecs", - "title": "MySQL Methods [Packetbeat] ECS", + "savedSearchId": "MySQL-Transactions", + "title": "MySQL Methods [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -150,7 +150,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -165,7 +165,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -181,7 +181,7 @@ "size": 20 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -197,12 +197,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -225,7 +225,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -233,7 +233,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -249,26 +249,26 @@ "defaultYExtents": false, "mode": "wiggle", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MySQL Methods [Packetbeat] ECS", - "winlog.api": "area" + "title": "MySQL Methods [Packetbeat]", + "type": "area" } }, - "id": "MySQL-Methods-ecs", - "winlog.api": "visualization", + "id": "MySQL-Methods", + "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -287,24 +287,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -318,10 +318,10 @@ } } }, - "savedSearchId": "MySQL-Transactions-ecs", - "title": "MySQL throughput [Packetbeat] ECS", + "savedSearchId": "MySQL-Transactions", + "title": "MySQL throughput [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -331,7 +331,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -340,7 +340,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -355,7 +355,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -371,12 +371,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -395,7 +395,7 @@ }, "mode": "normal", "show": "true", - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -405,13 +405,13 @@ }, "mode": "normal", "show": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -427,25 +427,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "MySQL throughput [Packetbeat] ECS", - "winlog.api": "line" + "title": "MySQL throughput [Packetbeat]", + "type": "line" } }, - "id": "MySQL-throughput-ecs", - "winlog.api": "visualization", + "id": "MySQL-throughput", + "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -455,17 +455,17 @@ "filter": [] } }, - "savedSearchId": "MySQL-Transactions-ecs", - "title": "Most frequent MySQL queries ECS", + "savedSearchId": "MySQL-Transactions", + "title": "Most frequent MySQL queries", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -476,7 +476,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -485,14 +485,14 @@ "showMeticsAtAllLevels": false, "showPartialRows": false }, - "title": "Most frequent MySQL queries ECS", - "winlog.api": "table" + "title": "Most frequent MySQL queries", + "type": "table" } }, - "id": "Most-frequent-MySQL-queries-ecs", - "winlog.api": "visualization", + "id": "Most-frequent-MySQL-queries", + "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "MySQL-Transactions-ecs", - "title": "Slowest MySQL queries ECS", + "savedSearchId": "MySQL-Transactions", + "title": "Slowest MySQL queries", "uiStateJSON": { "vis": { "params": { @@ -518,7 +518,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -529,7 +529,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -545,7 +545,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -559,14 +559,14 @@ }, "totalFunc": "sum" }, - "title": "Slowest MySQL queries ECS", - "winlog.api": "table" + "title": "Slowest MySQL queries", + "type": "table" } }, - "id": "Slowest-MySQL-queries-ecs", - "winlog.api": "visualization", + "id": "Slowest-MySQL-queries", + "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -580,10 +580,10 @@ } } }, - "savedSearchId": "MySQL-Transactions-ecs", - "title": "Mysql response times percentiles [Packetbeat] ECS", + "savedSearchId": "MySQL-Transactions", + "title": "Mysql response times percentiles [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -598,7 +598,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -613,7 +613,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -629,12 +629,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -653,13 +653,13 @@ }, "mode": "normal", "show": "true", - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -675,25 +675,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Mysql response times percentiles [Packetbeat] ECS", - "winlog.api": "line" + "title": "Mysql response times percentiles [Packetbeat]", + "type": "line" } }, - "id": "Mysql-response-times-percentiles-ecs", - "winlog.api": "visualization", + "id": "Mysql-response-times-percentiles", + "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -707,10 +707,10 @@ } } }, - "savedSearchId": "MySQL-Transactions-ecs", - "title": "MySQL Reads vs Writes [Packetbeat] ECS", + "savedSearchId": "MySQL-Transactions", + "title": "MySQL Reads vs Writes [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -718,7 +718,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -733,7 +733,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -758,7 +758,7 @@ ] }, "schema": "group", - "winlog.api": "filters" + "type": "filters" } ], "params": { @@ -774,14 +774,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -806,7 +806,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -814,7 +814,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -828,32 +828,32 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "MySQL Reads vs Writes [Packetbeat] ECS", - "winlog.api": "area" + "title": "MySQL Reads vs Writes [Packetbeat]", + "type": "area" } }, - "id": "MySQL-Reads-vs-Writes-ecs", - "winlog.api": "visualization", + "id": "MySQL-Reads-vs-Writes", + "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status" @@ -875,16 +875,16 @@ "negate": true, "params": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -901,16 +901,16 @@ "negate": false, "params": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "mysql" }, "query": { "match": { "event.dataset": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -938,26 +938,26 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "MySQL Errors Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "MySQL Errors Search [Packetbeat]", + "version": 1 }, - "id": "MySQL-errors-ecs", - "winlog.api": "search", + "id": "MySQL-errors", + "type": "search", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status" @@ -975,20 +975,20 @@ "alias": null, "disabled": false, "index": "packetbeat-*", - "key": "winlog.api", + "key": "type", "negate": false, "params": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "mysql" }, "query": { "match": { - "winlog.api": { + "type": { "query": "mysql", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1016,20 +1016,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "MySQL Transactions [Packetbeat] ECS", - "winlog.version": 1 + "title": "MySQL Transactions [Packetbeat]", + "version": 1 }, - "id": "MySQL-Transactions-ecs", - "winlog.api": "search", + "id": "MySQL-Transactions", + "type": "search", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1048,7 +1048,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1063,10 +1063,10 @@ "x": 12, "y": 0 }, - "id": "MySQL-Errors-ecs", + "id": "MySQL-Errors", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1076,10 +1076,10 @@ "x": 32, "y": 0 }, - "id": "MySQL-Methods-ecs", + "id": "MySQL-Methods", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1089,10 +1089,10 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1102,10 +1102,10 @@ "x": 24, "y": 35 }, - "id": "MySQL-throughput-ecs", + "id": "MySQL-throughput", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1125,10 +1125,10 @@ "x": 0, "y": 50 }, - "id": "Most-frequent-MySQL-queries-ecs", + "id": "Most-frequent-MySQL-queries", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1148,10 +1148,10 @@ "x": 24, "y": 50 }, - "id": "Slowest-MySQL-queries-ecs", + "id": "Slowest-MySQL-queries", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1161,10 +1161,10 @@ "x": 0, "y": 20 }, - "id": "Mysql-response-times-percentiles-ecs", + "id": "Mysql-response-times-percentiles", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1174,21 +1174,21 @@ "x": 0, "y": 35 }, - "id": "MySQL-Reads-vs-Writes-ecs", + "id": "MySQL-Reads-vs-Writes", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] MySQL performance ECS", - "winlog.version": 1 + "title": "[Packetbeat] MySQL performance", + "version": 1 }, - "id": "Packetbeat-MySQL-performance-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-MySQL-performance", + "type": "dashboard", "updated_at": "2019-01-18T23:49:28.266Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json index 567f76028fe4..019ea1fff1d8 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "nfs-ecs", - "title": "NFS clients pie chart [Packetbeat] ECS", + "savedSearchId": "nfs", + "title": "NFS clients pie chart [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -39,7 +39,7 @@ "size": 16 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -54,16 +54,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "NFS clients pie chart [Packetbeat] ECS", - "winlog.api": "pie" + "title": "NFS clients pie chart [Packetbeat]", + "type": "pie" } }, - "id": "NFS-clients-pie-chart-ecs", - "winlog.api": "visualization", + "id": "NFS-clients-pie-chart", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -73,17 +73,17 @@ "filter": [] } }, - "savedSearchId": "nfs-ecs", - "title": "NFS operations area chart ECS", + "savedSearchId": "nfs", + "title": "NFS operations area chart", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -94,7 +94,7 @@ "size": 16 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" }, { "id": "3", @@ -106,7 +106,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "listeners": {}, @@ -124,14 +124,14 @@ "times": [], "yAxis": {} }, - "title": "NFS operations area chart ECS", - "winlog.api": "area" + "title": "NFS operations area chart", + "type": "area" } }, - "id": "NFS-operations-area-chart-ecs", - "winlog.api": "visualization", + "id": "NFS-operations-area-chart", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -145,10 +145,10 @@ } } }, - "savedSearchId": "nfs-ecs", - "title": "NFS top group pie chart [Packetbeat] ECS", + "savedSearchId": "nfs", + "title": "NFS top group pie chart [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -156,7 +156,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -172,7 +172,7 @@ "size": 16 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -187,16 +187,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "NFS top group pie chart [Packetbeat] ECS", - "winlog.api": "pie" + "title": "NFS top group pie chart [Packetbeat]", + "type": "pie" } }, - "id": "NFS-top-group-pie-chart-ecs", - "winlog.api": "visualization", + "id": "NFS-top-group-pie-chart", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -210,10 +210,10 @@ } } }, - "savedSearchId": "nfs-ecs", - "title": "NFS top users pie chart [Packetbeat] ECS", + "savedSearchId": "nfs", + "title": "NFS top users pie chart [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -221,7 +221,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -237,7 +237,7 @@ "size": 16 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -252,16 +252,16 @@ }, "legendPosition": "right", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "NFS top users pie chart [Packetbeat] ECS", - "winlog.api": "pie" + "title": "NFS top users pie chart [Packetbeat]", + "type": "pie" } }, - "id": "NFS-top-users-pie-chart-ecs", - "winlog.api": "visualization", + "id": "NFS-top-users-pie-chart", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -275,10 +275,10 @@ } } }, - "savedSearchId": "nfs-ecs", - "title": "NFS response times [Packetbeat] ECS", + "savedSearchId": "nfs", + "title": "NFS response times [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -291,7 +291,7 @@ ] }, "schema": "metric", - "winlog.api": "median" + "type": "median" }, { "enabled": true, @@ -306,7 +306,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -322,12 +322,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": true, @@ -354,7 +354,7 @@ "radiusRatio": "9", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -363,7 +363,7 @@ "showCircles": true, "smoothLines": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -379,26 +379,26 @@ "defaultYExtents": true, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Median event.duration" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "NFS response times [Packetbeat] ECS", - "winlog.api": "line" + "title": "NFS response times [Packetbeat]", + "type": "line" } }, - "id": "NFS-response-times-ecs", - "winlog.api": "visualization", + "id": "NFS-response-times", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -412,10 +412,10 @@ } } }, - "savedSearchId": "NFS-errors-search-ecs", - "title": "NFS errors [Packetbeat] ECS", + "savedSearchId": "NFS-errors-search", + "title": "NFS errors [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -423,7 +423,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -438,7 +438,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -454,7 +454,7 @@ "size": 12 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -470,12 +470,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -498,7 +498,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -506,7 +506,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -522,26 +522,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "NFS errors [Packetbeat] ECS", - "winlog.api": "area" + "title": "NFS errors [Packetbeat]", + "type": "area" } }, - "id": "NFS-errors-ecs", - "winlog.api": "visualization", + "id": "NFS-errors", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -555,8 +555,8 @@ } } }, - "savedSearchId": "nfs-ecs", - "title": "NFS operation table [Packetbeat] ECS", + "savedSearchId": "nfs", + "title": "NFS operation table [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -567,7 +567,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -578,7 +578,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -595,14 +595,14 @@ "size": 16 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "3", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -616,14 +616,14 @@ }, "totalFunc": "sum" }, - "title": "NFS operation table [Packetbeat] ECS", - "winlog.api": "table" + "title": "NFS operation table [Packetbeat]", + "type": "table" } }, - "id": "NFS-operation-table-ecs", - "winlog.api": "visualization", + "id": "NFS-operation-table", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -637,8 +637,8 @@ } } }, - "savedSearchId": "nfs-ecs", - "title": "NFS Request / Response Sizes [Packetbeat] ECS", + "savedSearchId": "nfs", + "title": "NFS Request / Response Sizes [Packetbeat]", "uiStateJSON": { "vis": { "colors": { @@ -646,7 +646,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -657,7 +657,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -667,7 +667,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -682,7 +682,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -698,12 +698,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -730,7 +730,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -743,7 +743,7 @@ "mode": "normal", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -752,7 +752,7 @@ "showCircles": true, "smoothLines": false, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -768,26 +768,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "NFS Request / Response Sizes [Packetbeat] ECS", - "winlog.api": "line" + "title": "NFS Request / Response Sizes [Packetbeat]", + "type": "line" } }, - "id": "NFS-bytes-in-slash-out-ecs", - "winlog.api": "visualization", + "id": "NFS-bytes-in-slash-out", + "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -806,24 +806,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -846,17 +846,17 @@ "key": "event.dataset", "negate": false, "params": { - "query": "nfs-ecs", - "winlog.api": "phrase" + "query": "nfs", + "type": "phrase" }, - "winlog.api": "phrase", - "value": "nfs-ecs" + "type": "phrase", + "value": "nfs" }, "query": { "match": { "event.dataset": { - "query": "nfs-ecs", - "winlog.api": "phrase" + "query": "nfs", + "type": "phrase" } } } @@ -886,20 +886,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "NFS Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "NFS Search [Packetbeat]", + "version": 1 }, - "id": "nfs-ecs", - "winlog.api": "search", + "id": "nfs", + "type": "search", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -923,16 +923,16 @@ "negate": true, "params": { "query": "NFSERR_NOENT", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "NFSERR_NOENT" }, "query": { "match": { "nfs.status": { "query": "NFSERR_NOENT", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -949,16 +949,16 @@ "negate": true, "params": { "query": "NFS_OK", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "NFS_OK" }, "query": { "match": { "nfs.status": { "query": "NFS_OK", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -974,17 +974,17 @@ "key": "event.dataset", "negate": false, "params": { - "query": "nfs-ecs", - "winlog.api": "phrase" + "query": "nfs", + "type": "phrase" }, - "winlog.api": "phrase", - "value": "nfs-ecs" + "type": "phrase", + "value": "nfs" }, "query": { "match": { "event.dataset": { - "query": "nfs-ecs", - "winlog.api": "phrase" + "query": "nfs", + "type": "phrase" } } } @@ -1014,20 +1014,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "NFS Error Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "NFS Error Search [Packetbeat]", + "version": 1 }, - "id": "NFS-errors-search-ecs", - "winlog.api": "search", + "id": "NFS-errors-search", + "type": "search", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1041,7 +1041,7 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1061,10 +1061,10 @@ "x": 16, "y": 0 }, - "id": "NFS-clients-pie-chart-ecs", + "id": "NFS-clients-pie-chart", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1074,10 +1074,10 @@ "x": 0, "y": 55 }, - "id": "NFS-operations-area-chart-ecs", + "id": "NFS-operations-area-chart", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1098,10 +1098,10 @@ "x": 32, "y": 0 }, - "id": "NFS-top-group-pie-chart-ecs", + "id": "NFS-top-group-pie-chart", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1116,10 +1116,10 @@ "x": 32, "y": 10 }, - "id": "NFS-top-users-pie-chart-ecs", + "id": "NFS-top-users-pie-chart", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1134,10 +1134,10 @@ "x": 24, "y": 25 }, - "id": "NFS-response-times-ecs", + "id": "NFS-response-times", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1147,10 +1147,10 @@ "x": 24, "y": 40 }, - "id": "NFS-errors-ecs", + "id": "NFS-errors", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1170,10 +1170,10 @@ "x": 24, "y": 55 }, - "id": "NFS-operation-table-ecs", + "id": "NFS-operation-table", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1188,10 +1188,10 @@ "x": 0, "y": 25 }, - "id": "NFS-bytes-in-slash-out-ecs", + "id": "NFS-bytes-in-slash-out", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1201,21 +1201,21 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] NFS ECS", - "winlog.version": 1 + "title": "[Packetbeat] NFS", + "version": 1 }, - "id": "Packetbeat-NFS-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-NFS", + "type": "dashboard", "updated_at": "2019-01-18T23:49:29.316Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json index 5b794e94bb09..0a9fa49a58a0 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "title": "HTTP Transactions [Packetbeat] ECS", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "title": "HTTP Transactions [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -38,7 +38,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -54,12 +54,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -80,14 +80,14 @@ }, "mode": "stacked", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -103,26 +103,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "HTTP Transactions [Packetbeat] ECS", - "winlog.api": "histogram" + "title": "HTTP Transactions [Packetbeat]", + "type": "histogram" } }, - "id": "Web-transactions-ecs", - "winlog.api": "visualization", + "id": "Web-transactions", + "type": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -142,16 +142,16 @@ "negate": true, "params": { "query": "flow", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "flow" }, "query": { "match": { "event.type": { "query": "flow", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -164,9 +164,9 @@ } } }, - "title": "Transaction Types [Packetbeat] ECS", + "title": "Transaction Types [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -174,7 +174,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -189,7 +189,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -205,7 +205,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -221,12 +221,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -247,14 +247,14 @@ }, "mode": "stacked", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -270,26 +270,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Transaction Types [Packetbeat] ECS", - "winlog.api": "histogram" + "title": "Transaction Types [Packetbeat]", + "type": "histogram" } }, - "id": "DB-transactions-ecs", - "winlog.api": "visualization", + "id": "DB-transactions", + "type": "visualization", "updated_at": "2019-01-19T00:20:54.634Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -303,10 +303,10 @@ } } }, - "savedSearchId": "Packetbeat-Search-ecs", - "title": "Response times percentiles [Packetbeat] ECS", + "savedSearchId": "Packetbeat-Search", + "title": "Response times percentiles [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -321,7 +321,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -336,7 +336,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -352,12 +352,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -384,7 +384,7 @@ "radiusRatio": 9, "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], @@ -393,7 +393,7 @@ "showCircles": true, "smoothLines": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -409,26 +409,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Response times percentiles [Packetbeat] ECS", - "winlog.api": "line" + "title": "Response times percentiles [Packetbeat]", + "type": "line" } }, - "id": "Response-times-percentiles-ecs", - "winlog.api": "visualization", + "id": "Response-times-percentiles", + "type": "visualization", "updated_at": "2019-01-19T00:01:49.340Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -438,17 +438,17 @@ "filter": [] } }, - "savedSearchId": "Transactions-errors-ecs", - "title": "Errors count over time ECS", + "savedSearchId": "Transactions-errors", + "title": "Errors count over time", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -460,18 +460,18 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "id": "3", "params": { - "field": "winlog.api", + "field": "type", "order": "desc", "orderBy": "1", "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -487,14 +487,14 @@ "times": [], "yAxis": {} }, - "title": "New Visualization ECS", - "winlog.api": "histogram" + "title": "New Visualization", + "type": "histogram" } }, - "id": "Errors-count-over-time-ecs", - "winlog.api": "visualization", + "id": "Errors-count-over-time", + "type": "visualization", "updated_at": "2019-01-18T23:49:30.350Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -508,10 +508,10 @@ } } }, - "savedSearchId": "Packetbeat-Search-ecs", - "title": "Errors vs successful transactions [Packetbeat] ECS", + "savedSearchId": "Packetbeat-Search", + "title": "Errors vs successful transactions [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -519,7 +519,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -534,7 +534,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -550,7 +550,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -566,12 +566,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -592,14 +592,14 @@ }, "mode": "stacked", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -615,26 +615,26 @@ "defaultYExtents": false, "mode": "percentage", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Errors vs successful transactions [Packetbeat] ECS", - "winlog.api": "histogram" + "title": "Errors vs successful transactions [Packetbeat]", + "type": "histogram" } }, - "id": "Errors-vs-successful-transactions-ecs", - "winlog.api": "visualization", + "id": "Errors-vs-successful-transactions", + "type": "visualization", "updated_at": "2019-01-19T00:02:24.071Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -648,10 +648,10 @@ } } }, - "savedSearchId": "Packetbeat-Search-ecs", - "title": "Latency Histogram [Packetbeat] ECS", + "savedSearchId": "Packetbeat-Search", + "title": "Latency Histogram [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -659,7 +659,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -670,7 +670,7 @@ "interval": 10000000 }, "schema": "segment", - "winlog.api": "histogram" + "type": "histogram" } ], "params": { @@ -686,12 +686,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -714,7 +714,7 @@ "interpolate": "cardinal", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -722,7 +722,7 @@ "shareYAxis": true, "smoothLines": true, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -738,26 +738,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Latency Histogram [Packetbeat] ECS", - "winlog.api": "area" + "title": "Latency Histogram [Packetbeat]", + "type": "area" } }, - "id": "Latency-histogram-ecs", - "winlog.api": "visualization", + "id": "Latency-histogram", + "type": "visualization", "updated_at": "2019-01-19T00:03:54.084Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -777,14 +777,14 @@ } } }, - "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat] ECS", + "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat]", "uiStateJSON": { "mapCenter": [ 0, -0.17578125 ] }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -792,7 +792,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -820,7 +820,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -848,7 +848,7 @@ "layers": "0", "styles": "", "transparent": true, - "winlog.version": "1.3.0" + "version": "1.3.0" }, "selectedTmsLayer": { "attribution": "\u003cp\u003e\u0026#169; \u003ca href=\"http://www.openstreetmap.org/copyright\"\u003eOpenStreetMap\u003c/a\u003e contributors | \u003ca href=\"https://www.elastic.co/elastic-maps-service\"\u003eElastic Maps Service\u003c/a\u003e\u003c/p\u003e\u0026#10;", @@ -860,14 +860,14 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat] ECS", - "winlog.api": "tile_map" + "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat]", + "type": "tile_map" } }, - "id": "Client-locations-ecs", - "winlog.api": "visualization", + "id": "Client-locations", + "type": "visualization", "updated_at": "2019-01-18T23:52:42.404Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -881,10 +881,10 @@ } } }, - "savedSearchId": "Packetbeat-Search-ecs", - "title": "Response times repartition [Packetbeat] ECS", + "savedSearchId": "Packetbeat-Search", + "title": "Response times repartition [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -892,7 +892,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -907,7 +907,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -918,7 +918,7 @@ "interval": 10000000 }, "schema": "group", - "winlog.api": "histogram" + "type": "histogram" } ], "params": { @@ -934,12 +934,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -960,14 +960,14 @@ }, "mode": "stacked", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -983,26 +983,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Response times repartition [Packetbeat] ECS", - "winlog.api": "histogram" + "title": "Response times repartition [Packetbeat]", + "type": "histogram" } }, - "id": "Response-times-repartition-ecs", - "winlog.api": "visualization", + "id": "Response-times-repartition", + "type": "visualization", "updated_at": "2019-01-19T00:00:32.530Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1021,24 +1021,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -1052,10 +1052,10 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "title": "DNS Transactions [Packetbeat] ECS", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "title": "DNS Transactions [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1066,7 +1066,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -1081,14 +1081,14 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, "id": "3", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -1104,12 +1104,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1130,7 +1130,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" }, { @@ -1144,12 +1144,12 @@ "mode": "stacked", "show": true, "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-2" } ], "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -1163,14 +1163,14 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Avg Response Time" }, - "winlog.api": "value" + "type": "value" }, { "id": "ValueAxis-2", @@ -1184,25 +1184,25 @@ "position": "right", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "DNS Transactions [Packetbeat] ECS", - "winlog.api": "area" + "title": "DNS Transactions [Packetbeat]", + "type": "area" } }, - "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", - "winlog.api": "visualization", + "id": "e3f09730-1b80-11e9-83df-75eebb35951e", + "type": "visualization", "updated_at": "2019-01-19T00:29:49.161Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -1216,8 +1216,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "title": "TLS Sessions [Packetbeat] ECS", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "title": "TLS Sessions [Packetbeat]", "uiStateJSON": { "vis": { "colors": { @@ -1227,7 +1227,7 @@ "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1235,7 +1235,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -1249,7 +1249,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -1263,7 +1263,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -1279,12 +1279,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1305,12 +1305,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -1324,25 +1324,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "TLS Sessions ECS", - "winlog.api": "histogram" + "title": "TLS Sessions", + "type": "histogram" } }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", - "winlog.api": "visualization", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1366,16 +1366,16 @@ "negate": false, "params": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "http" }, "query": { "match": { "network.protocol": { "query": "http", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1387,20 +1387,20 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "HTTP Transactions Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "HTTP Transactions Search [Packetbeat]", + "version": 1 }, - "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", - "winlog.api": "search", + "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "type": "search", "updated_at": "2019-01-19T00:21:43.886Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -1432,16 +1432,16 @@ "negate": true, "params": { "query": "flow", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "flow" }, "query": { "match": { "event.dataset": { "query": "flow", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1466,20 +1466,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Packetbeat Search ECS", - "winlog.version": 1 + "title": "Packetbeat Search", + "version": 1 }, - "id": "Packetbeat-Search-ecs", - "winlog.api": "search", + "id": "Packetbeat-Search", + "type": "search", "updated_at": "2019-01-19T00:01:10.720Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1511,16 +1511,16 @@ "negate": true, "params": { "query": "flow", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "flow" }, "query": { "match": { "event.dataset": { "query": "flow", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1537,16 +1537,16 @@ "negate": true, "params": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1571,20 +1571,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Transactions Errors Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "Transactions Errors Search [Packetbeat]", + "version": 1 }, - "id": "Transactions-errors-ecs", - "winlog.api": "search", + "id": "Transactions-errors", + "type": "search", "updated_at": "2019-01-19T00:05:18.965Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -1611,16 +1611,16 @@ "negate": false, "params": { "query": "dns", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "dns" }, "query": { "match": { "network.protocol": { "query": "dns", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1645,20 +1645,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat] ECS", - "winlog.version": 1 + "title": "DNS Protocol [Packetbeat]", + "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", - "winlog.api": "search", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1683,7 +1683,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -1699,20 +1699,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "TLS Sessions [Packetbeat] ECS", - "winlog.version": 1 + "title": "TLS Sessions [Packetbeat]", + "version": 1 }, - "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "winlog.api": "search", + "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1726,7 +1726,7 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1741,10 +1741,10 @@ "x": 12, "y": 20 }, - "id": "Web-transactions-ecs", + "id": "Web-transactions", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1754,10 +1754,10 @@ "x": 36, "y": 20 }, - "id": "DB-transactions-ecs", + "id": "DB-transactions", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1767,10 +1767,10 @@ "x": 0, "y": 45 }, - "id": "Response-times-percentiles-ecs", + "id": "Response-times-percentiles", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1780,10 +1780,10 @@ "x": 0, "y": 60 }, - "id": "Errors-count-over-time-ecs", + "id": "Errors-count-over-time", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1793,10 +1793,10 @@ "x": 24, "y": 45 }, - "id": "Errors-vs-successful-transactions-ecs", + "id": "Errors-vs-successful-transactions", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1806,10 +1806,10 @@ "x": 24, "y": 60 }, - "id": "Latency-histogram-ecs", + "id": "Latency-histogram", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1843,10 +1843,10 @@ "x": 12, "y": 0 }, - "id": "Client-locations-ecs", + "id": "Client-locations", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1856,10 +1856,10 @@ "x": 0, "y": 30 }, - "id": "Response-times-repartition-ecs", + "id": "Response-times-repartition", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1869,10 +1869,10 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -1883,10 +1883,10 @@ "x": 0, "y": 20 }, - "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", + "id": "e3f09730-1b80-11e9-83df-75eebb35951e", "panelIndex": "12", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": {}, @@ -1897,21 +1897,21 @@ "x": 24, "y": 20 }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", "panelIndex": "13", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] Overview ECS", - "winlog.version": 1 + "title": "[Packetbeat] Overview", + "version": 1 }, - "id": "Packetbeat-Dashboard-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-Dashboard", + "type": "dashboard", "updated_at": "2019-01-19T00:31:53.357Z", - "winlog.version": 5 + "version": 5 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json index d959c09de9a9..c0d6cf2db8eb 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json @@ -17,24 +17,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -48,10 +48,10 @@ } } }, - "savedSearchId": "PgSQL-errors-ecs", - "title": "PgSQL Errors [Packetbeat] ECS", + "savedSearchId": "PgSQL-errors", + "title": "PgSQL Errors [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -59,7 +59,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -74,7 +74,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -90,12 +90,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -118,7 +118,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -126,7 +126,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -142,26 +142,26 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "PgSQL Errors [Packetbeat] ECS", - "winlog.api": "area" + "title": "PgSQL Errors [Packetbeat]", + "type": "area" } }, - "id": "PgSQL-Errors-ecs", - "winlog.api": "visualization", + "id": "PgSQL-Errors", + "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -175,10 +175,10 @@ } } }, - "savedSearchId": "PgSQL-transactions-ecs", - "title": "PgSQL Methods [Packetbeat] ECS", + "savedSearchId": "PgSQL-transactions", + "title": "PgSQL Methods [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -186,7 +186,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -201,7 +201,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -217,7 +217,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -233,12 +233,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -261,7 +261,7 @@ "interpolate": "linear", "mode": "stacked", "show": "true", - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -269,7 +269,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -285,26 +285,26 @@ "defaultYExtents": false, "mode": "wiggle", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "PgSQL Methods [Packetbeat] ECS", - "winlog.api": "area" + "title": "PgSQL Methods [Packetbeat]", + "type": "area" } }, - "id": "PgSQL-Methods-ecs", - "winlog.api": "visualization", + "id": "PgSQL-Methods", + "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -318,10 +318,10 @@ } } }, - "savedSearchId": "PgSQL-transactions-ecs", - "title": "PgSQL response times percentiles [Packetbeat] ECS", + "savedSearchId": "PgSQL-transactions", + "title": "PgSQL response times percentiles [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -336,7 +336,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -351,7 +351,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -367,12 +367,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -391,13 +391,13 @@ }, "mode": "normal", "show": "true", - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -413,25 +413,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "PgSQL response times percentiles [Packetbeat] ECS", - "winlog.api": "line" + "title": "PgSQL response times percentiles [Packetbeat]", + "type": "line" } }, - "id": "PgSQL-response-times-percentiles-ecs", - "winlog.api": "visualization", + "id": "PgSQL-response-times-percentiles", + "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -445,10 +445,10 @@ } } }, - "savedSearchId": "PgSQL-transactions-ecs", - "title": "PgSQL Throughput [Packetbeat] ECS", + "savedSearchId": "PgSQL-transactions", + "title": "PgSQL Throughput [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -458,7 +458,7 @@ "field": "destination.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -467,7 +467,7 @@ "field": "source.bytes" }, "schema": "metric", - "winlog.api": "sum" + "type": "sum" }, { "enabled": true, @@ -482,7 +482,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -498,12 +498,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -522,7 +522,7 @@ }, "mode": "normal", "show": "true", - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" }, { @@ -532,13 +532,13 @@ }, "mode": "normal", "show": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -554,25 +554,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "PgSQL Throughput [Packetbeat] ECS", - "winlog.api": "line" + "title": "PgSQL Throughput [Packetbeat]", + "type": "line" } }, - "id": "PgSQL-throughput-ecs", - "winlog.api": "visualization", + "id": "PgSQL-throughput", + "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -586,10 +586,10 @@ } } }, - "savedSearchId": "PgSQL-transactions-ecs", - "title": "PgSQL Reads vs Writes [Packetbeat] ECS", + "savedSearchId": "PgSQL-transactions", + "title": "PgSQL Reads vs Writes [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -597,7 +597,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -612,7 +612,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -637,7 +637,7 @@ ] }, "schema": "group", - "winlog.api": "filters" + "type": "filters" } ], "params": { @@ -653,14 +653,14 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "@timestamp per 30 seconds" }, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -685,7 +685,7 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], @@ -693,7 +693,7 @@ "shareYAxis": true, "smoothLines": false, "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -707,26 +707,26 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "PgSQL Reads vs Writes [Packetbeat] ECS", - "winlog.api": "area" + "title": "PgSQL Reads vs Writes [Packetbeat]", + "type": "area" } }, - "id": "PgSQL-Reads-vs-Writes-ecs", - "winlog.api": "visualization", + "id": "PgSQL-Reads-vs-Writes", + "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -740,8 +740,8 @@ } } }, - "savedSearchId": "PgSQL-transactions-ecs", - "title": "Most frequent PgSQL queries [Packetbeat] ECS", + "savedSearchId": "PgSQL-transactions", + "title": "Most frequent PgSQL queries [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -752,7 +752,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -760,7 +760,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -776,7 +776,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -790,14 +790,14 @@ }, "totalFunc": "sum" }, - "title": "Most frequent PgSQL queries [Packetbeat] ECS", - "winlog.api": "table" + "title": "Most frequent PgSQL queries [Packetbeat]", + "type": "table" } }, - "id": "Most-frequent-PgSQL-queries-ecs", - "winlog.api": "visualization", + "id": "Most-frequent-PgSQL-queries", + "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -811,8 +811,8 @@ } } }, - "savedSearchId": "PgSQL-transactions-ecs", - "title": "Slowest PgSQL Queries [Packetbeat] ECS", + "savedSearchId": "PgSQL-transactions", + "title": "Slowest PgSQL Queries [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -823,7 +823,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -834,7 +834,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -850,7 +850,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -864,20 +864,20 @@ }, "totalFunc": "sum" }, - "title": "Slowest PgSQL Queries [Packetbeat] ECS", - "winlog.api": "table" + "title": "Slowest PgSQL Queries [Packetbeat]", + "type": "table" } }, - "id": "Slowest-PgSQL-queries-ecs", - "winlog.api": "visualization", + "id": "Slowest-PgSQL-queries", + "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status" @@ -899,16 +899,16 @@ "negate": true, "params": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -925,16 +925,16 @@ "negate": false, "params": { "query": "pgsql", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "pgsql" }, "query": { "match": { "event.dataset": { "query": "pgsql", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -957,26 +957,26 @@ "language": "lucene", "query": "*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "PgSQL Errors Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "PgSQL Errors Search [Packetbeat]", + "version": 1 }, - "id": "PgSQL-errors-ecs", - "winlog.api": "search", + "id": "PgSQL-errors", + "type": "search", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status" @@ -998,16 +998,16 @@ "negate": false, "params": { "query": "pgsql", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "pgsql" }, "query": { "match": { "event.dataset": { "query": "pgsql", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1035,20 +1035,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "PgSQL Transactions [Packetbeat] ECS", - "winlog.version": 1 + "title": "PgSQL Transactions [Packetbeat]", + "version": 1 }, - "id": "PgSQL-transactions-ecs", - "winlog.api": "search", + "id": "PgSQL-transactions", + "type": "search", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1067,7 +1067,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1082,10 +1082,10 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1095,10 +1095,10 @@ "x": 12, "y": 0 }, - "id": "PgSQL-Errors-ecs", + "id": "PgSQL-Errors", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1108,10 +1108,10 @@ "x": 32, "y": 0 }, - "id": "PgSQL-Methods-ecs", + "id": "PgSQL-Methods", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1121,10 +1121,10 @@ "x": 0, "y": 20 }, - "id": "PgSQL-response-times-percentiles-ecs", + "id": "PgSQL-response-times-percentiles", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1134,10 +1134,10 @@ "x": 24, "y": 35 }, - "id": "PgSQL-throughput-ecs", + "id": "PgSQL-throughput", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -1147,10 +1147,10 @@ "x": 0, "y": 35 }, - "id": "PgSQL-Reads-vs-Writes-ecs", + "id": "PgSQL-Reads-vs-Writes", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1170,10 +1170,10 @@ "x": 0, "y": 50 }, - "id": "Most-frequent-PgSQL-queries-ecs", + "id": "Most-frequent-PgSQL-queries", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -1193,21 +1193,21 @@ "x": 24, "y": 50 }, - "id": "Slowest-PgSQL-queries-ecs", + "id": "Slowest-PgSQL-queries", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] PgSQL performance ECS", - "winlog.version": 1 + "title": "[Packetbeat] PgSQL performance", + "version": 1 }, - "id": "Packetbeat-PgSQL-performance-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-PgSQL-performance", + "type": "dashboard", "updated_at": "2019-01-18T23:49:31.386Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json index 4cd559589e1c..01f0017cb752 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json @@ -17,24 +17,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -44,17 +44,17 @@ "filter": [] } }, - "savedSearchId": "Thrift-transactions-ecs", - "title": "Thrift requests per minute [Packetbeat] ECS", + "savedSearchId": "Thrift-transactions", + "title": "Thrift requests per minute [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -66,7 +66,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "listeners": {}, @@ -82,14 +82,14 @@ "times": [], "yAxis": {} }, - "title": "Thrift requests per minute ECS", - "winlog.api": "histogram" + "title": "Thrift requests per minute", + "type": "histogram" } }, - "id": "Thrift-requests-per-minute-ecs", - "winlog.api": "visualization", + "id": "Thrift-requests-per-minute", + "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -99,17 +99,17 @@ "filter": [] } }, - "savedSearchId": "Thrift-errors-ecs", - "title": "Thrift RPC Errors [Packetbeat] ECS", + "savedSearchId": "Thrift-errors", + "title": "Thrift RPC Errors [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -121,7 +121,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "listeners": {}, @@ -139,14 +139,14 @@ "times": [], "yAxis": {} }, - "title": "Thrift RPC Errors ECS", - "winlog.api": "area" + "title": "Thrift RPC Errors", + "type": "area" } }, - "id": "Thrift-RPC-Errors-ecs", - "winlog.api": "visualization", + "id": "Thrift-RPC-Errors", + "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -160,8 +160,8 @@ } } }, - "savedSearchId": "Thrift-transactions-ecs", - "title": "Slowest Thrift RPC methods [Packetbeat] ECS", + "savedSearchId": "Thrift-transactions", + "title": "Slowest Thrift RPC methods [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -172,7 +172,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -182,7 +182,7 @@ "field": "event.duration" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -198,7 +198,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -212,14 +212,14 @@ }, "totalFunc": "sum" }, - "title": "Slowest Thrift RPC methods [Packetbeat] ECS", - "winlog.api": "table" + "title": "Slowest Thrift RPC methods [Packetbeat]", + "type": "table" } }, - "id": "Slowest-Thrift-RPC-methods-ecs", - "winlog.api": "visualization", + "id": "Slowest-Thrift-RPC-methods", + "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -233,10 +233,10 @@ } } }, - "savedSearchId": "Thrift-transactions-ecs", - "title": "Thrift response times percentiles [Packetbeat] ECS", + "savedSearchId": "Thrift-transactions", + "title": "Thrift response times percentiles [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -251,7 +251,7 @@ ] }, "schema": "metric", - "winlog.api": "percentiles" + "type": "percentiles" }, { "enabled": true, @@ -266,7 +266,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -282,12 +282,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -306,13 +306,13 @@ }, "mode": "normal", "show": "true", - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "shareYAxis": true, "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -328,25 +328,25 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Percentiles of event.duration" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Thrift response times percentiles [Packetbeat] ECS", - "winlog.api": "line" + "title": "Thrift response times percentiles [Packetbeat]", + "type": "line" } }, - "id": "Thrift-response-times-percentiles-ecs", - "winlog.api": "visualization", + "id": "Thrift-response-times-percentiles", + "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -356,17 +356,17 @@ "filter": [] } }, - "savedSearchId": "Thrift-transactions-ecs", - "title": "Top Thrift-RPC methods [Packetbeat] ECS", + "savedSearchId": "Thrift-transactions", + "title": "Top Thrift-RPC methods [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -377,7 +377,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -393,14 +393,14 @@ "times": [], "yAxis": {} }, - "title": "Top Thrift-RPC methods ECS", - "winlog.api": "histogram" + "title": "Top Thrift-RPC methods", + "type": "histogram" } }, - "id": "Top-Thrift-RPC-methods-ecs", - "winlog.api": "visualization", + "id": "Top-Thrift-RPC-methods", + "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -410,16 +410,16 @@ "filter": [] } }, - "savedSearchId": "Thrift-errors-ecs", - "title": "Top Thrift-RPC calls with errors [Packetbeat] ECS", - "winlog.version": 1, + "savedSearchId": "Thrift-errors", + "title": "Top Thrift-RPC calls with errors [Packetbeat]", + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "id": "2", @@ -430,7 +430,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "listeners": {}, @@ -441,19 +441,19 @@ "mode": "stacked", "shareYAxis": true }, - "winlog.api": "histogram" + "type": "histogram" } }, - "id": "Top-Thrift-RPC-calls-with-errors-ecs", - "winlog.api": "visualization", + "id": "Top-Thrift-RPC-calls-with-errors", + "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status" @@ -475,16 +475,16 @@ "negate": false, "params": { "query": "thrift", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "thrift" }, "query": { "match": { "event.dataset": { "query": "thrift", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -508,30 +508,30 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "winlog.api: thrift" + "query": "type: thrift" } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Thrift Transactions Search [Packetbeat] ECS", - "winlog.version": 1 + "title": "Thrift Transactions Search [Packetbeat]", + "version": 1 }, - "id": "Thrift-transactions-ecs", - "winlog.api": "search", + "id": "Thrift-transactions", + "type": "search", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { "columns": [ "method", - "winlog.api", + "type", "path", "event.duration", "status" @@ -553,16 +553,16 @@ "negate": true, "params": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "OK" }, "query": { "match": { "status": { "query": "OK", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -579,16 +579,16 @@ "negate": false, "params": { "query": "thrift", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "thrift" }, "query": { "match": { "event.dataset": { "query": "thrift", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -612,24 +612,24 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "winlog.api: thrift" + "query": "type: thrift" } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Thrift Errors [Packetbeat] ECS", - "winlog.version": 1 + "title": "Thrift Errors [Packetbeat]", + "version": 1 }, - "id": "Thrift-errors-ecs", - "winlog.api": "search", + "id": "Thrift-errors", + "type": "search", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -648,7 +648,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -657,70 +657,70 @@ "panelsJSON": [ { "col": 1, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": 1, "row": 1, "size_x": 3, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 4, - "id": "Thrift-requests-per-minute-ecs", + "id": "Thrift-requests-per-minute", "panelIndex": 2, "row": 1, "size_x": 5, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 9, - "id": "Thrift-RPC-Errors-ecs", + "id": "Thrift-RPC-Errors", "panelIndex": 3, "row": 1, "size_x": 4, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Slowest-Thrift-RPC-methods-ecs", + "id": "Slowest-Thrift-RPC-methods", "panelIndex": 4, "row": 5, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "Thrift-response-times-percentiles-ecs", + "id": "Thrift-response-times-percentiles", "panelIndex": 5, "row": 5, "size_x": 6, "size_y": 3, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 1, - "id": "Top-Thrift-RPC-methods-ecs", + "id": "Top-Thrift-RPC-methods", "panelIndex": 6, "row": 8, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" }, { "col": 7, - "id": "Top-Thrift-RPC-calls-with-errors-ecs", + "id": "Top-Thrift-RPC-calls-with-errors", "panelIndex": 7, "row": 8, "size_x": 6, "size_y": 4, - "winlog.api": "visualization" + "type": "visualization" } ], "timeRestore": false, - "title": "[Packetbeat] Thrift performance ECS", + "title": "[Packetbeat] Thrift performance", "uiStateJSON": { "P-4": { "vis": { @@ -733,13 +733,13 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "Packetbeat-Thrift-performance-ecs", - "winlog.api": "dashboard", + "id": "Packetbeat-Thrift-performance", + "type": "dashboard", "updated_at": "2019-01-18T23:49:32.418Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json index 2778667d60e6..1d29a4761a42 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json @@ -17,24 +17,24 @@ } } }, - "title": "Navigation [Packetbeat] ECS", + "title": "Navigation [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat] ECS", - "winlog.api": "markdown" + "title": "Navigation [Packetbeat]", + "type": "markdown" } }, - "id": "Navigation-ecs", - "winlog.api": "visualization", + "id": "Navigation", + "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", - "winlog.version": 11 + "version": 11 }, { "attributes": { @@ -48,8 +48,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "title": "TLS Sessions [Packetbeat] ECS", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "title": "TLS Sessions [Packetbeat]", "uiStateJSON": { "vis": { "colors": { @@ -59,7 +59,7 @@ "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -67,7 +67,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -81,7 +81,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -95,7 +95,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -111,12 +111,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -137,12 +137,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -156,25 +156,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "TLS Sessions ECS", - "winlog.api": "histogram" + "title": "TLS Sessions", + "type": "histogram" } }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", - "winlog.api": "visualization", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -192,7 +192,7 @@ "index": "packetbeat-*", "key": "query", "negate": false, - "winlog.api": "custom", + "type": "custom", "value": "{\"exists\":{\"field\":\"tls\"}}" }, "query": { @@ -209,7 +209,7 @@ } } }, - "title": "TLS Alerts [Packetbeat] ECS", + "title": "TLS Alerts [Packetbeat]", "uiStateJSON": { "vis": { "colors": { @@ -218,7 +218,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -226,7 +226,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -240,7 +240,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -248,16 +248,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "TLS Alerts ECS", - "winlog.api": "pie" + "title": "TLS Alerts", + "type": "pie" } }, - "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", - "winlog.api": "visualization", + "id": "c14377a0-d353-11e7-9914-4982455b3063", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -278,7 +278,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -295,7 +295,7 @@ } } }, - "title": "Total Number of TLS Sessions [Packetbeat] ECS", + "title": "Total Number of TLS Sessions [Packetbeat]", "uiStateJSON": { "P-5": { "vis": { @@ -315,7 +315,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -323,7 +323,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -352,16 +352,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Total Number of TLS Sessions ECS", - "winlog.api": "metric" + "title": "Total Number of TLS Sessions", + "type": "metric" } }, - "id": "061de380-d361-11e7-9914-4982455b3063-ecs", - "winlog.api": "visualization", + "id": "061de380-d361-11e7-9914-4982455b3063", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -375,10 +375,10 @@ } } }, - "savedSearchId": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", - "title": "TLS Server Name Indication [Packetbeat] ECS", + "savedSearchId": "94908e80-d2d8-11e7-9914-4982455b3063", + "title": "TLS Server Name Indication [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -386,7 +386,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -399,7 +399,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -409,14 +409,14 @@ "orientation": "single", "scale": "linear" }, - "title": "TLS Server Name Indication ECS", - "winlog.api": "tagcloud" + "title": "TLS Server Name Indication", + "type": "tagcloud" } }, - "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", - "winlog.api": "visualization", + "id": "a28d09d0-d361-11e7-9914-4982455b3063", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -430,10 +430,10 @@ } } }, - "savedSearchId": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", - "title": "TLS Versions [Packetbeat] ECS", + "savedSearchId": "bf3d23b0-d37c-11e7-9914-4982455b3063", + "title": "TLS Versions [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -441,7 +441,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -454,7 +454,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -462,16 +462,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "TLS Versions ECS", - "winlog.api": "pie" + "title": "TLS Versions", + "type": "pie" } }, - "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", - "winlog.api": "visualization", + "id": "0af0b790-d37d-11e7-9914-4982455b3063", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -485,10 +485,10 @@ } } }, - "savedSearchId": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", - "title": "TLS Server Public Key Size [Packetbeat] ECS", + "savedSearchId": "8f0ff590-d37d-11e7-9914-4982455b3063", + "title": "TLS Server Public Key Size [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -496,7 +496,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -509,7 +509,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -517,16 +517,16 @@ "addTooltip": true, "isDonut": true, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Server Public Key Size ECS", - "winlog.api": "pie" + "title": "Server Public Key Size", + "type": "pie" } }, - "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", - "winlog.api": "visualization", + "id": "ae6e33c0-d37d-11e7-9914-4982455b3063", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -540,10 +540,10 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "title": "TLS Session Resume [Packetbeat] ECS", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "title": "TLS Session Resume [Packetbeat]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -551,7 +551,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -569,7 +569,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -583,16 +583,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "TLS Session Resume [Packetbeat] ECS", - "winlog.api": "pie" + "title": "TLS Session Resume [Packetbeat]", + "type": "pie" } }, - "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", - "winlog.api": "visualization", + "id": "2c467370-d392-11e7-8fa0-232aa9259081", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -606,8 +606,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "title": "TLS Server Certificates [Packetbeat] ECS", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "title": "TLS Server Certificates [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -618,7 +618,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -628,7 +628,7 @@ "customLabel": "" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -641,7 +641,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -654,7 +654,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -668,14 +668,14 @@ }, "totalFunc": "sum" }, - "title": "TLS Server Certificates ECS", - "winlog.api": "table" + "title": "TLS Server Certificates", + "type": "table" } }, - "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", - "winlog.api": "visualization", + "id": "0958a910-d396-11e7-8fa0-232aa9259081", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -689,8 +689,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "title": "TLS Client Certificates [Packetbeat] ECS", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "title": "TLS Client Certificates [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -701,7 +701,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -709,7 +709,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -722,7 +722,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -736,7 +736,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -750,14 +750,14 @@ }, "totalFunc": "sum" }, - "title": "TLS Client Certificates ECS", - "winlog.api": "table" + "title": "TLS Client Certificates", + "type": "table" } }, - "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", - "winlog.api": "visualization", + "id": "86743f90-d396-11e7-8fa0-232aa9259081", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -771,8 +771,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "title": "TLS Cipher [Packetbeat] ECS", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "title": "TLS Cipher [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -783,7 +783,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -791,7 +791,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -804,7 +804,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -818,14 +818,14 @@ }, "totalFunc": "sum" }, - "title": "TLS Cipher ECS", - "winlog.api": "table" + "title": "TLS Cipher", + "type": "table" } }, - "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", - "winlog.api": "visualization", + "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -839,8 +839,8 @@ } } }, - "savedSearchId": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b-ecs", - "title": "TLS Fingerprint [Packetbeat] ECS", + "savedSearchId": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b", + "title": "TLS Fingerprint [Packetbeat]", "uiStateJSON": { "vis": { "params": { @@ -851,7 +851,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -859,7 +859,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -872,7 +872,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -886,14 +886,14 @@ }, "totalFunc": "sum" }, - "title": "TLS Fingerprint ECS", - "winlog.api": "table" + "title": "TLS Fingerprint", + "type": "table" } }, - "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", - "winlog.api": "visualization", + "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -915,7 +915,7 @@ "gte": 0, "lt": 1000000000 }, - "winlog.api": "range", + "type": "range", "value": "0 to 1,000,000,000" }, "range": { @@ -932,14 +932,14 @@ } } }, - "savedSearchId": "8e2af860-d520-11e7-9fff-7b1ebf397ba9-ecs", - "title": "TLS Handshake Latency [Packetbeat] ECS", + "savedSearchId": "8e2af860-d520-11e7-9fff-7b1ebf397ba9", + "title": "TLS Handshake Latency [Packetbeat]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -947,7 +947,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -959,7 +959,7 @@ "interval": 2000000 }, "schema": "segment", - "winlog.api": "histogram" + "type": "histogram" } ], "params": { @@ -976,12 +976,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1002,12 +1002,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -1021,25 +1021,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "TLS Handshake Latency ECS", - "winlog.api": "area" + "title": "TLS Handshake Latency", + "type": "area" } }, - "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", - "winlog.api": "visualization", + "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9", + "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1064,7 +1064,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -1080,20 +1080,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "TLS Sessions [Packetbeat] ECS", - "winlog.version": 1 + "title": "TLS Sessions [Packetbeat]", + "version": 1 }, - "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", - "winlog.api": "search", + "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1118,7 +1118,7 @@ "index": "packetbeat-*", "key": "tls.client_hello.extensions.server_name_indication", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -1134,20 +1134,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "TLS Server Name Indication [Packetbeat] ECS", - "winlog.version": 1 + "title": "TLS Server Name Indication [Packetbeat]", + "version": 1 }, - "id": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", - "winlog.api": "search", + "id": "94908e80-d2d8-11e7-9914-4982455b3063", + "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1172,7 +1172,7 @@ "index": "packetbeat-*", "key": "tls.version", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -1188,20 +1188,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "TLS Version [Packetbeat] ECS", - "winlog.version": 1 + "title": "TLS Version [Packetbeat]", + "version": 1 }, - "id": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", - "winlog.api": "search", + "id": "bf3d23b0-d37c-11e7-9914-4982455b3063", + "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1226,7 +1226,7 @@ "index": "packetbeat-*", "key": "tls.server_certificate.public_key_size", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -1242,20 +1242,20 @@ } } }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Server Public Key Size ECS", - "winlog.version": 1 + "title": "Server Public Key Size", + "version": 1 }, - "id": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", - "winlog.api": "search", + "id": "8f0ff590-d37d-11e7-9914-4982455b3063", + "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1280,7 +1280,7 @@ "index": "packetbeat-*", "key": "tls.fingerprints.ja3.hash", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -1291,20 +1291,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "TLS Fingerprint [Packetbeat] ECS", - "winlog.version": 1 + "title": "TLS Fingerprint [Packetbeat]", + "version": 1 }, - "id": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b-ecs", - "winlog.api": "search", + "id": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b", + "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1329,7 +1329,7 @@ "index": "packetbeat-*", "key": "tls.handshake_completed", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } }, @@ -1346,7 +1346,7 @@ "index": "packetbeat-*", "key": "event.duration", "negate": false, - "winlog.api": "exists", + "type": "exists", "value": "exists" } } @@ -1357,24 +1357,24 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "TLS Handshake Latency [Packetbeat] ECS", - "winlog.version": 1 + "title": "TLS Handshake Latency [Packetbeat]", + "version": 1 }, - "id": "8e2af860-d520-11e7-9fff-7b1ebf397ba9-ecs", - "winlog.api": "search", + "id": "8e2af860-d520-11e7-9fff-7b1ebf397ba9", + "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { - "description": "TLS Sessions ECS", + "description": "TLS Sessions", "hits": 0, "kibanaSavedObjectMeta": { "searchSourceJSON": { @@ -1389,7 +1389,7 @@ } } }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -1405,10 +1405,10 @@ "x": 0, "y": 0 }, - "id": "Navigation-ecs", + "id": "Navigation", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1418,10 +1418,10 @@ "x": 3, "y": 0 }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1431,10 +1431,10 @@ "x": 3, "y": 7 }, - "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", + "id": "c14377a0-d353-11e7-9914-4982455b3063", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1444,10 +1444,10 @@ "x": 0, "y": 4 }, - "id": "061de380-d361-11e7-9914-4982455b3063-ecs", + "id": "061de380-d361-11e7-9914-4982455b3063", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1457,10 +1457,10 @@ "x": 0, "y": 10 }, - "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", + "id": "a28d09d0-d361-11e7-9914-4982455b3063", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1470,10 +1470,10 @@ "x": 6, "y": 7 }, - "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", + "id": "0af0b790-d37d-11e7-9914-4982455b3063", "panelIndex": "12", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1483,10 +1483,10 @@ "x": 9, "y": 7 }, - "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", + "id": "ae6e33c0-d37d-11e7-9914-4982455b3063", "panelIndex": "13", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1496,10 +1496,10 @@ "x": 0, "y": 7 }, - "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", + "id": "2c467370-d392-11e7-8fa0-232aa9259081", "panelIndex": "14", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1509,10 +1509,10 @@ "x": 0, "y": 13 }, - "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", + "id": "0958a910-d396-11e7-8fa0-232aa9259081", "panelIndex": "15", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1522,10 +1522,10 @@ "x": 0, "y": 16 }, - "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", + "id": "86743f90-d396-11e7-8fa0-232aa9259081", "panelIndex": "16", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1535,10 +1535,10 @@ "x": 6, "y": 13 }, - "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", + "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961", "panelIndex": "17", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1548,10 +1548,10 @@ "x": 6, "y": 16 }, - "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", + "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b", "panelIndex": "18", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" }, { "gridData": { @@ -1561,14 +1561,14 @@ "x": 3, "y": 4 }, - "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", + "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9", "panelIndex": "19", - "winlog.api": "visualization", - "winlog.version": "6.2.4" + "type": "visualization", + "version": "6.2.4" } ], "timeRestore": false, - "title": "[Packetbeat] TLS Sessions ECS", + "title": "[Packetbeat] TLS Sessions", "uiStateJSON": { "P-15": { "vis": { @@ -1628,13 +1628,13 @@ } } }, - "winlog.version": 1 + "version": 1 }, - "id": "tls-sessions-ecs", - "winlog.api": "dashboard", + "id": "tls-sessions", + "type": "dashboard", "updated_at": "2019-01-18T23:49:33.441Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/script/kibana-migration.py b/script/kibana-migration.py index bd7a8cd39ed2..704ef67807bc 100644 --- a/script/kibana-migration.py +++ b/script/kibana-migration.py @@ -6,7 +6,7 @@ def migration(): print "Start Kibana files migration" print "Migrate all fields to the ECS fields" - migration_fields = read_migration_fields() + migration_fields = read_migration_fields("filebeat") rename_entries(migration_fields) print "Postfix all ids with -ecs" @@ -37,12 +37,14 @@ def get_replaceable_ids(): return ids -def read_migration_fields(): +def read_migration_fields(beat): migration_fields = {} migration_yml = "../dev-tools/ecs-migration.yml" with open(migration_yml, 'r') as f: migration = yaml.safe_load(f) for k in migration: + if "beat" in k and k["beat"] not beat: + continue if "to" in k and "from" in k: if "rename" in k and k["rename"] is False: continue diff --git a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json index 11a83a7f1fcd..82ccb0386409 100644 --- a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json +++ b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json @@ -29,7 +29,7 @@ }, "panelIndex": "1", "panelRefName": "panel_0", - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -41,7 +41,7 @@ }, "panelIndex": "3", "panelRefName": "panel_1", - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" }, { "embeddableConfig": { @@ -63,7 +63,7 @@ }, "panelIndex": "4", "panelRefName": "panel_2", - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -75,7 +75,7 @@ }, "panelIndex": "5", "panelRefName": "panel_3", - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" }, { "gridData": { @@ -87,47 +87,47 @@ }, "panelIndex": "6", "panelRefName": "panel_4", - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "Winlogbeat Dashboard ECS", - "winlog.version": 1 + "title": "Winlogbeat Dashboard", + "version": 1 }, - "id": "Winlogbeat-Dashboard-ecs", + "id": "Winlogbeat-Dashboard", "migrationVersion": { "dashboard": "7.0.0" }, "references": [ { - "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", + "id": "Number-of-Events-Over-Time-By-Event-Log", "name": "panel_0", - "winlog.api": "visualization" + "type": "visualization" }, { - "id": "Number-of-Events-ecs", + "id": "Number-of-Events", "name": "panel_1", - "winlog.api": "visualization" + "type": "visualization" }, { - "id": "Top-Event-IDs-ecs", + "id": "Top-Event-IDs", "name": "panel_2", - "winlog.api": "visualization" + "type": "visualization" }, { - "id": "Event-Levels-ecs", + "id": "Event-Levels", "name": "panel_3", - "winlog.api": "visualization" + "type": "visualization" }, { - "id": "Sources-ecs", + "id": "Sources", "name": "panel_4", - "winlog.api": "visualization" + "type": "visualization" } ], - "winlog.api": "dashboard", + "type": "dashboard", "updated_at": "2019-02-05T19:56:19.932Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -142,9 +142,9 @@ } } }, - "title": "Number of Events Over Time By Channel ECS", + "title": "Number of Events Over Time By Channel", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -152,7 +152,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -173,7 +173,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -190,7 +190,7 @@ "size": 6 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -206,12 +206,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "defaultYExtents": false, @@ -278,14 +278,14 @@ }, "mode": "stacked", "show": "true", - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "setYExtents": false, "shareYAxis": true, "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -301,23 +301,23 @@ "defaultYExtents": false, "mode": "normal", "setYExtents": false, - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ], "yAxis": {} }, - "title": "Number of Events Over Time By Channel ECS", - "winlog.api": "histogram" + "title": "Number of Events Over Time By Channel", + "type": "histogram" } }, - "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", + "id": "Number-of-Events-Over-Time-By-Event-Log", "migrationVersion": { "visualization": "7.0.0" }, @@ -325,12 +325,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -347,26 +347,26 @@ } } }, - "title": "Number of Events ECS", + "title": "Number of Events", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "listeners": {}, "params": { "fontSize": 60 }, - "winlog.api": "metric" + "type": "metric" } }, - "id": "Number-of-Events-ecs", + "id": "Number-of-Events", "migrationVersion": { "visualization": "7.0.0" }, @@ -374,12 +374,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -399,7 +399,7 @@ } } }, - "title": "Top Event IDs ECS", + "title": "Top Event IDs", "uiStateJSON": { "vis": { "params": { @@ -410,7 +410,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -418,7 +418,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -435,7 +435,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -476,11 +476,11 @@ }, "totalFunc": "sum" }, - "title": "Top Event IDs ECS", - "winlog.api": "table" + "title": "Top Event IDs", + "type": "table" } }, - "id": "Top-Event-IDs-ecs", + "id": "Top-Event-IDs", "migrationVersion": { "visualization": "7.0.0" }, @@ -488,12 +488,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -513,7 +513,7 @@ } } }, - "title": "Event Levels ECS", + "title": "Event Levels", "uiStateJSON": { "vis": { "params": { @@ -524,7 +524,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -532,7 +532,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -549,7 +549,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -590,11 +590,11 @@ }, "totalFunc": "sum" }, - "title": "Event Levels ECS", - "winlog.api": "table" + "title": "Event Levels", + "type": "table" } }, - "id": "Event-Levels-ecs", + "id": "Event-Levels", "migrationVersion": { "visualization": "7.0.0" }, @@ -602,12 +602,12 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -627,9 +627,9 @@ } } }, - "title": "Sources (Provider Names) ECS", + "title": "Sources (Provider Names)", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -637,7 +637,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -653,7 +653,7 @@ "size": 7 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -668,13 +668,13 @@ }, "legendPosition": "right", "shareYAxis": true, - "winlog.api": "pie" + "type": "pie" }, - "title": "Sources (Provider Names) ECS", - "winlog.api": "pie" + "title": "Sources (Provider Names)", + "type": "pie" } }, - "id": "Sources-ecs", + "id": "Sources", "migrationVersion": { "visualization": "7.0.0" }, @@ -682,13 +682,13 @@ { "id": "winlogbeat-*", "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "winlog.api": "index-pattern" + "type": "index-pattern" } ], - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-05T19:56:19.932Z", - "winlog.version": 7 + "version": 7 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json index 5a58e5eef6b0..edd1f575b1f7 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Host Count [Auditbeat System] ECS", + "title": "Host Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Host Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Host Count [Auditbeat System]", + "type": "metric" } }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-02-03T20:37:18.796Z", - "winlog.version": 22 + "version": 22 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -133,9 +133,9 @@ } } }, - "title": "OS Distribution [Auditbeat System] ECS", + "title": "OS Distribution [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -145,7 +145,7 @@ "field": "system.audit.host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -162,7 +162,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -178,7 +178,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -192,16 +192,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "OS Distribution [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "OS Distribution [Auditbeat System]", + "type": "pie" } }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-01-21T11:37:35.796Z", - "winlog.version": 24 + "version": 24 }, { "attributes": { @@ -221,16 +221,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -243,9 +243,9 @@ } } }, - "title": "Average Uptime [Auditbeat System] ECS", + "title": "Average Uptime [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -256,7 +256,7 @@ "field": "system.audit.host.uptime" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" } ], "params": { @@ -285,16 +285,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Average Uptime [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Average Uptime [Auditbeat System]", + "type": "metric" } }, - "id": "4d0485f0-18da-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "4d0485f0-18da-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-01-21T11:57:55.023Z", - "winlog.version": 23 + "version": 23 }, { "attributes": { @@ -314,16 +314,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -336,9 +336,9 @@ } } }, - "title": "Host Documents [Auditbeat System] ECS", + "title": "Host Documents [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -348,7 +348,7 @@ "customLabel": "Host States" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -364,7 +364,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -380,12 +380,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -405,12 +405,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -424,25 +424,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Host States" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Host Documents [Auditbeat System] ECS", - "winlog.api": "histogram" + "title": "Host Documents [Auditbeat System]", + "type": "histogram" } }, - "id": "eea92ad0-18d7-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "eea92ad0-18d7-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-02-04T09:26:47.877Z", - "winlog.version": 22 + "version": 22 }, { "attributes": { @@ -462,16 +462,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -484,7 +484,7 @@ } } }, - "title": "Host List [Auditbeat System] ECS", + "title": "Host List [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -495,7 +495,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -513,7 +513,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -527,7 +527,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -541,7 +541,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -555,7 +555,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -569,7 +569,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -583,7 +583,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" } ], "params": { @@ -597,14 +597,14 @@ }, "totalFunc": "sum" }, - "title": "Host List [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Host List [Auditbeat System]", + "type": "table" } }, - "id": "91962a30-1901-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "91962a30-1901-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-01-21T11:58:22.519Z", - "winlog.version": 25 + "version": 25 }, { "attributes": { @@ -630,16 +630,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -651,20 +651,20 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Host Events [Auditbeat System] ECS", - "winlog.version": 1 + "title": "Host Events [Auditbeat System]", + "version": 1 }, - "id": "abe78cd0-18ca-11e9-9094-c50574723088-ecs", - "winlog.api": "search", + "id": "abe78cd0-18ca-11e9-9094-c50574723088", + "type": "search", "updated_at": "2019-02-04T09:31:20.533Z", - "winlog.version": 6 + "version": 6 }, { "attributes": { @@ -678,24 +678,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System] ECS", + "title": "Dashboard Links [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboard Links [Auditbeat System]", + "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -725,10 +725,10 @@ "x": 0, "y": 4 }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -739,10 +739,10 @@ "x": 31, "y": 4 }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", + "id": "9dd991a0-18cb-11e9-9094-c50574723088", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -753,10 +753,10 @@ "x": 15, "y": 4 }, - "id": "4d0485f0-18da-11e9-9094-c50574723088-ecs", + "id": "4d0485f0-18da-11e9-9094-c50574723088", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -767,10 +767,10 @@ "x": 0, "y": 14 }, - "id": "eea92ad0-18d7-11e9-9094-c50574723088-ecs", + "id": "eea92ad0-18d7-11e9-9094-c50574723088", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -781,10 +781,10 @@ "x": 0, "y": 21 }, - "id": "91962a30-1901-11e9-9094-c50574723088-ecs", + "id": "91962a30-1901-11e9-9094-c50574723088", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -795,10 +795,10 @@ "x": 0, "y": 33 }, - "id": "abe78cd0-18ca-11e9-9094-c50574723088-ecs", + "id": "abe78cd0-18ca-11e9-9094-c50574723088", "panelIndex": "7", - "winlog.api": "search", - "winlog.version": "7.0.0" + "type": "search", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -809,21 +809,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Host Dashboard ECS", - "winlog.version": 1 + "title": "[Auditbeat System] Host Dashboard", + "version": 1 }, - "id": "dfe62590-18da-11e9-9094-c50574723088-ecs", - "winlog.api": "dashboard", + "id": "dfe62590-18da-11e9-9094-c50574723088", + "type": "dashboard", "updated_at": "2019-02-04T11:25:58.146Z", - "winlog.version": 28 + "version": 28 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json index 217385972bfc..4125daa9159a 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Login Count [Auditbeat System] ECS", + "title": "Login Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -52,7 +52,7 @@ "customLabel": "Login Events" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -81,16 +81,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Login Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Login Count [Auditbeat System]", + "type": "metric" } }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:44:50.914Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -110,16 +110,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -132,9 +132,9 @@ } } }, - "title": "Login Actions [Auditbeat System] ECS", + "title": "Login Actions [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -142,7 +142,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -158,7 +158,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -172,16 +172,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Login Actions [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Login Actions [Auditbeat System]", + "type": "pie" } }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:04:51.914Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -201,16 +201,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -227,16 +227,16 @@ "negate": false, "params": { "query": "success", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "success" }, "query": { "match": { "event.outcome": { "query": "success", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -249,7 +249,7 @@ } } }, - "title": "Login Success Table [Auditbeat System] ECS", + "title": "Login Success Table [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -260,7 +260,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -270,7 +270,7 @@ "customLabel": "Successful Logins" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -287,7 +287,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -301,14 +301,14 @@ }, "totalFunc": "sum" }, - "title": "Login Success Table [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Login Success Table [Auditbeat System]", + "type": "table" } }, - "id": "5eb5f250-285e-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "visualization", + "id": "5eb5f250-285e-11e9-805f-43bf57dfa519", + "type": "visualization", "updated_at": "2019-02-04T09:22:44.444Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -328,16 +328,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -354,16 +354,16 @@ "negate": false, "params": { "query": "failure", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "failure" }, "query": { "match": { "event.outcome": { "query": "failure", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -376,7 +376,7 @@ } } }, - "title": "Login Failures Table [Auditbeat System] ECS", + "title": "Login Failures Table [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -387,7 +387,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -397,7 +397,7 @@ "customLabel": "Failed Logins" }, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -414,7 +414,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -428,14 +428,14 @@ }, "totalFunc": "sum" }, - "title": "Login Failures Table [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Login Failures Table [Auditbeat System]", + "type": "table" } }, - "id": "a1951650-285e-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "visualization", + "id": "a1951650-285e-11e9-805f-43bf57dfa519", + "type": "visualization", "updated_at": "2019-02-04T09:24:11.445Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -455,16 +455,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -477,9 +477,9 @@ } } }, - "title": "Login Event Histogram [Auditbeat System] ECS", + "title": "Login Event Histogram [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -487,7 +487,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -503,7 +503,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -519,12 +519,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -544,12 +544,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -563,25 +563,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Login Event Histogram [Auditbeat System] ECS", - "winlog.api": "histogram" + "title": "Login Event Histogram [Auditbeat System]", + "type": "histogram" } }, - "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "visualization", + "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519", + "type": "visualization", "updated_at": "2019-02-04T09:26:04.254Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -608,16 +608,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -629,20 +629,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Login Events [Auditbeat System] ECS", - "winlog.version": 1 + "title": "Login Events [Auditbeat System]", + "version": 1 }, - "id": "2e04c720-285f-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "search", + "id": "2e04c720-285f-11e9-805f-43bf57dfa519", + "type": "search", "updated_at": "2019-02-04T09:28:07.058Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -662,16 +662,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -684,9 +684,9 @@ } } }, - "title": "Login OS Distribution [Auditbeat System] ECS", + "title": "Login OS Distribution [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -696,7 +696,7 @@ "field": "host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -713,7 +713,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -729,7 +729,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -743,16 +743,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Login OS Distribution [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Login OS Distribution [Auditbeat System]", + "type": "pie" } }, - "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "visualization", + "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519", + "type": "visualization", "updated_at": "2019-02-04T09:40:30.122Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -766,24 +766,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System] ECS", + "title": "Dashboard Links [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboard Links [Auditbeat System]", + "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -813,10 +813,10 @@ "x": 0, "y": 4 }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -827,10 +827,10 @@ "x": 8, "y": 4 }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -841,10 +841,10 @@ "x": 28, "y": 4 }, - "id": "5eb5f250-285e-11e9-805f-43bf57dfa519-ecs", + "id": "5eb5f250-285e-11e9-805f-43bf57dfa519", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -855,10 +855,10 @@ "x": 38, "y": 4 }, - "id": "a1951650-285e-11e9-805f-43bf57dfa519-ecs", + "id": "a1951650-285e-11e9-805f-43bf57dfa519", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -869,10 +869,10 @@ "x": 0, "y": 14 }, - "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519-ecs", + "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -883,10 +883,10 @@ "x": 0, "y": 23 }, - "id": "2e04c720-285f-11e9-805f-43bf57dfa519-ecs", + "id": "2e04c720-285f-11e9-805f-43bf57dfa519", "panelIndex": "7", - "winlog.api": "search", - "winlog.version": "7.0.0" + "type": "search", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -897,10 +897,10 @@ "x": 18, "y": 4 }, - "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519-ecs", + "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -911,21 +911,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Login Dashboard ECS", - "winlog.version": 1 + "title": "[Auditbeat System] Login Dashboard", + "version": 1 }, - "id": "2a17f200-285e-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "dashboard", + "id": "2a17f200-285e-11e9-805f-43bf57dfa519", + "type": "dashboard", "updated_at": "2019-02-04T11:38:50.007Z", - "winlog.version": 6 + "version": 6 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json index 3ca1fbc47c89..3d43f14b2bdb 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Host Count [Auditbeat System] ECS", + "title": "Host Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Host Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Host Count [Auditbeat System]", + "type": "metric" } }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-02-03T20:37:18.796Z", - "winlog.version": 22 + "version": 22 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -133,9 +133,9 @@ } } }, - "title": "Process Count [Auditbeat System] ECS", + "title": "Process Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -146,7 +146,7 @@ "field": "process.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -175,16 +175,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Process Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Process Count [Auditbeat System]", + "type": "metric" } }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:24:39.030Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -204,16 +204,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -226,9 +226,9 @@ } } }, - "title": "Socket Count [Auditbeat System] ECS", + "title": "Socket Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -239,7 +239,7 @@ "field": "socket.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -268,16 +268,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Socket Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Socket Count [Auditbeat System]", + "type": "metric" } }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:29:47.881Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -297,16 +297,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -319,9 +319,9 @@ } } }, - "title": "User Count [Auditbeat System] ECS", + "title": "User Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -332,7 +332,7 @@ "field": "user.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -361,16 +361,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "User Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "User Count [Auditbeat System]", + "type": "metric" } }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:35:48.640Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -390,16 +390,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -412,9 +412,9 @@ } } }, - "title": "Package Count [Auditbeat System] ECS", + "title": "Package Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -425,7 +425,7 @@ "field": "system.audit.package.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -454,16 +454,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Package Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Package Count [Auditbeat System]", + "type": "metric" } }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:40:37.585Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -483,16 +483,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -505,9 +505,9 @@ } } }, - "title": "Login Count [Auditbeat System] ECS", + "title": "Login Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -517,7 +517,7 @@ "customLabel": "Login Events" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -546,16 +546,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Login Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Login Count [Auditbeat System]", + "type": "metric" } }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:44:50.914Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -575,16 +575,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -597,9 +597,9 @@ } } }, - "title": "OS Distribution [Auditbeat System] ECS", + "title": "OS Distribution [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -609,7 +609,7 @@ "field": "system.audit.host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -626,7 +626,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -642,7 +642,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -656,16 +656,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "OS Distribution [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "OS Distribution [Auditbeat System]", + "type": "pie" } }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-01-21T11:37:35.796Z", - "winlog.version": 24 + "version": 24 }, { "attributes": { @@ -685,16 +685,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -707,9 +707,9 @@ } } }, - "title": "Login Actions [Auditbeat System] ECS", + "title": "Login Actions [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -717,7 +717,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -733,7 +733,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -747,16 +747,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Login Actions [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Login Actions [Auditbeat System]", + "type": "pie" } }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:04:51.914Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -776,16 +776,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -802,16 +802,16 @@ "negate": true, "params": { "query": "existing_user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "existing_user" }, "query": { "match": { "event.action": { "query": "existing_user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -824,9 +824,9 @@ } } }, - "title": "User Changes [Auditbeat System] ECS", + "title": "User Changes [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -836,7 +836,7 @@ "customLabel": "User Changes" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -865,16 +865,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "User Changes [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "User Changes [Auditbeat System]", + "type": "metric" } }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:38:11.314Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -894,16 +894,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -920,16 +920,16 @@ "negate": false, "params": { "query": "process_started", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process_started" }, "query": { "match": { "event.action": { "query": "process_started", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -942,9 +942,9 @@ } } }, - "title": "Process Starts [Auditbeat System] ECS", + "title": "Process Starts [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -954,7 +954,7 @@ "customLabel": "Started" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -983,16 +983,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Process Starts [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Process Starts [Auditbeat System]", + "type": "metric" } }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:45:42.195Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1012,16 +1012,16 @@ "negate": false, "params": { "query": "process_stopped", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process_stopped" }, "query": { "match": { "event.action": { "query": "process_stopped", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1038,16 +1038,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1060,9 +1060,9 @@ } } }, - "title": "Process Stops [Auditbeat System] ECS", + "title": "Process Stops [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1072,7 +1072,7 @@ "customLabel": "Stopped" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -1101,16 +1101,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Process Stops [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Process Stops [Auditbeat System]", + "type": "metric" } }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:50:28.750Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1130,16 +1130,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1156,16 +1156,16 @@ "negate": false, "params": { "query": "socket_opened", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket_opened" }, "query": { "match": { "event.action": { "query": "socket_opened", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1178,9 +1178,9 @@ } } }, - "title": "Sockets Opened [Auditbeat System] ECS", + "title": "Sockets Opened [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1190,7 +1190,7 @@ "customLabel": "Opened" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -1219,16 +1219,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Sockets Opened [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Sockets Opened [Auditbeat System]", + "type": "metric" } }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:47:58.605Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1248,16 +1248,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1274,16 +1274,16 @@ "negate": false, "params": { "query": "socket_closed", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket_closed" }, "query": { "match": { "event.action": { "query": "socket_closed", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1296,9 +1296,9 @@ } } }, - "title": "Sockets Closed [Auditbeat System] ECS", + "title": "Sockets Closed [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1308,7 +1308,7 @@ "customLabel": "Closed" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -1337,16 +1337,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Sockets Closed [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Sockets Closed [Auditbeat System]", + "type": "metric" } }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:48:58.668Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1366,16 +1366,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1392,16 +1392,16 @@ "negate": true, "params": { "query": "existing_package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "existing_package" }, "query": { "match": { "event.action": { "query": "existing_package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1414,9 +1414,9 @@ } } }, - "title": "Package Changes [Auditbeat System] ECS", + "title": "Package Changes [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1426,7 +1426,7 @@ "customLabel": "Changes" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -1455,16 +1455,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Package Changes [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Package Changes [Auditbeat System]", + "type": "metric" } }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "visualization", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "type": "visualization", "updated_at": "2019-02-04T10:44:06.826Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1484,16 +1484,16 @@ "negate": false, "params": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1510,16 +1510,16 @@ "negate": false, "params": { "query": "event", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "event" }, "query": { "match": { "event.kind": { "query": "event", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1532,9 +1532,9 @@ } } }, - "title": "System Event Histogram [Auditbeat System] ECS", + "title": "System Event Histogram [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1542,7 +1542,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -1558,7 +1558,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -1574,12 +1574,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -1599,12 +1599,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -1618,25 +1618,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "System Event Histogram [Auditbeat System] ECS", - "winlog.api": "histogram" + "title": "System Event Histogram [Auditbeat System]", + "type": "histogram" } }, - "id": "54135e50-27ff-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "visualization", + "id": "54135e50-27ff-11e9-805f-43bf57dfa519", + "type": "visualization", "updated_at": "2019-02-03T22:01:59.221Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1656,16 +1656,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1678,7 +1678,7 @@ } } }, - "title": "Host List [Auditbeat System] ECS", + "title": "Host List [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -1689,7 +1689,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1707,7 +1707,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -1721,7 +1721,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -1735,7 +1735,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -1749,7 +1749,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -1763,7 +1763,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" }, { "enabled": true, @@ -1777,7 +1777,7 @@ "sortOrder": "desc" }, "schema": "metric", - "winlog.api": "top_hits" + "type": "top_hits" } ], "params": { @@ -1791,14 +1791,14 @@ }, "totalFunc": "sum" }, - "title": "Host List [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Host List [Auditbeat System]", + "type": "table" } }, - "id": "91962a30-1901-11e9-9094-c50574723088-ecs", - "winlog.api": "visualization", + "id": "91962a30-1901-11e9-9094-c50574723088", + "type": "visualization", "updated_at": "2019-01-21T11:58:22.519Z", - "winlog.version": 25 + "version": 25 }, { "attributes": { @@ -1825,16 +1825,16 @@ "negate": false, "params": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "system" }, "query": { "match": { "event.module": { "query": "system", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1851,16 +1851,16 @@ "negate": false, "params": { "query": "event", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "event" }, "query": { "match": { "event.kind": { "query": "event", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1872,20 +1872,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "System Events [Auditbeat System] ECS", - "winlog.version": 1 + "title": "System Events [Auditbeat System]", + "version": 1 }, - "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "search", + "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519", + "type": "search", "updated_at": "2019-02-03T22:17:10.090Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -1899,24 +1899,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System] ECS", + "title": "Dashboard Links [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboard Links [Auditbeat System]", + "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -1937,16 +1937,16 @@ "negate": false, "params": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "host" }, "query": { "match": { "event.dataset": { "query": "host", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1963,16 +1963,16 @@ "negate": false, "params": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "login" }, "query": { "match": { "event.dataset": { "query": "login", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -1989,16 +1989,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -2015,16 +2015,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -2041,16 +2041,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -2067,16 +2067,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -2103,10 +2103,10 @@ "x": 0, "y": 4 }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2117,10 +2117,10 @@ "x": 24, "y": 4 }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2131,10 +2131,10 @@ "x": 32, "y": 4 }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2145,10 +2145,10 @@ "x": 16, "y": 4 }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2159,10 +2159,10 @@ "x": 40, "y": 4 }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2173,10 +2173,10 @@ "x": 8, "y": 4 }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2187,10 +2187,10 @@ "x": 0, "y": 12 }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", + "id": "9dd991a0-18cb-11e9-9094-c50574723088", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2201,10 +2201,10 @@ "x": 8, "y": 12 }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2215,10 +2215,10 @@ "x": 16, "y": 12 }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2229,10 +2229,10 @@ "x": 24, "y": 12 }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2243,10 +2243,10 @@ "x": 24, "y": 19 }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", "panelIndex": "12", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2257,10 +2257,10 @@ "x": 32, "y": 12 }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90", "panelIndex": "13", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2271,10 +2271,10 @@ "x": 32, "y": 19 }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", "panelIndex": "14", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2285,10 +2285,10 @@ "x": 40, "y": 12 }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", "panelIndex": "15", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2299,10 +2299,10 @@ "x": 0, "y": 26 }, - "id": "54135e50-27ff-11e9-805f-43bf57dfa519-ecs", + "id": "54135e50-27ff-11e9-805f-43bf57dfa519", "panelIndex": "16", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2313,10 +2313,10 @@ "x": 0, "y": 34 }, - "id": "91962a30-1901-11e9-9094-c50574723088-ecs", + "id": "91962a30-1901-11e9-9094-c50574723088", "panelIndex": "17", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2327,10 +2327,10 @@ "x": 24, "y": 34 }, - "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519-ecs", + "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519", "panelIndex": "18", - "winlog.api": "search", - "winlog.version": "7.0.0" + "type": "search", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -2341,21 +2341,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", "panelIndex": "19", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] System Overview ECS", - "winlog.version": 1 + "title": "[Auditbeat System] System Overview", + "version": 1 }, - "id": "2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "dashboard", + "id": "2be46cb0-27f2-11e9-89af-fd12d59dac90", + "type": "dashboard", "updated_at": "2019-02-04T09:32:32.325Z", - "winlog.version": 9 + "version": 9 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json index a8b42362e1a7..46dcaf1f714c 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json @@ -12,24 +12,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System] ECS", + "title": "Dashboard Links [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboard Links [Auditbeat System]", + "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -49,16 +49,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -71,9 +71,9 @@ } } }, - "title": "Package Count [Auditbeat System] ECS", + "title": "Package Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -84,7 +84,7 @@ "field": "system.audit.package.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -113,16 +113,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Package Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Package Count [Auditbeat System]", + "type": "metric" } }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:40:37.585Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -142,16 +142,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -168,16 +168,16 @@ "negate": true, "params": { "query": "existing_package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "existing_package" }, "query": { "match": { "event.action": { "query": "existing_package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -190,9 +190,9 @@ } } }, - "title": "Package Changes [Auditbeat System] ECS", + "title": "Package Changes [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -202,7 +202,7 @@ "customLabel": "Changes" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -231,16 +231,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Package Changes [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Package Changes [Auditbeat System]", + "type": "metric" } }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", - "winlog.api": "visualization", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "type": "visualization", "updated_at": "2019-02-04T10:44:06.826Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -260,16 +260,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -282,9 +282,9 @@ } } }, - "title": "Package OS Distribution [Auditbeat System] ECS", + "title": "Package OS Distribution [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -294,7 +294,7 @@ "field": "host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -311,7 +311,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -327,7 +327,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -341,16 +341,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Package OS Distribution [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Package OS Distribution [Auditbeat System]", + "type": "pie" } }, - "id": "6ed51940-2868-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "6ed51940-2868-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:34:21.268Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -370,16 +370,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -396,16 +396,16 @@ "negate": false, "params": { "query": "event", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "event" }, "query": { "match": { "event.kind": { "query": "event", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -418,9 +418,9 @@ } } }, - "title": "Package Change Actions [Auditbeat System] ECS", + "title": "Package Change Actions [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -428,7 +428,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -444,7 +444,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -458,16 +458,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Package Change Actions [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Package Change Actions [Auditbeat System]", + "type": "pie" } }, - "id": "fe23f530-2868-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "fe23f530-2868-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:38:21.699Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -487,16 +487,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -509,9 +509,9 @@ } } }, - "title": "Package Document Histogram [Auditbeat System] ECS", + "title": "Package Document Histogram [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -519,7 +519,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -535,7 +535,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -551,12 +551,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -576,12 +576,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -595,25 +595,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Package Document Histogram [Auditbeat System] ECS", - "winlog.api": "histogram" + "title": "Package Document Histogram [Auditbeat System]", + "type": "histogram" } }, - "id": "4e7701d0-2869-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "4e7701d0-2869-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:40:36.461Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -639,16 +639,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -660,20 +660,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Package Documents [Auditbeat System] ECS", - "winlog.version": 1 + "title": "Package Documents [Auditbeat System]", + "version": 1 }, - "id": "391ef230-2868-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "search", + "id": "391ef230-2868-11e9-9d21-0be348776e6c", + "type": "search", "updated_at": "2019-02-04T10:32:51.155Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -693,16 +693,16 @@ "negate": false, "params": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "package" }, "query": { "match": { "event.dataset": { "query": "package", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -715,7 +715,7 @@ } } }, - "title": "Package Names [Auditbeat System] ECS", + "title": "Package Names [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -726,7 +726,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -734,7 +734,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -750,7 +750,7 @@ "size": 25 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -764,14 +764,14 @@ }, "totalFunc": "sum" }, - "title": "Package Names [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Package Names [Auditbeat System]", + "type": "table" } }, - "id": "8dc55df0-2869-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "8dc55df0-2869-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:45:22.440Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -801,10 +801,10 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -815,10 +815,10 @@ "x": 0, "y": 4 }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -829,10 +829,10 @@ "x": 6, "y": 4 }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -843,10 +843,10 @@ "x": 24, "y": 4 }, - "id": "6ed51940-2868-11e9-9d21-0be348776e6c-ecs", + "id": "6ed51940-2868-11e9-9d21-0be348776e6c", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -857,10 +857,10 @@ "x": 11, "y": 4 }, - "id": "fe23f530-2868-11e9-9d21-0be348776e6c-ecs", + "id": "fe23f530-2868-11e9-9d21-0be348776e6c", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -871,10 +871,10 @@ "x": 0, "y": 15 }, - "id": "4e7701d0-2869-11e9-9d21-0be348776e6c-ecs", + "id": "4e7701d0-2869-11e9-9d21-0be348776e6c", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -885,10 +885,10 @@ "x": 0, "y": 23 }, - "id": "391ef230-2868-11e9-9d21-0be348776e6c-ecs", + "id": "391ef230-2868-11e9-9d21-0be348776e6c", "panelIndex": "7", - "winlog.api": "search", - "winlog.version": "7.0.0" + "type": "search", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -899,21 +899,21 @@ "x": 37, "y": 4 }, - "id": "8dc55df0-2869-11e9-9d21-0be348776e6c-ecs", + "id": "8dc55df0-2869-11e9-9d21-0be348776e6c", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Package Dashboard ECS", - "winlog.version": 1 + "title": "[Auditbeat System] Package Dashboard", + "version": 1 }, - "id": "137c52f0-286a-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "dashboard", + "id": "137c52f0-286a-11e9-9d21-0be348776e6c", + "type": "dashboard", "updated_at": "2019-02-04T11:03:23.945Z", - "winlog.version": 2 + "version": 2 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json index b1eb3f6f6945..6ffee4042df1 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "Process Count [Auditbeat System] ECS", + "title": "Process Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "process.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Process Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Process Count [Auditbeat System]", + "type": "metric" } }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:24:39.030Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -137,16 +137,16 @@ "negate": false, "params": { "query": "process_started", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process_started" }, "query": { "match": { "event.action": { "query": "process_started", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -159,9 +159,9 @@ } } }, - "title": "Process Starts [Auditbeat System] ECS", + "title": "Process Starts [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -171,7 +171,7 @@ "customLabel": "Started" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -200,16 +200,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Process Starts [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Process Starts [Auditbeat System]", + "type": "metric" } }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:45:42.195Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -229,16 +229,16 @@ "negate": false, "params": { "query": "process_stopped", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process_stopped" }, "query": { "match": { "event.action": { "query": "process_stopped", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -255,16 +255,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -277,9 +277,9 @@ } } }, - "title": "Process Stops [Auditbeat System] ECS", + "title": "Process Stops [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -289,7 +289,7 @@ "customLabel": "Stopped" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -318,16 +318,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Process Stops [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Process Stops [Auditbeat System]", + "type": "metric" } }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:50:28.750Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -355,16 +355,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -376,20 +376,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Process Events [Auditbeat System] ECS", - "winlog.version": 1 + "title": "Process Events [Auditbeat System]", + "version": 1 }, - "id": "0f9611b0-2862-11e9-97cb-474beda9f119-ecs", - "winlog.api": "search", + "id": "0f9611b0-2862-11e9-97cb-474beda9f119", + "type": "search", "updated_at": "2019-02-04T09:48:44.490Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -409,16 +409,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -431,9 +431,9 @@ } } }, - "title": "Process OS Distribution [Auditbeat System] ECS", + "title": "Process OS Distribution [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -443,7 +443,7 @@ "field": "host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -460,7 +460,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -476,7 +476,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -490,16 +490,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Process OS Distribution [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Process OS Distribution [Auditbeat System]", + "type": "pie" } }, - "id": "91708fd0-2862-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "91708fd0-2862-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T09:52:22.349Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -519,16 +519,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -541,9 +541,9 @@ } } }, - "title": "Process Event Histogram [Auditbeat System] ECS", + "title": "Process Event Histogram [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -551,7 +551,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -567,7 +567,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -583,12 +583,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -608,12 +608,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -627,25 +627,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Process Event Histogram [Auditbeat System] ECS", - "winlog.api": "histogram" + "title": "Process Event Histogram [Auditbeat System]", + "type": "histogram" } }, - "id": "b1e2af00-2862-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "b1e2af00-2862-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T09:53:16.784Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -665,16 +665,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -687,7 +687,7 @@ } } }, - "title": "Process Names [Auditbeat System] ECS", + "title": "Process Names [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -698,7 +698,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -716,14 +716,14 @@ "size": 8 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -737,14 +737,14 @@ }, "totalFunc": "sum" }, - "title": "Process Names [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Process Names [Auditbeat System]", + "type": "table" } }, - "id": "f1d365a0-2862-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "f1d365a0-2862-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T09:56:33.249Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -764,16 +764,16 @@ "negate": false, "params": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "process" }, "query": { "match": { "event.dataset": { "query": "process", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -786,7 +786,7 @@ } } }, - "title": "Process Users [Auditbeat System] ECS", + "title": "Process Users [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -797,7 +797,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -815,14 +815,14 @@ "size": 8 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -836,14 +836,14 @@ }, "totalFunc": "sum" }, - "title": "Process Users [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Process Users [Auditbeat System]", + "type": "table" } }, - "id": "30936470-2863-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "30936470-2863-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T09:56:49.335Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -857,24 +857,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System] ECS", + "title": "Dashboard Links [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboard Links [Auditbeat System]", + "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -904,10 +904,10 @@ "x": 0, "y": 4 }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -918,10 +918,10 @@ "x": 11, "y": 4 }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -932,10 +932,10 @@ "x": 22, "y": 4 }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -946,10 +946,10 @@ "x": 0, "y": 38 }, - "id": "0f9611b0-2862-11e9-97cb-474beda9f119-ecs", + "id": "0f9611b0-2862-11e9-97cb-474beda9f119", "panelIndex": "4", - "winlog.api": "search", - "winlog.version": "7.0.0" + "type": "search", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -960,10 +960,10 @@ "x": 33, "y": 4 }, - "id": "91708fd0-2862-11e9-97cb-474beda9f119-ecs", + "id": "91708fd0-2862-11e9-97cb-474beda9f119", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -974,10 +974,10 @@ "x": 0, "y": 29 }, - "id": "b1e2af00-2862-11e9-97cb-474beda9f119-ecs", + "id": "b1e2af00-2862-11e9-97cb-474beda9f119", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -988,10 +988,10 @@ "x": 0, "y": 14 }, - "id": "f1d365a0-2862-11e9-97cb-474beda9f119-ecs", + "id": "f1d365a0-2862-11e9-97cb-474beda9f119", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1002,10 +1002,10 @@ "x": 24, "y": 14 }, - "id": "30936470-2863-11e9-97cb-474beda9f119-ecs", + "id": "30936470-2863-11e9-97cb-474beda9f119", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1016,21 +1016,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Process Dashboard ECS", - "winlog.version": 1 + "title": "[Auditbeat System] Process Dashboard", + "version": 1 }, - "id": "4c68f110-2863-11e9-97cb-474beda9f119-ecs", - "winlog.api": "dashboard", + "id": "4c68f110-2863-11e9-97cb-474beda9f119", + "type": "dashboard", "updated_at": "2019-02-04T10:13:58.155Z", - "winlog.version": 2 + "version": 2 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json index 70305be6dbe5..2ecb25fd7000 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json @@ -12,24 +12,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System] ECS", + "title": "Dashboard Links [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboard Links [Auditbeat System]", + "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -49,16 +49,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -71,9 +71,9 @@ } } }, - "title": "Socket Count [Auditbeat System] ECS", + "title": "Socket Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -84,7 +84,7 @@ "field": "socket.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -113,16 +113,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Socket Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Socket Count [Auditbeat System]", + "type": "metric" } }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:29:47.881Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -142,16 +142,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -168,16 +168,16 @@ "negate": false, "params": { "query": "socket_opened", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket_opened" }, "query": { "match": { "event.action": { "query": "socket_opened", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -190,9 +190,9 @@ } } }, - "title": "Sockets Opened [Auditbeat System] ECS", + "title": "Sockets Opened [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -202,7 +202,7 @@ "customLabel": "Opened" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -231,16 +231,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Sockets Opened [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Sockets Opened [Auditbeat System]", + "type": "metric" } }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:47:58.605Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -260,16 +260,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -286,16 +286,16 @@ "negate": false, "params": { "query": "socket_closed", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket_closed" }, "query": { "match": { "event.action": { "query": "socket_closed", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -308,9 +308,9 @@ } } }, - "title": "Sockets Closed [Auditbeat System] ECS", + "title": "Sockets Closed [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -320,7 +320,7 @@ "customLabel": "Closed" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -349,16 +349,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "Sockets Closed [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "Sockets Closed [Auditbeat System]", + "type": "metric" } }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:48:58.668Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -378,16 +378,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -400,9 +400,9 @@ } } }, - "title": "Socket Types [Auditbeat System] ECS", + "title": "Socket Types [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -410,7 +410,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -426,7 +426,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -440,16 +440,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Socket Types [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Socket Types [Auditbeat System]", + "type": "pie" } }, - "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:23:30.893Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -476,16 +476,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -497,20 +497,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Socket Documents [Auditbeat System] ECS", - "winlog.version": 1 + "title": "Socket Documents [Auditbeat System]", + "version": 1 }, - "id": "3bfed610-2867-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "search", + "id": "3bfed610-2867-11e9-9d21-0be348776e6c", + "type": "search", "updated_at": "2019-02-04T10:25:46.481Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -530,16 +530,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -552,9 +552,9 @@ } } }, - "title": "Socket Document Histogram [Auditbeat System] ECS", + "title": "Socket Document Histogram [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -562,7 +562,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -578,7 +578,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -594,12 +594,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -619,12 +619,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -638,25 +638,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Socket Document Histogram [Auditbeat System] ECS", - "winlog.api": "histogram" + "title": "Socket Document Histogram [Auditbeat System]", + "type": "histogram" } }, - "id": "536fa900-2867-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "536fa900-2867-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:26:25.808Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -676,16 +676,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -698,7 +698,7 @@ } } }, - "title": "Socket Users [Auditbeat System] ECS", + "title": "Socket Users [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -709,7 +709,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -717,7 +717,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -733,7 +733,7 @@ "size": 8 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -747,14 +747,14 @@ }, "totalFunc": "sum" }, - "title": "Socket Users [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Socket Users [Auditbeat System]", + "type": "table" } }, - "id": "78391460-2867-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "78391460-2867-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:27:27.526Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -774,16 +774,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -796,7 +796,7 @@ } } }, - "title": "Destination Ports [Auditbeat System] ECS", + "title": "Destination Ports [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -807,7 +807,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -815,7 +815,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -831,7 +831,7 @@ "size": 30 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -845,14 +845,14 @@ }, "totalFunc": "sum" }, - "title": "Destination Ports [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Destination Ports [Auditbeat System]", + "type": "table" } }, - "id": "1771daa0-286b-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "1771daa0-286b-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:56:23.379Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -872,16 +872,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -894,7 +894,7 @@ } } }, - "title": "Socket Source IPs [Auditbeat System] ECS", + "title": "Socket Source IPs [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -905,7 +905,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -913,7 +913,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -929,7 +929,7 @@ "size": 30 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -943,14 +943,14 @@ }, "totalFunc": "sum" }, - "title": "Socket Source IPs [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Socket Source IPs [Auditbeat System]", + "type": "table" } }, - "id": "b899a700-286b-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "b899a700-286b-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:57:53.520Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -970,16 +970,16 @@ "negate": false, "params": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "socket" }, "query": { "match": { "event.dataset": { "query": "socket", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -992,7 +992,7 @@ } } }, - "title": "Socket Destination IPs [Auditbeat System] ECS", + "title": "Socket Destination IPs [Auditbeat System]", "uiStateJSON": { "vis": { "params": { @@ -1003,7 +1003,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -1011,7 +1011,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -1027,7 +1027,7 @@ "size": 30 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -1041,14 +1041,14 @@ }, "totalFunc": "sum" }, - "title": "Socket Destination IPs [Auditbeat System] ECS", - "winlog.api": "table" + "title": "Socket Destination IPs [Auditbeat System]", + "type": "table" } }, - "id": "d32c0540-286b-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "visualization", + "id": "d32c0540-286b-11e9-9d21-0be348776e6c", + "type": "visualization", "updated_at": "2019-02-04T10:58:38.100Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -1078,10 +1078,10 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1092,10 +1092,10 @@ "x": 0, "y": 4 }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1106,10 +1106,10 @@ "x": 5, "y": 4 }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1120,10 +1120,10 @@ "x": 10, "y": 4 }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1134,10 +1134,10 @@ "x": 15, "y": 4 }, - "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c-ecs", + "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1148,10 +1148,10 @@ "x": 0, "y": 23 }, - "id": "3bfed610-2867-11e9-9d21-0be348776e6c-ecs", + "id": "3bfed610-2867-11e9-9d21-0be348776e6c", "panelIndex": "6", - "winlog.api": "search", - "winlog.version": "7.0.0" + "type": "search", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1162,10 +1162,10 @@ "x": 0, "y": 15 }, - "id": "536fa900-2867-11e9-9d21-0be348776e6c-ecs", + "id": "536fa900-2867-11e9-9d21-0be348776e6c", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1176,10 +1176,10 @@ "x": 42, "y": 4 }, - "id": "78391460-2867-11e9-9d21-0be348776e6c-ecs", + "id": "78391460-2867-11e9-9d21-0be348776e6c", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1190,10 +1190,10 @@ "x": 36, "y": 4 }, - "id": "1771daa0-286b-11e9-9d21-0be348776e6c-ecs", + "id": "1771daa0-286b-11e9-9d21-0be348776e6c", "panelIndex": "9", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1204,10 +1204,10 @@ "x": 24, "y": 4 }, - "id": "b899a700-286b-11e9-9d21-0be348776e6c-ecs", + "id": "b899a700-286b-11e9-9d21-0be348776e6c", "panelIndex": "10", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -1218,21 +1218,21 @@ "x": 30, "y": 4 }, - "id": "d32c0540-286b-11e9-9d21-0be348776e6c-ecs", + "id": "d32c0540-286b-11e9-9d21-0be348776e6c", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Socket Dashboard ECS", - "winlog.version": 1 + "title": "[Auditbeat System] Socket Dashboard", + "version": 1 }, - "id": "957a3ef0-2867-11e9-9d21-0be348776e6c-ecs", - "winlog.api": "dashboard", + "id": "957a3ef0-2867-11e9-9d21-0be348776e6c", + "type": "dashboard", "updated_at": "2019-02-04T11:01:23.746Z", - "winlog.version": 3 + "version": 3 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json index 190c99b20947..47efcb20e9f3 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json @@ -18,16 +18,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -40,9 +40,9 @@ } } }, - "title": "User Count [Auditbeat System] ECS", + "title": "User Count [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -53,7 +53,7 @@ "field": "user.entity_id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" } ], "params": { @@ -82,16 +82,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "User Count [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "User Count [Auditbeat System]", + "type": "metric" } }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T20:35:48.640Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -111,16 +111,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -137,16 +137,16 @@ "negate": true, "params": { "query": "existing_user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "existing_user" }, "query": { "match": { "event.action": { "query": "existing_user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -159,9 +159,9 @@ } } }, - "title": "User Changes [Auditbeat System] ECS", + "title": "User Changes [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -171,7 +171,7 @@ "customLabel": "User Changes" }, "schema": "metric", - "winlog.api": "count" + "type": "count" } ], "params": { @@ -200,16 +200,16 @@ }, "useRanges": false }, - "winlog.api": "metric" + "type": "metric" }, - "title": "User Changes [Auditbeat System] ECS", - "winlog.api": "metric" + "title": "User Changes [Auditbeat System]", + "type": "metric" } }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-03T21:38:11.314Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -229,16 +229,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -255,16 +255,16 @@ "negate": true, "params": { "query": "existing_user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "existing_user" }, "query": { "match": { "event.action": { "query": "existing_user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -277,9 +277,9 @@ } } }, - "title": "User Change Actions [Auditbeat System] ECS", + "title": "User Change Actions [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -287,7 +287,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -303,7 +303,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -317,16 +317,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "User Change Actions [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "User Change Actions [Auditbeat System]", + "type": "pie" } }, - "id": "dc514de0-2863-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "dc514de0-2863-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T10:01:37.470Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -346,16 +346,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -368,9 +368,9 @@ } } }, - "title": "Password Types [Auditbeat System] ECS", + "title": "Password Types [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -378,7 +378,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -394,7 +394,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -408,16 +408,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Password Types [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "Password Types [Auditbeat System]", + "type": "pie" } }, - "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T10:02:57.420Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -437,16 +437,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -459,9 +459,9 @@ } } }, - "title": "User Documents Histogram [Auditbeat System] ECS", + "title": "User Documents Histogram [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -469,7 +469,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -485,7 +485,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -501,12 +501,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -526,12 +526,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -545,25 +545,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "User Documents Histogram [Auditbeat System] ECS", - "winlog.api": "histogram" + "title": "User Documents Histogram [Auditbeat System]", + "type": "histogram" } }, - "id": "30f4eff0-2864-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "30f4eff0-2864-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T10:03:59.471Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -590,16 +590,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -611,20 +611,20 @@ "language": "lucene", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "User Documents [Auditbeat System] ECS", - "winlog.version": 1 + "title": "User Documents [Auditbeat System]", + "version": 1 }, - "id": "658a3db0-2864-11e9-97cb-474beda9f119-ecs", - "winlog.api": "search", + "id": "658a3db0-2864-11e9-97cb-474beda9f119", + "type": "search", "updated_at": "2019-02-04T10:05:27.691Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -644,16 +644,16 @@ "negate": false, "params": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "user" }, "query": { "match": { "event.dataset": { "query": "user", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -666,9 +666,9 @@ } } }, - "title": "User OS Distribution [Auditbeat System] ECS", + "title": "User OS Distribution [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -678,7 +678,7 @@ "field": "host.id" }, "schema": "metric", - "winlog.api": "cardinality" + "type": "cardinality" }, { "enabled": true, @@ -695,7 +695,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -711,7 +711,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -725,16 +725,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "User OS Distribution [Auditbeat System] ECS", - "winlog.api": "pie" + "title": "User OS Distribution [Auditbeat System]", + "type": "pie" } }, - "id": "7f480de0-2864-11e9-97cb-474beda9f119-ecs", - "winlog.api": "visualization", + "id": "7f480de0-2864-11e9-97cb-474beda9f119", + "type": "visualization", "updated_at": "2019-02-04T10:06:10.878Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -748,24 +748,24 @@ } } }, - "title": "Dashboard Links [Auditbeat System] ECS", + "title": "Dashboard Links [Auditbeat System]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System] ECS", - "winlog.api": "markdown" + "title": "Dashboard Links [Auditbeat System]", + "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", - "winlog.api": "visualization", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -795,10 +795,10 @@ "x": 0, "y": 4 }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -809,10 +809,10 @@ "x": 8, "y": 4 }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -823,10 +823,10 @@ "x": 26, "y": 4 }, - "id": "dc514de0-2863-11e9-97cb-474beda9f119-ecs", + "id": "dc514de0-2863-11e9-97cb-474beda9f119", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -837,10 +837,10 @@ "x": 37, "y": 4 }, - "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119-ecs", + "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -851,10 +851,10 @@ "x": 0, "y": 14 }, - "id": "30f4eff0-2864-11e9-97cb-474beda9f119-ecs", + "id": "30f4eff0-2864-11e9-97cb-474beda9f119", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -865,10 +865,10 @@ "x": 0, "y": 23 }, - "id": "658a3db0-2864-11e9-97cb-474beda9f119-ecs", + "id": "658a3db0-2864-11e9-97cb-474beda9f119", "panelIndex": "6", - "winlog.api": "search", - "winlog.version": "7.0.0" + "type": "search", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -879,10 +879,10 @@ "x": 16, "y": 4 }, - "id": "7f480de0-2864-11e9-97cb-474beda9f119-ecs", + "id": "7f480de0-2864-11e9-97cb-474beda9f119", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" }, { "embeddableConfig": {}, @@ -893,21 +893,21 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0" + "type": "visualization", + "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] User Dashboard ECS", - "winlog.version": 1 + "title": "[Auditbeat System] User Dashboard", + "version": 1 }, - "id": "ae96a660-2864-11e9-97cb-474beda9f119-ecs", - "winlog.api": "dashboard", + "id": "ae96a660-2864-11e9-97cb-474beda9f119", + "type": "dashboard", "updated_at": "2019-02-04T11:02:23.820Z", - "winlog.version": 3 + "version": 3 } ], - "winlog.version": "7.0.0" + "version": "7.0.0" } \ No newline at end of file diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json index 04b1e0cf882a..e10f783d7645 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "title": "Events Timeline [Filebeat Iptables] ECS", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "title": "Events Timeline [Filebeat Iptables]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -39,7 +39,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -55,12 +55,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -81,12 +81,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "area", + "type": "area", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "area", + "type": "area", "valueAxes": [ { "id": "ValueAxis-1", @@ -100,25 +100,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Events Timeline [Filebeat Iptables] ECS", - "winlog.api": "area" + "title": "Events Timeline [Filebeat Iptables]", + "type": "area" } }, - "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", - "winlog.api": "visualization", + "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb", + "type": "visualization", "updated_at": "2019-01-23T20:56:04.891Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -132,8 +132,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "title": "Top Source Countries [Filebeat Iptables] ECS", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "title": "Top Source Countries [Filebeat Iptables]", "uiStateJSON": { "vis": { "params": { @@ -144,7 +144,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -152,7 +152,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -169,7 +169,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -183,14 +183,14 @@ }, "totalFunc": "sum" }, - "title": "Top Source Countries [Filebeat Iptables] ECS", - "winlog.api": "table" + "title": "Top Source Countries [Filebeat Iptables]", + "type": "table" } }, - "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", - "winlog.api": "visualization", + "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3", + "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -204,8 +204,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "title": "Source Map [Filebeat Iptables] ECS", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "title": "Source Map [Filebeat Iptables]", "uiStateJSON": { "mapCenter": [ 45.02695045318546, @@ -213,7 +213,7 @@ ], "mapZoom": 3 }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -221,7 +221,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -239,7 +239,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -269,14 +269,14 @@ } } }, - "title": "Source Map [Filebeat Iptables] ECS", - "winlog.api": "tile_map" + "title": "Source Map [Filebeat Iptables]", + "type": "tile_map" } }, - "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", - "winlog.api": "visualization", + "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3", + "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -290,10 +290,10 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "title": "Destination Map [Filebeat Iptables] ECS", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "title": "Destination Map [Filebeat Iptables]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -301,7 +301,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -319,7 +319,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -349,14 +349,14 @@ } } }, - "title": "Destination Map [Filebeat Iptables] ECS", - "winlog.api": "tile_map" + "title": "Destination Map [Filebeat Iptables]", + "type": "tile_map" } }, - "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", - "winlog.api": "visualization", + "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3", + "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -370,14 +370,14 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "title": "Network Type Breakdown [Filebeat Iptables] ECS", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "title": "Network Type Breakdown [Filebeat Iptables]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -385,7 +385,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -401,7 +401,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -415,16 +415,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Network Type Breakdown [Filebeat Iptables] ECS", - "winlog.api": "pie" + "title": "Network Type Breakdown [Filebeat Iptables]", + "type": "pie" } }, - "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", - "winlog.api": "visualization", + "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3", + "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -438,14 +438,14 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "title": "Network Transport Breakdown [Filebeat Iptables] ECS", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "title": "Network Transport Breakdown [Filebeat Iptables]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -453,7 +453,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -469,7 +469,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -483,16 +483,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Network Transport Breakdown [Filebeat Iptables] ECS", - "winlog.api": "pie" + "title": "Network Transport Breakdown [Filebeat Iptables]", + "type": "pie" } }, - "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "winlog.api": "visualization", + "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3", + "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "title": "Top Destination Ports [Filebeat Iptables] ECS", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "title": "Top Destination Ports [Filebeat Iptables]", "uiStateJSON": { "vis": { "params": { @@ -518,7 +518,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -526,7 +526,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -543,7 +543,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -557,14 +557,14 @@ }, "totalFunc": "sum" }, - "title": "Top Destination Ports [Filebeat Iptables] ECS", - "winlog.api": "table" + "title": "Top Destination Ports [Filebeat Iptables]", + "type": "table" } }, - "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", - "winlog.api": "visualization", + "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3", + "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -582,20 +582,20 @@ "language": "kuery", "query": "iptables.length :*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Events Search [Filebeat Iptables] ECS", - "winlog.version": 1 + "title": "Events Search [Filebeat Iptables]", + "version": 1 }, - "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", - "winlog.api": "search", + "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "type": "search", "updated_at": "2019-01-23T20:51:02.293Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -629,10 +629,10 @@ "x": 0, "y": 0 }, - "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", + "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -643,10 +643,10 @@ "x": 37, "y": 0 }, - "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", + "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": { @@ -663,10 +663,10 @@ "x": 0, "y": 15 }, - "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", + "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": { @@ -683,10 +683,10 @@ "x": 24, "y": 15 }, - "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", + "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -697,10 +697,10 @@ "x": 0, "y": 30 }, - "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", + "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -711,10 +711,10 @@ "x": 19, "y": 30 }, - "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -725,10 +725,10 @@ "x": 37, "y": 30 }, - "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", + "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -739,21 +739,21 @@ "x": 0, "y": 45 }, - "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", "panelIndex": "8", - "winlog.api": "search", - "winlog.version": "6.6.0" + "type": "search", + "version": "6.6.0" } ], "timeRestore": false, - "title": "[Filebeat Iptables] Overview ECS", - "winlog.version": 1 + "title": "[Filebeat Iptables] Overview", + "version": 1 }, - "id": "ceefb9e0-1f51-11e9-93ed-f7e068f4aebb-ecs", - "winlog.api": "dashboard", + "id": "ceefb9e0-1f51-11e9-93ed-f7e068f4aebb", + "type": "dashboard", "updated_at": "2019-01-23T20:59:43.614Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "6.6.0" + "version": "6.6.0" } diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json index a137daeec3c1..000a1bdcd931 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", - "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables] ECS", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables]", "uiStateJSON": { "vis": { "colors": { @@ -22,7 +22,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -30,7 +30,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -51,7 +51,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -67,7 +67,7 @@ "size": 5 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -83,12 +83,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -108,12 +108,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -127,25 +127,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables] ECS", - "winlog.api": "histogram" + "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables]", + "type": "histogram" } }, - "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "visualization", + "id": "758b3620-1fda-11e9-ae2a-939083c6a64e", + "type": "visualization", "updated_at": "2019-01-24T16:37:11.788Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -159,8 +159,8 @@ } } }, - "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", - "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables] ECS", + "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", + "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables]", "uiStateJSON": { "vis": { "params": { @@ -171,7 +171,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -179,7 +179,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -196,7 +196,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -210,14 +210,14 @@ }, "totalFunc": "sum" }, - "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables] ECS", - "winlog.api": "table" + "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables]", + "type": "table" } }, - "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "visualization", + "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e", + "type": "visualization", "updated_at": "2019-01-24T16:06:20.635Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -231,10 +231,10 @@ } } }, - "savedSearchId": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", - "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", + "savedSearchId": "7862cab0-1fdb-11e9-ae2a-939083c6a64e", + "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -242,7 +242,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -260,7 +260,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -290,14 +290,14 @@ } } }, - "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", - "winlog.api": "tile_map" + "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables]", + "type": "tile_map" } }, - "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "visualization", + "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e", + "type": "visualization", "updated_at": "2019-01-24T15:04:34.005Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -311,8 +311,8 @@ } } }, - "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", - "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables] ECS", + "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", + "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables]", "uiStateJSON": { "mapCenter": [ 19.228176737766262, @@ -320,7 +320,7 @@ ], "mapZoom": 3 }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -328,7 +328,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -346,7 +346,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -376,14 +376,14 @@ } } }, - "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables] ECS", - "winlog.api": "tile_map" + "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables]", + "type": "tile_map" } }, - "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "visualization", + "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e", + "type": "visualization", "updated_at": "2019-01-24T15:50:31.689Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -397,8 +397,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", - "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables] ECS", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables]", "uiStateJSON": { "vis": { "colors": { @@ -412,7 +412,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -420,7 +420,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -436,7 +436,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -452,7 +452,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -468,7 +468,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -482,16 +482,16 @@ "values": false }, "legendPosition": "top", - "winlog.api": "pie" + "type": "pie" }, - "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables] ECS", - "winlog.api": "pie" + "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables]", + "type": "pie" } }, - "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "visualization", + "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e", + "type": "visualization", "updated_at": "2019-01-24T16:27:50.397Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -509,20 +509,20 @@ "language": "kuery", "query": "iptables.ubiquiti.rule_set :*" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Events [Filebeat Iptables] ECS", - "winlog.version": 1 + "title": "Ubiquiti Firewall Events [Filebeat Iptables]", + "version": 1 }, - "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "search", + "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "type": "search", "updated_at": "2019-01-24T12:37:10.858Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -536,8 +536,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", - "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables] ECS", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables]", "uiStateJSON": { "vis": { "params": { @@ -548,7 +548,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -556,7 +556,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -574,7 +574,7 @@ "size": 5 }, "schema": "split", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -591,7 +591,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -605,14 +605,14 @@ }, "totalFunc": "sum" }, - "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables] ECS", - "winlog.api": "table" + "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables]", + "type": "table" } }, - "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "visualization", + "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e", + "type": "visualization", "updated_at": "2019-01-24T16:35:45.413Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -630,20 +630,20 @@ "language": "kuery", "query": "iptables.ubiquiti.rule_set :* and event.outcome : \"deny\"" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Blocked Events [Filebeat Iptables] ECS", - "winlog.version": 1 + "title": "Ubiquiti Firewall Blocked Events [Filebeat Iptables]", + "version": 1 }, - "id": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "search", + "id": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", + "type": "search", "updated_at": "2019-01-24T15:35:33.942Z", - "winlog.version": 2 + "version": 2 }, { "attributes": { @@ -661,20 +661,20 @@ "language": "kuery", "query": "iptables.ubiquiti.rule_set :* and event.outcome : \"allow\"" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Allowed Events [Filebeat Iptables] ECS", - "winlog.version": 1 + "title": "Ubiquiti Firewall Allowed Events [Filebeat Iptables]", + "version": 1 }, - "id": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "search", + "id": "7862cab0-1fdb-11e9-ae2a-939083c6a64e", + "type": "search", "updated_at": "2019-01-24T15:04:12.010Z", - "winlog.version": 3 + "version": 3 }, { "attributes": { @@ -712,11 +712,11 @@ "x": 0, "y": 0 }, - "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", + "id": "758b3620-1fda-11e9-ae2a-939083c6a64e", "panelIndex": "1", "title": "Event Timeline", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -727,11 +727,11 @@ "x": 33, "y": 0 }, - "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", + "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e", "panelIndex": "2", "title": "Top Blocked by source IP", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": { @@ -748,11 +748,11 @@ "x": 0, "y": 15 }, - "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", + "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e", "panelIndex": "3", "title": "Allowed Traffic Map", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": { @@ -769,11 +769,11 @@ "x": 24, "y": 15 }, - "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", + "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e", "panelIndex": "4", "title": "Blocked Traffic Map", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": { @@ -797,11 +797,11 @@ "x": 0, "y": 30 }, - "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", + "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e", "panelIndex": "5", "title": "Traffic Breakdown by Protocol", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -812,11 +812,11 @@ "x": 0, "y": 48 }, - "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", + "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", "panelIndex": "6", "title": "Event View", - "winlog.api": "search", - "winlog.version": "6.6.0" + "type": "search", + "version": "6.6.0" }, { "embeddableConfig": {}, @@ -827,22 +827,22 @@ "x": 24, "y": 30 }, - "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", + "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e", "panelIndex": "7", "title": "Traffic Breakdown by Port", - "winlog.api": "visualization", - "winlog.version": "6.6.0" + "type": "visualization", + "version": "6.6.0" } ], "timeRestore": false, - "title": "[Filebeat Iptables] Ubiquiti Firewall Overview ECS", - "winlog.version": 1 + "title": "[Filebeat Iptables] Ubiquiti Firewall Overview", + "version": 1 }, - "id": "d39f0980-1ff3-11e9-ae2a-939083c6a64e-ecs", - "winlog.api": "dashboard", + "id": "d39f0980-1ff3-11e9-ae2a-939083c6a64e", + "type": "dashboard", "updated_at": "2019-01-24T16:38:35.174Z", - "winlog.version": 4 + "version": 4 } ], - "winlog.version": "6.6.0" + "version": "6.6.0" } diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json index f4cdc75313e6..e8d82f4dc4a8 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "title": "Top Alerting Hosts [Suricata] ECS", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "title": "Top Alerting Hosts [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -52,7 +52,7 @@ "size": 10 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -68,12 +68,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -93,12 +93,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -112,25 +112,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Top Alerting Hosts [Suricata] ECS", - "winlog.api": "histogram" + "title": "Top Alerting Hosts [Suricata]", + "type": "histogram" } }, - "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "494fa290-86d2-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -144,8 +144,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "title": "Top Alert Signatures [Suricata] ECS", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "title": "Top Alert Signatures [Suricata]", "uiStateJSON": { "vis": { "params": { @@ -156,7 +156,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -164,7 +164,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -181,7 +181,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" }, { "enabled": true, @@ -198,7 +198,7 @@ "size": 5 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -212,14 +212,14 @@ }, "totalFunc": "sum" }, - "title": "Top Alert Signatures [Suricata] ECS", - "winlog.api": "table" + "title": "Top Alert Signatures [Suricata]", + "type": "table" } }, - "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "16033310-86d3-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -250,16 +250,16 @@ "negate": false, "params": { "query": "alert", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "alert" }, "query": { "match": { "suricata.eve.event_type": { "query": "alert", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -276,16 +276,16 @@ "negate": false, "params": { "query": "suricata", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "suricata" }, "query": { "match": { "event.module": { "query": "suricata", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -297,20 +297,20 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Alerts [Suricata] ECS", - "winlog.version": 1 + "title": "Alerts [Suricata]", + "version": 1 }, - "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "search", + "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "type": "search", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -324,10 +324,10 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "title": "Alert - Source Location [Suricata] ECS", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "title": "Alert - Source Location [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -335,7 +335,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -353,7 +353,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -395,14 +395,14 @@ ] } }, - "title": "Alert - Source Location [Suricata] ECS", - "winlog.api": "tile_map" + "title": "Alert - Source Location [Suricata]", + "type": "tile_map" } }, - "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "85fed080-86d7-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -416,10 +416,10 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "title": "Alert - Destination Location [Suricata] ECS", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "title": "Alert - Destination Location [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -427,7 +427,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -445,7 +445,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -487,14 +487,14 @@ ] } }, - "title": "Alert - Destination Location [Suricata] ECS", - "winlog.api": "tile_map" + "title": "Alert - Destination Location [Suricata]", + "type": "tile_map" } }, - "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "a09ca070-86d7-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -508,8 +508,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "title": "Alerts - Top Destination Countries [Suricata] ECS", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "title": "Alerts - Top Destination Countries [Suricata]", "uiStateJSON": { "vis": { "params": { @@ -520,7 +520,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -528,7 +528,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -545,7 +545,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -559,14 +559,14 @@ }, "totalFunc": "sum" }, - "title": "Alerts - Top Destination Countries [Suricata] ECS", - "winlog.api": "table" + "title": "Alerts - Top Destination Countries [Suricata]", + "type": "table" } }, - "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -580,8 +580,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", - "title": "Alerts - Top Source Countries [Suricata] ECS", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "title": "Alerts - Top Source Countries [Suricata]", "uiStateJSON": { "vis": { "params": { @@ -592,7 +592,7 @@ } } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -600,7 +600,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -617,7 +617,7 @@ "size": 10 }, "schema": "bucket", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -631,14 +631,14 @@ }, "totalFunc": "sum" }, - "title": "Alerts - Top Source Countries [Suricata] ECS", - "winlog.api": "table" + "title": "Alerts - Top Source Countries [Suricata]", + "type": "table" } }, - "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -652,7 +652,7 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -670,10 +670,10 @@ "x": 0, "y": 0 }, - "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", + "id": "494fa290-86d2-11e8-b59d-21efb914e65c", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -684,10 +684,10 @@ "x": 23, "y": 0 }, - "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", + "id": "16033310-86d3-11e8-b59d-21efb914e65c", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -698,10 +698,10 @@ "x": 0, "y": 37 }, - "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", "panelIndex": "3", - "winlog.api": "search", - "winlog.version": "6.3.0" + "type": "search", + "version": "6.3.0" }, { "embeddableConfig": { @@ -718,10 +718,10 @@ "x": 0, "y": 22 }, - "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", + "id": "85fed080-86d7-11e8-b59d-21efb914e65c", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": { @@ -738,10 +738,10 @@ "x": 23, "y": 22 }, - "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", + "id": "a09ca070-86d7-11e8-b59d-21efb914e65c", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -752,10 +752,10 @@ "x": 11, "y": 10 }, - "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", + "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -766,21 +766,21 @@ "x": 0, "y": 10 }, - "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", + "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" } ], "timeRestore": false, - "title": "[Suricata] Alert Overview ECS", - "winlog.version": 1 + "title": "[Suricata] Alert Overview", + "version": 1 }, - "id": "05268ee0-86d1-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "dashboard", + "id": "05268ee0-86d1-11e8-b59d-21efb914e65c", + "type": "dashboard", "updated_at": "2018-11-07T22:56:23.933Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "6.4.3" + "version": "6.4.3" } diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json index cd692e29de3e..6170c3a1a8db 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json @@ -12,10 +12,10 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "title": "Activity Types over Time [Suricata] ECS", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "title": "Activity Types over Time [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -36,7 +36,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -52,7 +52,7 @@ "size": 20 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -68,12 +68,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -93,12 +93,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -112,25 +112,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Activity Types over Time [Suricata] ECS", - "winlog.api": "histogram" + "title": "Activity Types over Time [Suricata]", + "type": "histogram" } }, - "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "c7d46c60-86da-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -144,10 +144,10 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "title": "Event Types [Suricata] ECS", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "title": "Event Types [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -155,7 +155,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -171,7 +171,7 @@ "size": 20 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -185,16 +185,16 @@ "values": true }, "legendPosition": "bottom", - "winlog.api": "pie" + "type": "pie" }, - "title": "Event Types [Suricata] ECS", - "winlog.api": "pie" + "title": "Event Types [Suricata]", + "type": "pie" } }, - "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "0a0aa630-86db-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -208,10 +208,10 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "title": "Top Application Protocols [Suricata] ECS", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "title": "Top Application Protocols [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -219,7 +219,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -235,7 +235,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -249,16 +249,16 @@ "values": true }, "legendPosition": "bottom", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top Application Protocols [Suricata] ECS", - "winlog.api": "pie" + "title": "Top Application Protocols [Suricata]", + "type": "pie" } }, - "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "728f64c0-86db-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -272,10 +272,10 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "title": "Top Hosts Generating Events [Suricata] ECS", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "title": "Top Hosts Generating Events [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -283,7 +283,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -296,7 +296,7 @@ "min_doc_count": 1 }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" }, { "enabled": true, @@ -312,7 +312,7 @@ "size": 10 }, "schema": "group", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -328,12 +328,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -353,12 +353,12 @@ "mode": "stacked", "show": "true", "showCircles": true, - "winlog.api": "histogram", + "type": "histogram", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "histogram", + "type": "histogram", "valueAxes": [ { "id": "ValueAxis-1", @@ -372,25 +372,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "Count" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Top Hosts Generating Events [Suricata] ECS", - "winlog.api": "histogram" + "title": "Top Hosts Generating Events [Suricata]", + "type": "histogram" } }, - "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -423,16 +423,16 @@ "negate": true, "params": { "query": "stats", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "stats" }, "query": { "match": { "suricata.eve.event_type": { "query": "stats", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -449,16 +449,16 @@ "negate": false, "params": { "query": "suricata", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "suricata" }, "query": { "match": { "event.module": { "query": "suricata", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -470,20 +470,20 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Events [Suricata] ECS", - "winlog.version": 1 + "title": "Events [Suricata]", + "version": 1 }, - "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "search", + "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "type": "search", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -497,10 +497,10 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "title": "Top Connection Source Countries [Suricata] ECS", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "title": "Top Connection Source Countries [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -508,7 +508,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -525,7 +525,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -535,14 +535,14 @@ "scale": "linear", "showLabel": true }, - "title": "Top Connection Source Countries [Suricata] ECS", - "winlog.api": "tagcloud" + "title": "Top Connection Source Countries [Suricata]", + "type": "tagcloud" } }, - "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -556,10 +556,10 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "title": "Top Connection Destination Countries [Suricata] ECS", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "title": "Top Connection Destination Countries [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -567,7 +567,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -584,7 +584,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -594,14 +594,14 @@ "scale": "linear", "showLabel": true }, - "title": "Top Connection Destination Countries [Suricata] ECS", - "winlog.api": "tagcloud" + "title": "Top Connection Destination Countries [Suricata]", + "type": "tagcloud" } }, - "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -615,10 +615,10 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", - "title": "Top Network Protocols [Suricata] ECS", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "title": "Top Network Protocols [Suricata]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -626,7 +626,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -642,7 +642,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -656,16 +656,16 @@ "values": true }, "legendPosition": "bottom", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top Network Protocols [Suricata] ECS", - "winlog.api": "pie" + "title": "Top Network Protocols [Suricata]", + "type": "pie" } }, - "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "visualization", + "id": "0a363820-86dd-11e8-b59d-21efb914e65c", + "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -695,16 +695,16 @@ "negate": false, "params": { "query": "stats", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "stats" }, "query": { "match": { "suricata.eve.event_type": { "query": "stats", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -721,16 +721,16 @@ "negate": false, "params": { "query": "suricata", - "winlog.api": "phrase" + "type": "phrase" }, - "winlog.api": "phrase", + "type": "phrase", "value": "suricata" }, "query": { "match": { "event.module": { "query": "suricata", - "winlog.api": "phrase" + "type": "phrase" } } } @@ -742,20 +742,20 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "sort": [ "@timestamp", "desc" ], - "title": "Host Stats [Suricata] ECS", - "winlog.version": 1 + "title": "Host Stats [Suricata]", + "version": 1 }, - "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "search", + "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c", + "type": "search", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -769,7 +769,7 @@ "language": "kuery", "query": "" }, - "winlog.version": true + "version": true } }, "optionsJSON": { @@ -787,10 +787,10 @@ "x": 0, "y": 0 }, - "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", + "id": "c7d46c60-86da-11e8-b59d-21efb914e65c", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -801,10 +801,10 @@ "x": 0, "y": 20 }, - "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", + "id": "0a0aa630-86db-11e8-b59d-21efb914e65c", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -815,10 +815,10 @@ "x": 19, "y": 20 }, - "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", + "id": "728f64c0-86db-11e8-b59d-21efb914e65c", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -829,10 +829,10 @@ "x": 0, "y": 10 }, - "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", + "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -843,10 +843,10 @@ "x": 0, "y": 34 }, - "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c", "panelIndex": "5", - "winlog.api": "search", - "winlog.version": "6.3.0" + "type": "search", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -857,10 +857,10 @@ "x": 30, "y": 20 }, - "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", + "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -871,10 +871,10 @@ "x": 39, "y": 20 }, - "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", + "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -885,10 +885,10 @@ "x": 9, "y": 20 }, - "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", + "id": "0a363820-86dd-11e8-b59d-21efb914e65c", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.3.0" + "type": "visualization", + "version": "6.3.0" }, { "embeddableConfig": {}, @@ -899,21 +899,21 @@ "x": 0, "y": 53 }, - "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", + "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c", "panelIndex": "9", - "winlog.api": "search", - "winlog.version": "6.3.0" + "type": "search", + "version": "6.3.0" } ], "timeRestore": false, - "title": "[Suricata] Events Overview ECS", - "winlog.version": 1 + "title": "[Suricata] Events Overview", + "version": 1 }, - "id": "78289c40-86da-11e8-b59d-21efb914e65c-ecs", - "winlog.api": "dashboard", + "id": "78289c40-86da-11e8-b59d-21efb914e65c", + "type": "dashboard", "updated_at": "2018-11-07T22:56:24.962Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "6.4.3" + "version": "6.4.3" } diff --git a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json index 11e93aa05c4d..598b17a56fd3 100644 --- a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json +++ b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json @@ -13,9 +13,9 @@ } } }, - "title": "Destination Geo [SIEM Zeek] ECS", + "title": "Destination Geo [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -23,7 +23,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -41,7 +41,7 @@ "useGeocentroid": true }, "schema": "segment", - "winlog.api": "geohash_grid" + "type": "geohash_grid" } ], "params": { @@ -72,14 +72,14 @@ } } }, - "title": "Destination Geo [SIEM Zeek] ECS", - "winlog.api": "tile_map" + "title": "Destination Geo [SIEM Zeek]", + "type": "tile_map" } }, - "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "visualization", + "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8", + "type": "visualization", "updated_at": "2019-01-17T07:27:37.758Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -94,9 +94,9 @@ } } }, - "title": "Network Transport [SIEM Zeek] ECS", + "title": "Network Transport [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -104,7 +104,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -120,7 +120,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -134,16 +134,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Network Transport [SIEM Zeek] ECS", - "winlog.api": "pie" + "title": "Network Transport [SIEM Zeek]", + "type": "pie" } }, - "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "visualization", + "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8", + "type": "visualization", "updated_at": "2019-01-17T07:30:28.271Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -158,9 +158,9 @@ } } }, - "title": "Network Application [SIEM Zeek] ECS", + "title": "Network Application [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -168,7 +168,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -184,7 +184,7 @@ "size": 10 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -198,16 +198,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Network Application [SIEM Zeek] ECS", - "winlog.api": "pie" + "title": "Network Application [SIEM Zeek]", + "type": "pie" } }, - "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "visualization", + "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8", + "type": "visualization", "updated_at": "2019-01-17T07:31:43.959Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -222,9 +222,9 @@ } } }, - "title": "Network Traffic Direction [SIEM Zeek] ECS", + "title": "Network Traffic Direction [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -232,7 +232,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -248,7 +248,7 @@ "size": 5 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -262,16 +262,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Network Traffic Direction [SIEM Zeek] ECS", - "winlog.api": "pie" + "title": "Network Traffic Direction [SIEM Zeek]", + "type": "pie" } }, - "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "visualization", + "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8", + "type": "visualization", "updated_at": "2019-01-17T07:32:46.436Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -286,9 +286,9 @@ } } }, - "title": "Top DNS Domains [SIEM Zeek] ECS", + "title": "Top DNS Domains [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -296,7 +296,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -312,7 +312,7 @@ "size": 8 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -326,16 +326,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top DNS Domains [SIEM Zeek] ECS", - "winlog.api": "pie" + "title": "Top DNS Domains [SIEM Zeek]", + "type": "pie" } }, - "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "visualization", + "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8", + "type": "visualization", "updated_at": "2019-01-17T07:51:30.288Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -350,9 +350,9 @@ } } }, - "title": "Top URL Domain [SIEM Zeek] ECS", + "title": "Top URL Domain [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -360,7 +360,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -376,7 +376,7 @@ "size": 8 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -390,16 +390,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top URL Domain [SIEM Zeek] ECS", - "winlog.api": "pie" + "title": "Top URL Domain [SIEM Zeek]", + "type": "pie" } }, - "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "visualization", + "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8", + "type": "visualization", "updated_at": "2019-01-17T07:53:10.300Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -414,9 +414,9 @@ } } }, - "title": "Top SSL Server [SIEM Zeek] ECS", + "title": "Top SSL Server [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -424,7 +424,7 @@ "id": "1", "params": {}, "schema": "metric", - "winlog.api": "count" + "type": "count" }, { "enabled": true, @@ -440,7 +440,7 @@ "size": 8 }, "schema": "segment", - "winlog.api": "terms" + "type": "terms" } ], "params": { @@ -454,16 +454,16 @@ "values": true }, "legendPosition": "right", - "winlog.api": "pie" + "type": "pie" }, - "title": "Top SSL Server [SIEM Zeek] ECS", - "winlog.api": "pie" + "title": "Top SSL Server [SIEM Zeek]", + "type": "pie" } }, - "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "visualization", + "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8", + "type": "visualization", "updated_at": "2019-01-17T07:54:11.067Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -477,9 +477,9 @@ } } }, - "title": "Time Series Count [SIEM Zeek] ECS", + "title": "Time Series Count [SIEM Zeek]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -520,7 +520,7 @@ "metrics": [ { "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "count" + "type": "count" } ], "point_size": 1, @@ -532,16 +532,16 @@ "show_grid": 1, "show_legend": 0, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Time Series Count [SIEM Zeek] ECS", - "winlog.api": "metrics" + "title": "Time Series Count [SIEM Zeek]", + "type": "metrics" } }, - "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", - "winlog.api": "visualization", + "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25", + "type": "visualization", "updated_at": "2019-01-17T07:56:26.486Z", - "winlog.version": 74 + "version": 74 }, { "attributes": { @@ -577,10 +577,10 @@ "x": 0, "y": 0 }, - "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", + "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8", "panelIndex": "1", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": { @@ -595,10 +595,10 @@ "x": 0, "y": 18 }, - "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", + "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8", "panelIndex": "2", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": { @@ -613,10 +613,10 @@ "x": 16, "y": 18 }, - "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", + "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": { @@ -631,10 +631,10 @@ "x": 33, "y": 18 }, - "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", + "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8", "panelIndex": "4", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -645,10 +645,10 @@ "x": 0, "y": 28 }, - "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", + "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -659,10 +659,10 @@ "x": 16, "y": 28 }, - "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", + "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8", "panelIndex": "6", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -673,10 +673,10 @@ "x": 33, "y": 28 }, - "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", + "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8", "panelIndex": "7", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" }, { "embeddableConfig": {}, @@ -687,21 +687,21 @@ "x": 0, "y": 39 }, - "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", + "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "6.5.4" + "type": "visualization", + "version": "6.5.4" } ], "timeRestore": false, - "title": "Zeek Overview Dashboard [SIEM] ECS", - "winlog.version": 1 + "title": "Zeek Overview Dashboard [SIEM]", + "version": 1 }, - "id": "87b0c430-1a2d-11e9-84b1-a12c578fa9e8-ecs", - "winlog.api": "dashboard", + "id": "87b0c430-1a2d-11e9-84b1-a12c578fa9e8", + "type": "dashboard", "updated_at": "2019-01-17T07:57:50.613Z", - "winlog.version": 2 + "version": 2 } ], - "winlog.version": "6.5.4" + "version": "6.5.4" } \ No newline at end of file diff --git a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json index 8ac0b5488bb7..28396b84e0dc 100644 --- a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json +++ b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json @@ -12,9 +12,9 @@ } } }, - "title": "AWS EC2 DiskIO Write Bytes ECS", + "title": "AWS EC2 DiskIO Write Bytes", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -44,13 +44,13 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 DiskIO Write Bytes ECS", + "label": "AWS EC2 DiskIO Write Bytes", "line_width": 1, "metrics": [ { "field": "aws.ec2.diskio.write.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -68,16 +68,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "AWS EC2 DiskIO Write Bytes ECS", - "winlog.api": "metrics" + "title": "AWS EC2 DiskIO Write Bytes", + "type": "metrics" } }, - "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", - "winlog.api": "visualization", + "id": "fed59380-f7f8-11e8-af03-c999c9dea608", + "type": "visualization", "updated_at": "2018-12-04T19:15:43.416Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -91,9 +91,9 @@ } } }, - "title": "AWS EC2 Status Check Failed ECS", + "title": "AWS EC2 Status Check Failed", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -135,7 +135,7 @@ { "field": "aws.ec2.status.check_failed", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "sum" + "type": "sum" } ], "point_size": 1, @@ -149,16 +149,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "metric" + "type": "metric" }, - "title": "AWS EC2 Status Check Failed ECS", - "winlog.api": "metrics" + "title": "AWS EC2 Status Check Failed", + "type": "metrics" } }, - "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", - "winlog.api": "visualization", + "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608", + "type": "visualization", "updated_at": "2018-12-04T19:13:01.875Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -172,9 +172,9 @@ } } }, - "title": "AWS EC2 Network In Bytes ECS", + "title": "AWS EC2 Network In Bytes", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -204,13 +204,13 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 Network In Bytes ECS", + "label": "AWS EC2 Network In Bytes", "line_width": 1, "metrics": [ { "field": "aws.ec2.network.in.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -228,16 +228,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "AWS EC2 Network In Bytes ECS", - "winlog.api": "metrics" + "title": "AWS EC2 Network In Bytes", + "type": "metrics" } }, - "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", - "winlog.api": "visualization", + "id": "15818fd0-f7f9-11e8-af03-c999c9dea608", + "type": "visualization", "updated_at": "2018-12-04T19:16:21.453Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -251,9 +251,9 @@ } } }, - "title": "AWS EC2 Network Out Bytes ECS", + "title": "AWS EC2 Network Out Bytes", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -283,13 +283,13 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 Network Out Bytes ECS", + "label": "AWS EC2 Network Out Bytes", "line_width": 1, "metrics": [ { "field": "aws.ec2.network.out.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -307,16 +307,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "AWS EC2 Network Out Bytes ECS", - "winlog.api": "metrics" + "title": "AWS EC2 Network Out Bytes", + "type": "metrics" } }, - "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", - "winlog.api": "visualization", + "id": "233b3400-f7f9-11e8-af03-c999c9dea608", + "type": "visualization", "updated_at": "2018-12-04T19:16:44.480Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -330,9 +330,9 @@ } } }, - "title": "AWS EC2 DiskIO Read Bytes ECS", + "title": "AWS EC2 DiskIO Read Bytes", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -362,13 +362,13 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 DiskIO Read Bytes ECS", + "label": "AWS EC2 DiskIO Read Bytes", "line_width": 1, "metrics": [ { "field": "aws.ec2.diskio.read.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -386,16 +386,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "AWS EC2 DiskIO Read Bytes ECS", - "winlog.api": "metrics" + "title": "AWS EC2 DiskIO Read Bytes", + "type": "metrics" } }, - "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", - "winlog.api": "visualization", + "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608", + "type": "visualization", "updated_at": "2018-12-04T19:15:21.644Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -409,9 +409,9 @@ } } }, - "title": "AWS EC2 CPU Utilization ECS", + "title": "AWS EC2 CPU Utilization", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -441,13 +441,13 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 CPU Utilization ECS", + "label": "AWS EC2 CPU Utilization", "line_width": 1, "metrics": [ { "field": "aws.ec2.cpu.total.pct", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -465,16 +465,16 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "AWS EC2 CPU Utilization ECS", - "winlog.api": "metrics" + "title": "AWS EC2 CPU Utilization", + "type": "metrics" } }, - "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", - "winlog.api": "visualization", + "id": "be8828d0-f7f6-11e8-af03-c999c9dea608", + "type": "visualization", "updated_at": "2018-12-04T19:14:42.745Z", - "winlog.version": 4 + "version": 4 }, { "attributes": { @@ -504,10 +504,10 @@ "x": 24, "y": 15 }, - "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", + "id": "fed59380-f7f8-11e8-af03-c999c9dea608", "panelIndex": "3", - "winlog.api": "visualization", - "winlog.version": "6.5.0" + "type": "visualization", + "version": "6.5.0" }, { "embeddableConfig": {}, @@ -518,10 +518,10 @@ "x": 36, "y": 0 }, - "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", + "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608", "panelIndex": "5", - "winlog.api": "visualization", - "winlog.version": "6.5.0" + "type": "visualization", + "version": "6.5.0" }, { "embeddableConfig": {}, @@ -532,10 +532,10 @@ "x": 0, "y": 30 }, - "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", + "id": "15818fd0-f7f9-11e8-af03-c999c9dea608", "panelIndex": "11", - "winlog.api": "visualization", - "winlog.version": "6.5.0" + "type": "visualization", + "version": "6.5.0" }, { "embeddableConfig": {}, @@ -546,10 +546,10 @@ "x": 24, "y": 30 }, - "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", + "id": "233b3400-f7f9-11e8-af03-c999c9dea608", "panelIndex": "12", - "winlog.api": "visualization", - "winlog.version": "6.5.0" + "type": "visualization", + "version": "6.5.0" }, { "embeddableConfig": {}, @@ -560,10 +560,10 @@ "x": 0, "y": 15 }, - "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", + "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608", "panelIndex": "15", - "winlog.api": "visualization", - "winlog.version": "6.5.0" + "type": "visualization", + "version": "6.5.0" }, { "embeddableConfig": {}, @@ -574,21 +574,21 @@ "x": 0, "y": 0 }, - "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", + "id": "be8828d0-f7f6-11e8-af03-c999c9dea608", "panelIndex": "17", - "winlog.api": "visualization", - "winlog.version": "6.5.0" + "type": "visualization", + "version": "6.5.0" } ], "timeRestore": false, - "title": "[Metricbeat AWS] EC2 Overview ECS", - "winlog.version": 1 + "title": "[Metricbeat AWS] EC2 Overview", + "version": 1 }, - "id": "c5846400-f7fb-11e8-af03-c999c9dea608-ecs", - "winlog.api": "dashboard", + "id": "c5846400-f7fb-11e8-af03-c999c9dea608", + "type": "dashboard", "updated_at": "2018-12-04T19:35:35.744Z", - "winlog.version": 1 + "version": 1 } ], - "winlog.version": "6.5.0" + "version": "6.5.0" } diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json index e35562ea2e7a..b7aa409efc69 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json @@ -13,13 +13,13 @@ } } }, - "title": "User Connections [Metricbeat MSSQL] ECS", + "title": "User Connections [Metricbeat MSSQL]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -30,7 +30,7 @@ "field": "mssql.performance.user_connections" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -46,7 +46,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -62,12 +62,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -89,12 +89,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -108,25 +108,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "User Connections [Metricbeat MSSQL] ECS", - "winlog.api": "line" + "title": "User Connections [Metricbeat MSSQL]", + "type": "line" } }, - "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", - "winlog.api": "visualization", + "id": "7784db10-18ba-11e9-9836-f37dedd3b411", + "type": "visualization", "updated_at": "2019-01-22T13:04:43.827Z", - "winlog.version": 8 + "version": 8 }, { "attributes": { @@ -141,13 +141,13 @@ } } }, - "title": "Transactions [Metricbeat MSSQL] ECS", + "title": "Transactions [Metricbeat MSSQL]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -158,7 +158,7 @@ "field": "mssql.performance.transactions" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -174,7 +174,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -190,12 +190,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -217,12 +217,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -236,25 +236,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Transactions [Metricbeat MSSQL] ECS", - "winlog.api": "line" + "title": "Transactions [Metricbeat MSSQL]", + "type": "line" } }, - "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", - "winlog.api": "visualization", + "id": "910f3f30-18ba-11e9-9836-f37dedd3b411", + "type": "visualization", "updated_at": "2019-01-22T13:04:34.757Z", - "winlog.version": 8 + "version": 8 }, { "attributes": { @@ -269,13 +269,13 @@ } } }, - "title": "Lock Waits/sec [Metricbeat MSSQL] ECS", + "title": "Lock Waits/sec [Metricbeat MSSQL]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -286,7 +286,7 @@ "field": "mssql.performance.lock_waits_per_sec" }, "schema": "metric", - "winlog.api": "avg" + "type": "avg" }, { "enabled": true, @@ -302,7 +302,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -318,12 +318,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -345,12 +345,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -364,25 +364,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Lock Waits/sec [Metricbeat MSSQL] ECS", - "winlog.api": "line" + "title": "Lock Waits/sec [Metricbeat MSSQL]", + "type": "line" } }, - "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", - "winlog.api": "visualization", + "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411", + "type": "visualization", "updated_at": "2019-01-22T13:04:24.139Z", - "winlog.version": 7 + "version": 7 }, { "attributes": { @@ -397,9 +397,9 @@ } } }, - "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", + "title": "Batch Requests/sec [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -414,12 +414,12 @@ "field": "mssql.performance.batch_requests_per_sec" }, "schema": "metricAgg", - "winlog.api": "avg" + "type": "avg" }, "metricAgg": "custom" }, "schema": "metric", - "winlog.api": "derivative" + "type": "derivative" }, { "enabled": true, @@ -435,7 +435,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -451,12 +451,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -478,12 +478,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -497,25 +497,25 @@ "position": "left", "scale": { "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", - "winlog.api": "line" + "title": "Batch Requests/sec [Metricbeat MSSQL]", + "type": "line" } }, - "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", - "winlog.api": "visualization", + "id": "b29a2160-18ba-11e9-9836-f37dedd3b411", + "type": "visualization", "updated_at": "2019-01-22T13:03:10.853Z", - "winlog.version": 9 + "version": 9 }, { "attributes": { @@ -530,13 +530,13 @@ } } }, - "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL] ECS", + "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL]", "uiStateJSON": { "vis": { "legendOpen": false } }, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [ { @@ -549,7 +549,7 @@ ] }, "schema": "metric", - "winlog.api": "median" + "type": "median" }, { "enabled": true, @@ -565,7 +565,7 @@ "useNormalizedEsInterval": true }, "schema": "segment", - "winlog.api": "date_histogram" + "type": "date_histogram" } ], "params": { @@ -581,12 +581,12 @@ }, "position": "bottom", "scale": { - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": {}, - "winlog.api": "category" + "type": "category" } ], "grid": { @@ -608,12 +608,12 @@ "mode": "normal", "show": "true", "showCircles": true, - "winlog.api": "line", + "type": "line", "valueAxis": "ValueAxis-1" } ], "times": [], - "winlog.api": "line", + "type": "line", "valueAxes": [ { "id": "ValueAxis-1", @@ -628,25 +628,25 @@ "scale": { "defaultYExtents": false, "mode": "normal", - "winlog.api": "linear" + "type": "linear" }, "show": true, "style": {}, "title": { "text": "" }, - "winlog.api": "value" + "type": "value" } ] }, - "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL] ECS", - "winlog.api": "line" + "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL]", + "type": "line" } }, - "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", - "winlog.api": "visualization", + "id": "2e795230-1b2a-11e9-8b36-136038bb307a", + "type": "visualization", "updated_at": "2019-01-22T13:04:16.184Z", - "winlog.version": 8 + "version": 8 }, { "attributes": { @@ -680,11 +680,11 @@ "x": 0, "y": 0 }, - "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", + "id": "7784db10-18ba-11e9-9836-f37dedd3b411", "panelIndex": "1", "title": "User Connections", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": { @@ -699,11 +699,11 @@ "x": 16, "y": 15 }, - "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", + "id": "910f3f30-18ba-11e9-9836-f37dedd3b411", "panelIndex": "2", "title": "Transactions", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": { @@ -718,11 +718,11 @@ "x": 32, "y": 0 }, - "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", + "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411", "panelIndex": "3", "title": "Lock Waits/sec", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": { @@ -737,11 +737,11 @@ "x": 16, "y": 0 }, - "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", + "id": "b29a2160-18ba-11e9-9836-f37dedd3b411", "panelIndex": "4", "title": "Batch Requests/sec", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -752,22 +752,22 @@ "x": 0, "y": 15 }, - "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", + "id": "2e795230-1b2a-11e9-8b36-136038bb307a", "panelIndex": "5", "title": "Buffer Cache Hit Ratio", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" } ], "timeRestore": false, - "title": "[Metricbeat MSSQL] Performance ECS", - "winlog.version": 1 + "title": "[Metricbeat MSSQL] Performance", + "version": 1 }, - "id": "a2ead240-18bb-11e9-9836-f37dedd3b411-ecs", - "winlog.api": "dashboard", + "id": "a2ead240-18bb-11e9-9836-f37dedd3b411", + "type": "dashboard", "updated_at": "2019-01-22T12:55:59.857Z", - "winlog.version": 11 + "version": 11 } ], - "winlog.version": "7.0.0-alpha2" + "version": "7.0.0-alpha2" } \ No newline at end of file diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json index 8f5aa65cf4ce..8573af8504e3 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json @@ -12,9 +12,9 @@ } } }, - "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", + "title": "Recovery size of transaction log [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -38,7 +38,7 @@ { "field": "mssql.transaction_log.stats.recovery_size.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -57,19 +57,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", - "winlog.api": "metrics" + "title": "Recovery size of transaction log [Metricbeat MSSQL]", + "type": "metrics" } }, - "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -83,9 +83,9 @@ } } }, - "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", + "title": "Transaction log size since last checkpoint [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -109,7 +109,7 @@ { "field": "mssql.transaction_log.stats.since_last_checkpoint.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -122,19 +122,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", - "winlog.api": "metrics" + "title": "Transaction log size since last checkpoint [Metricbeat MSSQL]", + "type": "metrics" } }, - "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", + "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -148,9 +148,9 @@ } } }, - "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", + "title": "Percentage of used space of transaction log [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -174,7 +174,7 @@ { "field": "mssql.transaction_log.space_usage.used.pct", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -187,19 +187,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", - "winlog.api": "metrics" + "title": "Percentage of used space of transaction log [Metricbeat MSSQL]", + "type": "metrics" } }, - "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -213,9 +213,9 @@ } } }, - "title": "Log space size since last backup [Metricbeat MSSQL] ECS", + "title": "Log space size since last backup [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -239,7 +239,7 @@ { "field": "mssql.transaction_log.space_usage.since_last_backup.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -252,19 +252,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Log space size since last backup [Metricbeat MSSQL] ECS", - "winlog.api": "metrics" + "title": "Log space size since last backup [Metricbeat MSSQL]", + "type": "metrics" } }, - "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", + "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -278,9 +278,9 @@ } } }, - "title": "Active size of transaction log [Metricbeat MSSQL] ECS", + "title": "Active size of transaction log [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -304,7 +304,7 @@ { "field": "mssql.transaction_log.stats.active_size.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -317,19 +317,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Active size of transaction log [Metricbeat MSSQL] ECS", - "winlog.api": "metrics" + "title": "Active size of transaction log [Metricbeat MSSQL]", + "type": "metrics" } }, - "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -343,9 +343,9 @@ } } }, - "title": "Used space of transaction log [Metricbeat MSSQL] ECS", + "title": "Used space of transaction log [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -369,7 +369,7 @@ { "field": "mssql.transaction_log.space_usage.used.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -382,19 +382,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Used space of transaction log [Metricbeat MSSQL] ECS", - "winlog.api": "metrics" + "title": "Used space of transaction log [Metricbeat MSSQL]", + "type": "metrics" } }, - "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -408,9 +408,9 @@ } } }, - "title": "Total log space usage [Metricbeat MSSQL] ECS", + "title": "Total log space usage [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -434,7 +434,7 @@ { "field": "mssql.transaction_log.space_usage.total.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", - "winlog.api": "avg" + "type": "avg" } ], "point_size": 1, @@ -447,19 +447,19 @@ "show_grid": 1, "show_legend": 1, "time_field": "@timestamp", - "winlog.api": "timeseries" + "type": "timeseries" }, - "title": "Total log space usage [Metricbeat MSSQL] ECS", - "winlog.api": "metrics" + "title": "Total log space usage [Metricbeat MSSQL]", + "type": "metrics" } }, - "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", + "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:13:18.406Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -473,9 +473,9 @@ } } }, - "title": "Database selector [Metricbeat MSSQL] ECS", + "title": "Database selector [Metricbeat MSSQL]", "uiStateJSON": {}, - "winlog.version": 1, + "version": 1, "visState": { "aggs": [], "params": { @@ -490,27 +490,27 @@ "multiselect": true, "order": "desc", "size": 5, - "winlog.api": "terms" + "type": "terms" }, "parent": "", - "winlog.api": "list" + "type": "list" } ], "pinFilters": false, "updateFiltersOnChange": false, "useTimeFilter": false }, - "title": "Database selector [Metricbeat MSSQL] ECS", - "winlog.api": "input_control_vis" + "title": "Database selector [Metricbeat MSSQL]", + "type": "input_control_vis" } }, - "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", + "id": "82bf9480-260b-11e9-a46a-471d2a76b305", "migrationVersion": { "visualization": "7.0.0" }, - "winlog.api": "visualization", + "type": "visualization", "updated_at": "2019-02-01T10:24:09.159Z", - "winlog.version": 1 + "version": 1 }, { "attributes": { @@ -540,11 +540,11 @@ "x": 0, "y": 12 }, - "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b", "panelIndex": "1", "title": "Recovery size of transaction log", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -555,11 +555,11 @@ "x": 24, "y": 24 }, - "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", + "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b", "panelIndex": "2", "title": "Transaction log size since last checkpoint", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -570,11 +570,11 @@ "x": 30, "y": 0 }, - "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b", "panelIndex": "3", "title": "Percentage of used space of transaction log", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -585,11 +585,11 @@ "x": 0, "y": 37 }, - "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", + "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b", "panelIndex": "4", "title": "Log space size since last backup", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -600,11 +600,11 @@ "x": 0, "y": 24 }, - "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b", "panelIndex": "5", "title": "Active size of transaction log", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -615,11 +615,11 @@ "x": 24, "y": 12 }, - "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", + "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b", "panelIndex": "6", "title": "Used space of transaction log", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -630,11 +630,11 @@ "x": 12, "y": 0 }, - "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", + "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b", "panelIndex": "7", "title": "Total log space usage", - "winlog.api": "visualization", - "winlog.version": "7.0.0-alpha2" + "type": "visualization", + "version": "7.0.0-alpha2" }, { "embeddableConfig": {}, @@ -645,21 +645,21 @@ "x": 0, "y": 0 }, - "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", + "id": "82bf9480-260b-11e9-a46a-471d2a76b305", "panelIndex": "8", - "winlog.api": "visualization", - "winlog.version": "7.0.0-SNAPSHOT" + "type": "visualization", + "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Metricbeat MSSQL] Transaction log ECS", - "winlog.version": 1 + "title": "[Metricbeat MSSQL] Transaction log", + "version": 1 }, - "id": "18d66970-1fb4-11e9-8a4d-eb34d2834f6b-ecs", - "winlog.api": "dashboard", + "id": "18d66970-1fb4-11e9-8a4d-eb34d2834f6b", + "type": "dashboard", "updated_at": "2019-02-01T10:39:36.585Z", - "winlog.version": 3 + "version": 3 } ], - "winlog.version": "7.0.0-SNAPSHOT" + "version": "7.0.0-SNAPSHOT" } \ No newline at end of file From 65909a46a15591f49a00447c201d66ff43be2634 Mon Sep 17 00:00:00 2001 From: beats-jenkins Date: Tue, 5 Feb 2019 22:02:11 +0100 Subject: [PATCH 6/6] checkout field changes --- .../auditbeat-kernel-executions.json | 44 ++-- .../dashboard/auditbeat-kernel-overview.json | 30 +-- .../7/dashboard/auditbeat-kernel-sockets.json | 72 +++---- .../7/dashboard/auditbeat-file-integrity.json | 122 +++++------ dev-tools/ecs-migration.yml | 2 + .../kibana/7/dashboard/Filebeat-apache.json | 114 +++++----- .../kibana/7/dashboard/Filebeat-auditd.json | 68 +++--- .../dashboard/Filebeat-haproxy-overview.json | 42 ++-- .../dashboard/Filebeat-icinga-debug-log.json | 44 ++-- .../7/dashboard/Filebeat-icinga-main-log.json | 44 ++-- .../Filebeat-icinga-startup-errors.json | 30 +-- .../kibana/7/dashboard/Filebeat-iis.json | 66 +++--- .../7/dashboard/Filebeat-Kafka-overview.json | 50 ++--- .../7/dashboard/Filebeat-logstash-log.json | 46 ++-- .../dashboard/Filebeat-logstash-slowlog.json | 66 +++--- .../dashboard/Filebeat-Mongodb-overview.json | 48 ++--- .../kibana/7/dashboard/Filebeat-mysql.json | 84 ++++---- .../7/dashboard/Filebeat-nginx-logs.json | 62 +++--- .../7/dashboard/Filebeat-nginx-overview.json | 118 +++++------ ...nginx-access-remote-ip-count-explorer.json | 64 +++--- .../ml-nginx-remote-ip-url-explorer.json | 66 +++--- .../7/dashboard/osquery-compliance.json | 64 +++--- .../kibana/7/dashboard/osquery-rootkit.json | 56 ++--- .../Filebeat-Postgresql-overview.json | 50 ++--- .../Filebeat-Postgresql-slowlogs.json | 34 +-- .../kibana/7/dashboard/Filebeat-redis.json | 66 +++--- .../filebeat-santa-log-overview.json | 66 +++--- .../Filebeat-auth-sudo-commands.json | 46 ++-- .../Filebeat-new-users-and-groups.json | 92 ++++---- .../Filebeat-ssh-login-attempts.json | 74 +++---- .../kibana/7/dashboard/Filebeat-syslog.json | 58 ++--- .../dashboard/Filebeat-traefik-overview.json | 74 +++---- ...aefik-access-remote-ip-count-explorer.json | 68 +++--- .../ml-traefik-remote-ip-url-explorer.json | 68 +++--- .../7/dashboard/Journalbeat-overview.json | 22 +- .../dashboard/Metricbeat-apache-overview.json | 80 +++---- .../dashboard/Metricbeat-docker-overview.json | 98 ++++----- .../dashboard/Metricbeat-golang-overview.json | 52 ++--- .../dashboard/Metricbeat-haproxy-backend.json | 16 +- .../Metricbeat-haproxy-frontend.json | 8 +- .../Metricbeat-haproxy-http-backend.json | 20 +- .../Metricbeat-haproxy-http-frontend.json | 10 +- .../Metricbeat-haproxy-http-server.json | 16 +- .../Metricbeat-haproxy-overview.json | 12 +- .../Metricbeat-haproxy-visualizations.json | 98 ++++----- .../dashboard/Metricbeat-kafka-overview.json | 76 +++---- .../Metricbeat-kubernetes-apiserver.json | 28 +-- .../Metricbeat-kubernetes-overview.json | 134 ++++++------ .../Metricbeat-mongodb-overview.json | 96 ++++----- .../dashboard/Metricbeat-mysql-overview.json | 60 +++--- .../7/dashboard/Metricbeat-nats-overview.json | 100 ++++----- .../dashboard/metricbeat-nginx-overview.json | 44 ++-- .../Metricbeat-rabbitmq-overview.json | 50 ++--- .../7/dashboard/Metricbeat-redis-keys.json | 44 ++-- .../dashboard/Metricbeat-redis-overview.json | 92 ++++---- .../Metricbeat-containers-overview.json | 44 ++-- .../7/dashboard/Metricbeat-host-overview.json | 200 +++++++++--------- .../dashboard/Metricbeat-system-overview.json | 98 ++++----- .../dashboard/Metricbeat-uwsgi-overview.json | 42 ++-- .../dashboard/metricbeat-windows-service.json | 66 +++--- .../Metricbeat-zookeeper-overview.json | 44 ++-- .../7/dashboard/Packetbeat-cassandra.json | 114 +++++----- .../kibana/7/dashboard/Packetbeat-dhcpv4.json | 68 +++--- .../7/dashboard/Packetbeat-dns-overview.json | 78 +++---- .../7/dashboard/Packetbeat-dns-tunneling.json | 46 ++-- .../kibana/7/dashboard/Packetbeat-flows.json | 58 ++--- .../kibana/7/dashboard/Packetbeat-http.json | 74 +++---- .../7/dashboard/Packetbeat-mongodb.json | 96 ++++----- .../kibana/7/dashboard/Packetbeat-mysql.json | 92 ++++---- .../kibana/7/dashboard/Packetbeat-nfs.json | 114 +++++----- .../7/dashboard/Packetbeat-overview.json | 130 ++++++------ .../kibana/7/dashboard/Packetbeat-pgsql.json | 92 ++++---- .../kibana/7/dashboard/Packetbeat-thrift.json | 80 +++---- .../kibana/7/dashboard/Packetbeat-tls.json | 156 +++++++------- script/kibana-migration.py | 6 +- .../7/dashboard/Winlogbeat-overview.json | 42 ++-- .../auditbeat-system-host-dashboard.json | 60 +++--- .../auditbeat-system-login-dashboard.json | 68 +++--- .../auditbeat-system-overview-dashboard.json | 148 ++++++------- .../auditbeat-system-package-dashboard.json | 68 +++--- .../auditbeat-system-process-dashboard.json | 76 +++---- .../auditbeat-system-socket-dashboard.json | 92 ++++---- .../auditbeat-system-user-dashboard.json | 68 +++--- .../dashboard/Filebeat-Iptables-Overview.json | 80 +++---- ...t-Iptables-Ubiquiti-Firewall-Overview.json | 78 +++---- .../Filebeat-Suricata-Alert-Overview.json | 70 +++--- .../dashboard/Filebeat-Suricata-Overview.json | 86 ++++---- .../7/dashboard/Filebeat-Zeek-Overview.json | 68 +++--- .../Metricbeat-aws-ec2-overview.json | 62 +++--- .../Metricbeat-mssql-performance.json | 44 ++-- .../Metricbeat-mssql-transaction_log.json | 68 +++--- 91 files changed, 3065 insertions(+), 3065 deletions(-) diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json index 9cb989fb0cea..6fe85f307d86 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-executions.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16", - "title": "Error Codes [Auditbeat Auditd Executions]", + "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", + "title": "Error Codes [Auditbeat Auditd Executions] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -46,11 +46,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Error Codes [Auditbeat Auditd Executions]", + "title": "Error Codes [Auditbeat Auditd Executions] ECS", "type": "pie" } }, - "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16", + "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:10:23.921Z", "version": 4 @@ -68,7 +68,7 @@ } } }, - "title": "Primary Username Tag Cloud [Auditbeat Auditd]", + "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -99,11 +99,11 @@ "orientation": "single", "scale": "linear" }, - "title": "Primary Username Tag Cloud [Auditbeat Auditd]", + "title": "Primary Username Tag Cloud [Auditbeat Auditd] ECS", "type": "tagcloud" } }, - "id": "f81a6de0-c1c1-11e7-8995-936807a28b16", + "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:12:18.730Z", "version": 3 @@ -120,8 +120,8 @@ } } }, - "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16", - "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions]", + "savedSearchId": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", + "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -137,7 +137,7 @@ "enabled": true, "id": "2", "params": { - "field": "process.exe", + "field": "process.executable", "order": "desc", "orderBy": "1", "size": 10 @@ -152,11 +152,11 @@ "orientation": "single", "scale": "linear" }, - "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions]", + "title": "Exe Name Tag Cloud [Auditbeat Auditd Executions] ECS", "type": "tagcloud" } }, - "id": "2efac370-c1ca-11e7-8995-936807a28b16", + "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:57:41.411Z", "version": 4 @@ -164,11 +164,11 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "process.args", "auditd.summary.actor.primary", "auditd.summary.actor.secondary", - "process.exe" + "process.executable" ], "description": "", "hits": 0, @@ -241,10 +241,10 @@ "@timestamp", "desc" ], - "title": "Process Executions [Auditbeat Auditd]", + "title": "Process Executions [Auditbeat Auditd] ECS", "version": 1 }, - "id": "d382f5b0-c1c6-11e7-8995-936807a28b16", + "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", "type": "search", "updated_at": "2018-01-16T22:26:35.050Z", "version": 5 @@ -277,7 +277,7 @@ "x": 4, "y": 0 }, - "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16", + "id": "20a8e8d0-c1c8-11e7-8995-936807a28b16-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -290,7 +290,7 @@ "x": 8, "y": 0 }, - "id": "f81a6de0-c1c1-11e7-8995-936807a28b16", + "id": "f81a6de0-c1c1-11e7-8995-936807a28b16-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -303,7 +303,7 @@ "x": 0, "y": 0 }, - "id": "2efac370-c1ca-11e7-8995-936807a28b16", + "id": "2efac370-c1ca-11e7-8995-936807a28b16-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" @@ -316,17 +316,17 @@ "x": 0, "y": 3 }, - "id": "d382f5b0-c1c6-11e7-8995-936807a28b16", + "id": "d382f5b0-c1c6-11e7-8995-936807a28b16-ecs", "panelIndex": "6", "type": "search", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Executions", + "title": "[Auditbeat Auditd] Executions ECS", "version": 1 }, - "id": "7de391b0-c1ca-11e7-8995-936807a28b16", + "id": "7de391b0-c1ca-11e7-8995-936807a28b16-ecs", "type": "dashboard", "updated_at": "2018-01-16T22:58:11.243Z", "version": 5 diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json index d487e8b8f9ab..fcad7083c3f2 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Event Actions [Auditbeat Auditd Overview]", + "title": "Event Actions [Auditbeat Auditd Overview] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -65,11 +65,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Event Actions [Auditbeat Auditd Overview]", + "title": "Event Actions [Auditbeat Auditd Overview] ECS", "type": "metrics" } }, - "id": "97680df0-c1c0-11e7-8995-936807a28b16", + "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", "type": "visualization", "updated_at": "2018-01-16T22:11:01.438Z", "version": 3 @@ -87,8 +87,8 @@ } } }, - "savedSearchId": "0f10c430-c1c3-11e7-8995-936807a28b16", - "title": "Event Categories [Auditbeat Auditd]", + "savedSearchId": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", + "title": "Event Categories [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -134,11 +134,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Event Categories [Auditbeat Auditd]", + "title": "Event Categories [Auditbeat Auditd] ECS", "type": "pie" } }, - "id": "08679220-c25a-11e7-8692-232bd1143e8a", + "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:54:10.330Z", "version": 4 @@ -146,7 +146,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.actor.primary", "auditd.summary.actor.secondary", "event.action", @@ -201,10 +201,10 @@ "@timestamp", "desc" ], - "title": "Audit Event Table [Auditbeat Auditd]", + "title": "Audit Event Table [Auditbeat Auditd] ECS", "version": 1 }, - "id": "0f10c430-c1c3-11e7-8995-936807a28b16", + "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", "type": "search", "updated_at": "2018-01-16T22:51:24.572Z", "version": 4 @@ -237,7 +237,7 @@ "x": 0, "y": 0 }, - "id": "97680df0-c1c0-11e7-8995-936807a28b16", + "id": "97680df0-c1c0-11e7-8995-936807a28b16-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -250,7 +250,7 @@ "x": 7, "y": 0 }, - "id": "08679220-c25a-11e7-8692-232bd1143e8a", + "id": "08679220-c25a-11e7-8692-232bd1143e8a-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -263,17 +263,17 @@ "x": 0, "y": 3 }, - "id": "0f10c430-c1c3-11e7-8995-936807a28b16", + "id": "0f10c430-c1c3-11e7-8995-936807a28b16-ecs", "panelIndex": "5", "type": "search", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Overview", + "title": "[Auditbeat Auditd] Overview ECS", "version": 1 }, - "id": "c0ac2c00-c1c0-11e7-8995-936807a28b16", + "id": "c0ac2c00-c1c0-11e7-8995-936807a28b16-ecs", "type": "dashboard", "updated_at": "2018-01-16T22:55:17.775Z", "version": 5 diff --git a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json index 7ef3d93453b3..5df146f04137 100644 --- a/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json +++ b/auditbeat/module/auditd/_meta/kibana/7/dashboard/auditbeat-kernel-sockets.json @@ -40,8 +40,8 @@ } } }, - "savedSearchId": "b4c93470-c240-11e7-8692-232bd1143e8a", - "title": "Bind (non-ephemeral) [Auditbeat Auditd]", + "savedSearchId": "b4c93470-c240-11e7-8692-232bd1143e8a-ecs", + "title": "Bind (non-ephemeral) [Auditbeat Auditd] ECS", "uiStateJSON": { "vis": { "params": { @@ -113,11 +113,11 @@ }, "totalFunc": "sum" }, - "title": "Bind (non-ephemeral) [Auditbeat Auditd]", + "title": "Bind (non-ephemeral) [Auditbeat Auditd] ECS", "type": "table" } }, - "id": "faf882f0-c242-11e7-8692-232bd1143e8a", + "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:08:02.522Z", "version": 3 @@ -134,8 +134,8 @@ } } }, - "savedSearchId": "5438b030-c246-11e7-8692-232bd1143e8a", - "title": "Connect [Auditbeat Auditd]", + "savedSearchId": "5438b030-c246-11e7-8692-232bd1143e8a-ecs", + "title": "Connect [Auditbeat Auditd] ECS", "uiStateJSON": { "vis": { "params": { @@ -161,7 +161,7 @@ "id": "2", "params": { "customLabel": "Exe", - "field": "process.exe", + "field": "process.executable", "order": "desc", "orderBy": "1", "size": 50 @@ -207,11 +207,11 @@ }, "totalFunc": "sum" }, - "title": "Connect [Auditbeat Auditd]", + "title": "Connect [Auditbeat Auditd] ECS", "type": "table" } }, - "id": "ea483730-c246-11e7-8692-232bd1143e8a", + "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T23:24:16.851Z", "version": 4 @@ -228,8 +228,8 @@ } } }, - "savedSearchId": "e8734160-c24c-11e7-8692-232bd1143e8a", - "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd]", + "savedSearchId": "e8734160-c24c-11e7-8692-232bd1143e8a-ecs", + "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd] ECS", "uiStateJSON": { "spy": { "mode": { @@ -264,7 +264,7 @@ "id": "2", "params": { "customLabel": "Exe", - "field": "process.exe", + "field": "process.executable", "order": "desc", "orderBy": "1", "size": 50 @@ -297,11 +297,11 @@ }, "totalFunc": "sum" }, - "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd]", + "title": "Accept / Recvfrom Unique Address Table [Auditbeat Auditd] ECS", "type": "table" } }, - "id": "ceb91de0-c250-11e7-8692-232bd1143e8a", + "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:16:51.535Z", "version": 5 @@ -312,7 +312,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Socket Syscalls Time Series [Auditbeat Auditd]", + "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -371,11 +371,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Socket Syscalls Time Series [Auditbeat Auditd]", + "title": "Socket Syscalls Time Series [Auditbeat Auditd] ECS", "type": "metrics" } }, - "id": "b21e0c70-c252-11e7-8692-232bd1143e8a", + "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:13:38.857Z", "version": 3 @@ -393,7 +393,7 @@ } } }, - "title": "Socket Families [Auditbeat Auditd]", + "title": "Socket Families [Auditbeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -439,11 +439,11 @@ "legendPosition": "left", "type": "pie" }, - "title": "Socket Families [Auditbeat Auditd]", + "title": "Socket Families [Auditbeat Auditd] ECS", "type": "pie" } }, - "id": "a8e20450-c256-11e7-8692-232bd1143e8a", + "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", "type": "visualization", "updated_at": "2018-01-16T22:12:51.655Z", "version": 3 @@ -451,7 +451,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -555,10 +555,10 @@ "@timestamp", "desc" ], - "title": "Socket Binds [Auditbeat Auditd]", + "title": "Socket Binds [Auditbeat Auditd] ECS", "version": 1 }, - "id": "b4c93470-c240-11e7-8692-232bd1143e8a", + "id": "b4c93470-c240-11e7-8692-232bd1143e8a-ecs", "type": "search", "updated_at": "2018-01-16T23:05:58.935Z", "version": 5 @@ -566,7 +566,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -662,10 +662,10 @@ "@timestamp", "desc" ], - "title": "Socket Connects [Auditbeat Auditd]", + "title": "Socket Connects [Auditbeat Auditd] ECS", "version": 1 }, - "id": "5438b030-c246-11e7-8692-232bd1143e8a", + "id": "5438b030-c246-11e7-8692-232bd1143e8a-ecs", "type": "search", "updated_at": "2018-01-16T23:09:43.937Z", "version": 5 @@ -673,7 +673,7 @@ { "attributes": { "columns": [ - "beat.hostname", + "agent.hostname", "auditd.summary.how", "auditd.summary.object.primary", "auditd.summary.object.secondary", @@ -792,10 +792,10 @@ "@timestamp", "desc" ], - "title": "Socket Accept / Recvfrom [Auditbeat Auditd]", + "title": "Socket Accept / Recvfrom [Auditbeat Auditd] ECS", "version": 1 }, - "id": "e8734160-c24c-11e7-8692-232bd1143e8a", + "id": "e8734160-c24c-11e7-8692-232bd1143e8a-ecs", "type": "search", "updated_at": "2018-01-16T23:20:51.403Z", "version": 4 @@ -838,7 +838,7 @@ "x": 6, "y": 3 }, - "id": "faf882f0-c242-11e7-8692-232bd1143e8a", + "id": "faf882f0-c242-11e7-8692-232bd1143e8a-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -861,7 +861,7 @@ "x": 0, "y": 7 }, - "id": "ea483730-c246-11e7-8692-232bd1143e8a", + "id": "ea483730-c246-11e7-8692-232bd1143e8a-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -884,7 +884,7 @@ "x": 6, "y": 7 }, - "id": "ceb91de0-c250-11e7-8692-232bd1143e8a", + "id": "ceb91de0-c250-11e7-8692-232bd1143e8a-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -897,7 +897,7 @@ "x": 0, "y": 0 }, - "id": "b21e0c70-c252-11e7-8692-232bd1143e8a", + "id": "b21e0c70-c252-11e7-8692-232bd1143e8a-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -910,17 +910,17 @@ "x": 0, "y": 3 }, - "id": "a8e20450-c256-11e7-8692-232bd1143e8a", + "id": "a8e20450-c256-11e7-8692-232bd1143e8a-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Auditbeat Auditd] Sockets", + "title": "[Auditbeat Auditd] Sockets ECS", "version": 1 }, - "id": "693a5f40-c243-11e7-8692-232bd1143e8a", + "id": "693a5f40-c243-11e7-8692-232bd1143e8a-ecs", "type": "dashboard", "updated_at": "2018-01-16T23:24:37.521Z", "version": 4 diff --git a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json index 3b98803d0573..3031ed319413 100644 --- a/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json +++ b/auditbeat/module/file_integrity/_meta/kibana/7/dashboard/auditbeat-file-integrity.json @@ -19,8 +19,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Actions [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Actions [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -97,11 +97,11 @@ }, "type": "gauge" }, - "title": "Actions [Auditbeat File Integrity]", + "title": "Actions [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tVcg6g1PYniApZa-v", + "id": "AV0tVcg6g1PYniApZa-v-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -125,8 +125,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Events Over Time [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Events Over Time [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -236,11 +236,11 @@ } ] }, - "title": "Events Over Time [Auditbeat File Integrity]", + "title": "Events Over Time [Auditbeat File Integrity] ECS", "type": "histogram" } }, - "id": "AV0tV05vg1PYniApZbA2", + "id": "AV0tV05vg1PYniApZbA2-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -264,8 +264,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top owners [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top owners [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -298,11 +298,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top owners [Auditbeat File Integrity]", + "title": "Top owners [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tWL-Yg1PYniApZbCs", + "id": "AV0tWL-Yg1PYniApZbCs-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -326,8 +326,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top groups [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top groups [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -360,11 +360,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top groups [Auditbeat File Integrity]", + "title": "Top groups [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tWSdXg1PYniApZbDU", + "id": "AV0tWSdXg1PYniApZbDU-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -388,8 +388,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top updated [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top updated [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -422,11 +422,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top updated [Auditbeat File Integrity]", + "title": "Top updated [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tW0djg1PYniApZbGL", + "id": "AV0tW0djg1PYniApZbGL-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -444,8 +444,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "World Writable File Count [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "World Writable File Count [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -496,11 +496,11 @@ }, "type": "metric" }, - "title": "World Writable File Count [Auditbeat File Integrity]", + "title": "World Writable File Count [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tY6jwg1PYniApZbRY", + "id": "AV0tY6jwg1PYniApZbRY-ecs", "type": "visualization", "updated_at": "2018-01-22T17:48:29.232Z", "version": 7 @@ -545,8 +545,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Most changed file by count [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Most changed file by count [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -622,11 +622,11 @@ }, "type": "gauge" }, - "title": "Most changed file by count [Auditbeat File Integrity]", + "title": "Most changed file by count [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tav8Ag1PYniApZbbK", + "id": "AV0tav8Ag1PYniApZbbK-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -650,8 +650,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Most common mode by count [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Most common mode by count [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -727,11 +727,11 @@ }, "type": "gauge" }, - "title": "Most common mode by count [Auditbeat File Integrity]", + "title": "Most common mode by count [Auditbeat File Integrity] ECS", "type": "metric" } }, - "id": "AV0tbcUdg1PYniApZbe1", + "id": "AV0tbcUdg1PYniApZbe1-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -755,8 +755,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "File Event Summary By Host [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "File Event Summary By Host [Auditbeat File Integrity] ECS", "uiStateJSON": { "vis": { "params": { @@ -784,7 +784,7 @@ "id": "2", "params": { "customLabel": "Host", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "1", "size": 50 @@ -818,11 +818,11 @@ }, "totalFunc": "sum" }, - "title": "File Event Summary By Host [Auditbeat File Integrity]", + "title": "File Event Summary By Host [Auditbeat File Integrity] ECS", "type": "table" } }, - "id": "AV0tc_xZg1PYniApZbnL", + "id": "AV0tc_xZg1PYniApZbnL-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -846,8 +846,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top deleted [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top deleted [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -880,11 +880,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top deleted [Auditbeat File Integrity]", + "title": "Top deleted [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0tes4Eg1PYniApZbwV", + "id": "AV0tes4Eg1PYniApZbwV-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -908,8 +908,8 @@ } } }, - "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b", - "title": "Top created [Auditbeat File Integrity]", + "savedSearchId": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", + "title": "Top created [Auditbeat File Integrity] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -942,11 +942,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top created [Auditbeat File Integrity]", + "title": "Top created [Auditbeat File Integrity] ECS", "type": "pie" } }, - "id": "AV0te0TCg1PYniApZbw9", + "id": "AV0te0TCg1PYniApZbw9-ecs", "type": "visualization", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -1002,10 +1002,10 @@ "@timestamp", "desc" ], - "title": "File Integrity Events [Auditbeat File Integrity]", + "title": "File Integrity Events [Auditbeat File Integrity] ECS", "version": 1 }, - "id": "a380a060-cb44-11e7-9835-2f31fe08873b", + "id": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "type": "search", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 @@ -1043,7 +1043,7 @@ "x": 0, "y": 0 }, - "id": "AV0tVcg6g1PYniApZa-v", + "id": "AV0tVcg6g1PYniApZa-v-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -1056,7 +1056,7 @@ "x": 2, "y": 0 }, - "id": "AV0tV05vg1PYniApZbA2", + "id": "AV0tV05vg1PYniApZbA2-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -1069,7 +1069,7 @@ "x": 9, "y": 0 }, - "id": "AV0tWL-Yg1PYniApZbCs", + "id": "AV0tWL-Yg1PYniApZbCs-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -1082,7 +1082,7 @@ "x": 9, "y": 3 }, - "id": "AV0tWSdXg1PYniApZbDU", + "id": "AV0tWSdXg1PYniApZbDU-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -1095,7 +1095,7 @@ "x": 4, "y": 8 }, - "id": "AV0tW0djg1PYniApZbGL", + "id": "AV0tW0djg1PYniApZbGL-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" @@ -1108,7 +1108,7 @@ "x": 0, "y": 6 }, - "id": "AV0tY6jwg1PYniApZbRY", + "id": "AV0tY6jwg1PYniApZbRY-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.4" @@ -1121,7 +1121,7 @@ "x": 4, "y": 6 }, - "id": "AV0tav8Ag1PYniApZbbK", + "id": "AV0tav8Ag1PYniApZbbK-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.4" @@ -1134,7 +1134,7 @@ "x": 8, "y": 6 }, - "id": "AV0tbcUdg1PYniApZbe1", + "id": "AV0tbcUdg1PYniApZbe1-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.4" @@ -1147,7 +1147,7 @@ "x": 0, "y": 11 }, - "id": "AV0tc_xZg1PYniApZbnL", + "id": "AV0tc_xZg1PYniApZbnL-ecs", "panelIndex": "9", "type": "visualization", "version": "6.2.4" @@ -1160,7 +1160,7 @@ "x": 8, "y": 8 }, - "id": "AV0tes4Eg1PYniApZbwV", + "id": "AV0tes4Eg1PYniApZbwV-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.4" @@ -1173,7 +1173,7 @@ "x": 0, "y": 8 }, - "id": "AV0te0TCg1PYniApZbw9", + "id": "AV0te0TCg1PYniApZbw9-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.4" @@ -1190,7 +1190,7 @@ "x": 6, "y": 11 }, - "id": "a380a060-cb44-11e7-9835-2f31fe08873b", + "id": "a380a060-cb44-11e7-9835-2f31fe08873b-ecs", "panelIndex": "12", "sort": [ "@timestamp", @@ -1201,10 +1201,10 @@ } ], "timeRestore": false, - "title": "[Auditbeat File Integrity] Overview", + "title": "[Auditbeat File Integrity] Overview ECS", "version": 1 }, - "id": "AV0tXkjYg1PYniApZbKP", + "id": "AV0tXkjYg1PYniApZbKP-ecs", "type": "dashboard", "updated_at": "2018-01-22T15:54:25.278Z", "version": 6 diff --git a/dev-tools/ecs-migration.yml b/dev-tools/ecs-migration.yml index 6ccf763ba38d..269fda832c43 100644 --- a/dev-tools/ecs-migration.yml +++ b/dev-tools/ecs-migration.yml @@ -2104,6 +2104,7 @@ to: winlog.api alias: true beat: winlogbeat + rename: false - from: log_name to: winlog.channel @@ -2196,3 +2197,4 @@ to: winlog.version alias: true beat: winlogbeat + rename: false diff --git a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json index 5e7a927cf3d7..565551631cda 100644 --- a/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json +++ b/filebeat/module/apache/_meta/kibana/7/dashboard/Filebeat-apache.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Unique IPs map [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Unique IPs map [Filebeat Apache] ECS", "uiStateJSON": { "mapCenter": [ 14.944784875088372, @@ -23,7 +23,7 @@ "enabled": true, "id": "1", "params": { - "field": "apache2.access.remote_ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -33,7 +33,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "apache2.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -68,11 +68,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Apache access unique IPs map", + "title": "Apache access unique IPs map ECS", "type": "tile_map" } }, - "id": "Apache-access-unique-IPs-map", + "id": "Apache-access-unique-IPs-map-ecs", "type": "visualization", "version": 1 }, @@ -84,8 +84,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Top URLs by response code [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Top URLs by response code [Filebeat Apache] ECS", "uiStateJSON": { "vis": { "colors": { @@ -109,7 +109,7 @@ "id": "3", "params": { "customLabel": "URL", - "field": "apache2.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "row": false, @@ -122,7 +122,7 @@ "enabled": true, "id": "2", "params": { - "field": "apache2.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -139,11 +139,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Apache response codes of top URLs", + "title": "Apache response codes of top URLs ECS", "type": "pie" } }, - "id": "Apache-response-codes-of-top-URLs", + "id": "Apache-response-codes-of-top-URLs-ecs", "type": "visualization", "version": 1 }, @@ -155,8 +155,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Browsers breakdown [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Browsers breakdown [Filebeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -165,7 +165,7 @@ "enabled": true, "id": "1", "params": { - "field": "apache2.access.remote_ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -174,7 +174,7 @@ "enabled": true, "id": "2", "params": { - "field": "apache2.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -203,11 +203,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Apache browsers", + "title": "Apache browsers ECS", "type": "pie" } }, - "id": "Apache-browsers", + "id": "Apache-browsers-ecs", "type": "visualization", "version": 1 }, @@ -219,8 +219,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Operating systems breakdown [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Operating systems breakdown [Filebeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -229,7 +229,7 @@ "enabled": true, "id": "1", "params": { - "field": "apache2.access.remote_ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -238,7 +238,7 @@ "enabled": true, "id": "2", "params": { - "field": "apache2.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 @@ -267,11 +267,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Apache operating systems", + "title": "Apache operating systems ECS", "type": "pie" } }, - "id": "Apache-operating-systems", + "id": "Apache-operating-systems-ecs", "type": "visualization", "version": 1 }, @@ -283,8 +283,8 @@ "filter": [] } }, - "savedSearchId": "Apache-errors-log", - "title": "Error logs over time [Filebeat Apache]", + "savedSearchId": "Apache-errors-log-ecs", + "title": "Error logs over time [Filebeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -313,7 +313,7 @@ "enabled": true, "id": "3", "params": { - "field": "apache2.error.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -336,11 +336,11 @@ "times": [], "yAxis": {} }, - "title": "Apache error logs over time", + "title": "Apache error logs over time ECS", "type": "histogram" } }, - "id": "Apache-error-logs-over-time", + "id": "Apache-error-logs-over-time-ecs", "type": "visualization", "version": 1 }, @@ -352,8 +352,8 @@ "filter": [] } }, - "savedSearchId": "Apache-access-logs", - "title": "Response codes over time [Filebeat Apache]", + "savedSearchId": "Apache-access-logs-ecs", + "title": "Response codes over time [Filebeat Apache] ECS", "uiStateJSON": { "vis": { "colors": { @@ -389,7 +389,7 @@ "enabled": true, "id": "3", "params": { - "field": "apache2.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -412,21 +412,21 @@ "times": [], "yAxis": {} }, - "title": "Apache response codes over time", + "title": "Apache response codes over time ECS", "type": "histogram" } }, - "id": "Apache-response-codes-over-time", + "id": "Apache-response-codes-over-time-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "apache2.error.client", - "apache2.error.level", + "source.address", + "log.level", "apache2.error.module", - "apache2.error.message" + "message" ], "description": "", "hits": 0, @@ -459,20 +459,20 @@ "@timestamp", "desc" ], - "title": "Apache errors log [Filebeat Apache]", + "title": "Apache errors log [Filebeat Apache] ECS", "version": 1 }, - "id": "Apache-errors-log", + "id": "Apache-errors-log-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "apache2.access.remote_ip", - "apache2.access.method", - "apache2.access.url", - "apache2.access.response_code" + "source.address", + "http.request.method", + "url.original", + "http.response.status_code" ], "description": "", "hits": 0, @@ -505,10 +505,10 @@ "@timestamp", "desc" ], - "title": "Apache access logs [Filebeat Apache]", + "title": "Apache access logs [Filebeat Apache] ECS", "version": 1 }, - "id": "Apache-access-logs", + "id": "Apache-access-logs-ecs", "type": "search", "version": 1 }, @@ -538,7 +538,7 @@ "panelsJSON": [ { "col": 1, - "id": "Apache-access-unique-IPs-map", + "id": "Apache-access-unique-IPs-map-ecs", "panelIndex": 1, "row": 1, "size_x": 12, @@ -547,7 +547,7 @@ }, { "col": 1, - "id": "Apache-response-codes-of-top-URLs", + "id": "Apache-response-codes-of-top-URLs-ecs", "panelIndex": 2, "row": 6, "size_x": 8, @@ -556,7 +556,7 @@ }, { "col": 9, - "id": "Apache-browsers", + "id": "Apache-browsers-ecs", "panelIndex": 3, "row": 6, "size_x": 4, @@ -565,7 +565,7 @@ }, { "col": 11, - "id": "Apache-operating-systems", + "id": "Apache-operating-systems-ecs", "panelIndex": 4, "row": 4, "size_x": 2, @@ -574,7 +574,7 @@ }, { "col": 1, - "id": "Apache-error-logs-over-time", + "id": "Apache-error-logs-over-time-ecs", "panelIndex": 5, "row": 9, "size_x": 12, @@ -583,7 +583,7 @@ }, { "col": 1, - "id": "Apache-response-codes-over-time", + "id": "Apache-response-codes-over-time-ecs", "panelIndex": 6, "row": 4, "size_x": 10, @@ -593,12 +593,12 @@ { "col": 1, "columns": [ - "apache2.error.client", - "apache2.error.level", + "source.address", + "log.level", "apache2.error.module", - "apache2.error.message" + "message" ], - "id": "Apache-errors-log", + "id": "Apache-errors-log-ecs", "panelIndex": 7, "row": 11, "size_x": 12, @@ -611,7 +611,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Apache] Access and error logs", + "title": "[Filebeat Apache] Access and error logs ECS", "uiStateJSON": { "P-1": { "mapBounds": { @@ -644,7 +644,7 @@ }, "version": 1 }, - "id": "Filebeat-Apache-Dashboard", + "id": "Filebeat-Apache-Dashboard-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json index 3f9450803885..4c8e9d8111c3 100644 --- a/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json +++ b/filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.json @@ -15,7 +15,7 @@ } } }, - "title": "Event types breakdown [Filebeat Auditd]", + "title": "Event types breakdown [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -31,7 +31,7 @@ "enabled": true, "id": "2", "params": { - "field": "auditd.log.record_type", + "field": "event.action", "order": "desc", "orderBy": "1", "size": 50 @@ -47,11 +47,11 @@ "isDonut": true, "legendPosition": "right" }, - "title": "Audit Event Types", + "title": "Audit Event Types ECS", "type": "pie" } }, - "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858", + "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858-ecs", "type": "visualization", "version": 2 }, @@ -65,12 +65,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "auditd.log.record_type:EXECVE" + "query": "event.action:EXECVE" } } } }, - "title": "Top Exec Commands [Filebeat Auditd]", + "title": "Top Exec Commands [Filebeat Auditd] ECS", "uiStateJSON": { "vis": { "params": { @@ -117,11 +117,11 @@ }, "totalFunc": "sum" }, - "title": "Audit Top Exec Commands", + "title": "Audit Top Exec Commands ECS", "type": "table" } }, - "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858", + "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858-ecs", "type": "visualization", "version": 2 }, @@ -131,20 +131,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Event Results [Filebeat Auditd]", + "title": "Event Results [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { - "expression": ".es(q=\"event.dataset:auditd.log NOT auditd.log.res:failure\").label(\"Success\"), .es(q=\"auditd.log.res:failed\").label(\"Failure\").title(\"Audit Event Results\")", + "expression": ".es(q=\"event.dataset:auditd.log NOT event.outcome:failure\").label(\"Success\"), .es(q=\"event.outcome:failed\").label(\"Failure\").title(\"Audit Event Results\")", "interval": "auto" }, - "title": "Event Results [Filebeat Auditd]", + "title": "Event Results [Filebeat Auditd] ECS", "type": "timelion" } }, - "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7", + "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7-ecs", "type": "visualization", "version": 2 }, @@ -163,7 +163,7 @@ } } }, - "title": "Event Address Geo Location [Filebeat Auditd]", + "title": "Event Address Geo Location [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -180,7 +180,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "auditd.log.geoip.location", + "field": "source.geo.location", "precision": 2 }, "schema": "segment", @@ -216,11 +216,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Audit Event Address Geo Location", + "title": "Audit Event Address Geo Location ECS", "type": "tile_map" } }, - "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27", + "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27-ecs", "type": "visualization", "version": 2 }, @@ -239,7 +239,7 @@ } } }, - "title": "Event Account Tag Cloud [Filebeat Auditd]", + "title": "Event Account Tag Cloud [Filebeat Auditd] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -255,7 +255,7 @@ "enabled": true, "id": "2", "params": { - "field": "auditd.log.acct", + "field": "user.name", "order": "desc", "orderBy": "1", "size": 15 @@ -272,20 +272,20 @@ "orientation": "single", "scale": "linear" }, - "title": "Audit Event Account Tag Cloud", + "title": "Audit Event Account Tag Cloud ECS", "type": "tagcloud" } }, - "id": "c5411910-0a87-11e7-8b04-eb22a5669f27", + "id": "c5411910-0a87-11e7-8b04-eb22a5669f27-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "auditd.log.record_type", + "event.action", "auditd.log.sequence", - "auditd.log.acct" + "user.name" ], "description": "", "hits": 0, @@ -307,10 +307,10 @@ "@timestamp", "desc" ], - "title": "Audit Events [Filebeat Auditd]", + "title": "Audit Events [Filebeat Auditd] ECS", "version": 1 }, - "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27", + "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27-ecs", "type": "search", "version": 2 }, @@ -340,7 +340,7 @@ "panelsJSON": [ { "col": 1, - "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858", + "id": "6295bdd0-0a0e-11e7-825f-6748cda7d858-ecs", "panelIndex": 1, "row": 1, "size_x": 4, @@ -349,7 +349,7 @@ }, { "col": 9, - "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858", + "id": "5ebdbe50-0a0f-11e7-825f-6748cda7d858-ecs", "panelIndex": 2, "row": 1, "size_x": 4, @@ -358,7 +358,7 @@ }, { "col": 1, - "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7", + "id": "2bb0fa70-0a11-11e7-9e84-43da493ad0c7-ecs", "panelIndex": 3, "row": 5, "size_x": 6, @@ -367,7 +367,7 @@ }, { "col": 7, - "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27", + "id": "d1726930-0a7f-11e7-8b04-eb22a5669f27-ecs", "panelIndex": 5, "row": 5, "size_x": 6, @@ -376,7 +376,7 @@ }, { "col": 5, - "id": "c5411910-0a87-11e7-8b04-eb22a5669f27", + "id": "c5411910-0a87-11e7-8b04-eb22a5669f27-ecs", "panelIndex": 6, "row": 1, "size_x": 4, @@ -386,11 +386,11 @@ { "col": 1, "columns": [ - "auditd.log.record_type", + "event.action", "auditd.log.sequence", - "auditd.log.acct" + "user.name" ], - "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27", + "id": "4ac0a370-0a11-11e7-8b04-eb22a5669f27-ecs", "panelIndex": 7, "row": 8, "size_x": 12, @@ -403,7 +403,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Auditd] Audit Events", + "title": "[Filebeat Auditd] Audit Events ECS", "uiStateJSON": { "P-2": { "vis": { @@ -442,7 +442,7 @@ }, "version": 1 }, - "id": "dfbb49f0-0a0f-11e7-8a62-2d05eaaac5cb", + "id": "dfbb49f0-0a0f-11e7-8a62-2d05eaaac5cb-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json index 03014c0e8cb8..bb605e9a680b 100644 --- a/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json +++ b/filebeat/module/haproxy/_meta/kibana/7/dashboard/Filebeat-haproxy-overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Backend breakdown [Filebeat HAProxy]", + "title": "Backend breakdown [Filebeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -55,11 +55,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Backend breakdown [Filebeat HAProxy]", + "title": "Backend breakdown [Filebeat HAProxy] ECS", "type": "pie" } }, - "id": "55251360-aa32-11e8-9c06-877f0445e3e0", + "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -77,7 +77,7 @@ } } }, - "title": "Frontend breakdown [Filebeat HAProxy]", + "title": "Frontend breakdown [Filebeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -119,11 +119,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Frontend breakdown [Filebeat HAProxy]", + "title": "Frontend breakdown [Filebeat HAProxy] ECS", "type": "pie" } }, - "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0", + "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -141,7 +141,7 @@ } } }, - "title": "IP Geohashes [Filebeat HAProxy]", + "title": "IP Geohashes [Filebeat HAProxy] ECS", "uiStateJSON": { "mapCenter": [ 14.944784875088372, @@ -155,7 +155,7 @@ "enabled": true, "id": "1", "params": { - "field": "haproxy.client.ip" + "field": "source.address" }, "schema": "metric", "type": "cardinality" @@ -165,7 +165,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "haproxy.geoip.location", + "field": "source.geo.location", "isFilteredByCollar": true, "precision": 2, "useGeocentroid": true @@ -202,11 +202,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "IP Geohashes [Filebeat HAProxy]", + "title": "IP Geohashes [Filebeat HAProxy] ECS", "type": "tile_map" } }, - "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0", + "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -224,7 +224,7 @@ } } }, - "title": "Response codes over time [Filebeat HAProxy]", + "title": "Response codes over time [Filebeat HAProxy] ECS", "uiStateJSON": { "vis": { "colors": { @@ -263,7 +263,7 @@ "enabled": true, "id": "3", "params": { - "field": "haproxy.http.response.status_code", + "field": "http.response.status_code", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -344,11 +344,11 @@ } ] }, - "title": "Response codes over time [Filebeat HAProxy]", + "title": "Response codes over time [Filebeat HAProxy] ECS", "type": "histogram" } }, - "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0", + "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", "type": "visualization", "updated_at": "2018-12-06T11:35:36.721Z", "version": 2 @@ -381,7 +381,7 @@ "x": 0, "y": 0 }, - "id": "55251360-aa32-11e8-9c06-877f0445e3e0", + "id": "55251360-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "1", "type": "visualization", "version": "6.5.2" @@ -395,7 +395,7 @@ "x": 24, "y": 0 }, - "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0", + "id": "7fb671f0-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "2", "type": "visualization", "version": "6.5.2" @@ -409,7 +409,7 @@ "x": 0, "y": 15 }, - "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0", + "id": "11f8b9c0-aa32-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "3", "type": "visualization", "version": "6.5.2" @@ -423,17 +423,17 @@ "x": 24, "y": 15 }, - "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0", + "id": "68af8ef0-aa33-11e8-9c06-877f0445e3e0-ecs", "panelIndex": "4", "type": "visualization", "version": "6.5.2" } ], "timeRestore": false, - "title": "[Filebeat HAProxy] Overview", + "title": "[Filebeat HAProxy] Overview ECS", "version": 1 }, - "id": "3560d580-aa34-11e8-9c06-877f0445e3e0", + "id": "3560d580-aa34-11e8-9c06-877f0445e3e0-ecs", "type": "dashboard", "updated_at": "2018-12-06T11:40:40.204Z", "version": 6 diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json index edfb29ec3e4d..cb05cb4f74ef 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-debug-log.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", - "title": "Debuglog Facility [Filebeat Icinga]", + "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", + "title": "Debuglog Facility [Filebeat Icinga] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -59,11 +59,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Debuglog Facility", + "title": "Icinga Debuglog Facility ECS", "type": "histogram" } }, - "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff", + "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -75,8 +75,8 @@ "filter": [] } }, - "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", - "title": "Debuglog Severity [Filebeat Icinga]", + "savedSearchId": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", + "title": "Debuglog Severity [Filebeat Icinga] ECS", "uiStateJSON": { "vis": { "colors": { @@ -114,7 +114,7 @@ "enabled": true, "id": "3", "params": { - "field": "icinga.debug.severity", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -135,11 +135,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Debuglog Severity", + "title": "Icinga Debuglog Severity ECS", "type": "histogram" } }, - "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff", + "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -147,8 +147,8 @@ "attributes": { "columns": [ "icinga.debug.facility", - "icinga.debug.severity", - "icinga.debug.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -163,7 +163,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "icinga", @@ -174,7 +174,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "icinga", "type": "phrase" } @@ -221,10 +221,10 @@ "@timestamp", "desc" ], - "title": "Debug Log [Filebeat Icinga]", + "title": "Debug Log [Filebeat Icinga] ECS", "version": 1 }, - "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", + "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", "type": "search", "version": 2 }, @@ -254,7 +254,7 @@ "panelsJSON": [ { "col": 1, - "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff", + "id": "0bc34b60-2419-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -263,7 +263,7 @@ }, { "col": 7, - "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff", + "id": "fb09d4b0-2418-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -274,10 +274,10 @@ "col": 1, "columns": [ "icinga.debug.facility", - "icinga.debug.severity", - "icinga.debug.message" + "log.level", + "message" ], - "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff", + "id": "c876e6a0-2418-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -290,11 +290,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Icinga] Debug Log", + "title": "[Filebeat Icinga] Debug Log ECS", "uiStateJSON": {}, "version": 1 }, - "id": "26309570-2419-11e7-a83b-d5f4cebac9ff", + "id": "26309570-2419-11e7-a83b-d5f4cebac9ff-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json index 4587a45f4e51..835c015de580 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-main-log.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", - "title": "Mainlog Severity [Filebeat Icinga]", + "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", + "title": "Mainlog Severity [Filebeat Icinga] ECS", "uiStateJSON": { "vis": { "colors": { @@ -45,7 +45,7 @@ "enabled": true, "id": "3", "params": { - "field": "icinga.main.severity", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -66,11 +66,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Mainlog Severity", + "title": "Icinga Mainlog Severity ECS", "type": "histogram" } }, - "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff", + "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -78,8 +78,8 @@ "attributes": { "columns": [ "icinga.main.facility", - "icinga.main.severity", - "icinga.main.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -94,7 +94,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "icinga", @@ -105,7 +105,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "icinga", "type": "phrase" } @@ -152,10 +152,10 @@ "@timestamp", "desc" ], - "title": "Main Log [Filebeat Icinga]", + "title": "Main Log [Filebeat Icinga] ECS", "version": 1 }, - "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", + "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", "type": "search", "version": 2 }, @@ -167,8 +167,8 @@ "filter": [] } }, - "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", - "title": "Mainlog Facility [Filebeat Icinga]", + "savedSearchId": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", + "title": "Mainlog Facility [Filebeat Icinga] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -218,11 +218,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Mainlog Facility", + "title": "Icinga Mainlog Facility ECS", "type": "histogram" } }, - "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff", + "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -252,7 +252,7 @@ "panelsJSON": [ { "col": 7, - "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff", + "id": "d8e5dc40-2417-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -263,10 +263,10 @@ "col": 1, "columns": [ "icinga.main.facility", - "icinga.main.severity", - "icinga.main.message" + "log.level", + "message" ], - "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f", + "id": "ffaf5a30-2413-11e7-a0d9-39604d45ca7f-ecs", "panelIndex": 2, "row": 4, "size_x": 12, @@ -279,7 +279,7 @@ }, { "col": 1, - "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff", + "id": "2cf77780-2418-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -288,11 +288,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Icinga] Main Log", + "title": "[Filebeat Icinga] Main Log ECS", "uiStateJSON": {}, "version": 1 }, - "id": "f693d260-2417-11e7-a83b-d5f4cebac9ff", + "id": "f693d260-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json index 055946e7775e..5a4799e70374 100644 --- a/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json +++ b/filebeat/module/icinga/_meta/kibana/7/dashboard/Filebeat-icinga-startup-errors.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "710043e0-2417-11e7-a83b-d5f4cebac9ff", - "title": "Startup Errors [Filebeat Icinga]", + "savedSearchId": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", + "title": "Startup Errors [Filebeat Icinga] ECS", "uiStateJSON": { "vis": { "colors": { @@ -53,11 +53,11 @@ "setYExtents": false, "times": [] }, - "title": "Icinga Startup Errors", + "title": "Icinga Startup Errors ECS", "type": "histogram" } }, - "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff", + "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "visualization", "version": 2 }, @@ -65,8 +65,8 @@ "attributes": { "columns": [ "icinga.startup.facility", - "icinga.startup.severity", - "icinga.startup.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -80,7 +80,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "icinga.startup.severity:critical" + "query": "log.level:critical" } } }, @@ -91,10 +91,10 @@ "@timestamp", "desc" ], - "title": "Startup Errors [Filebeat Icinga]", + "title": "Startup Errors [Filebeat Icinga] ECS", "version": 1 }, - "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff", + "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "search", "version": 2 }, @@ -124,7 +124,7 @@ "panelsJSON": [ { "col": 1, - "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff", + "id": "a59b5e00-2417-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 1, "row": 1, "size_x": 12, @@ -135,10 +135,10 @@ "col": 1, "columns": [ "icinga.startup.facility", - "icinga.startup.severity", - "icinga.startup.message" + "log.level", + "message" ], - "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff", + "id": "710043e0-2417-11e7-a83b-d5f4cebac9ff-ecs", "panelIndex": 2, "row": 3, "size_x": 12, @@ -151,11 +151,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Icinga] Startup Errors", + "title": "[Filebeat Icinga] Startup Errors ECS", "uiStateJSON": {}, "version": 1 }, - "id": "b9163ea0-2417-11e7-a83b-d5f4cebac9ff", + "id": "b9163ea0-2417-11e7-a83b-d5f4cebac9ff-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json index 8dc20c5c266f..ef507875a556 100644 --- a/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json +++ b/filebeat/module/iis/_meta/kibana/7/dashboard/Filebeat-iis.json @@ -13,7 +13,7 @@ } } }, - "title": "Access map [Filebeat IIS]", + "title": "Access map [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -30,7 +30,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "iis.access.geoip.location", + "field": "source.geo.location", "isFilteredByCollar": true, "precision": 2, "useGeocentroid": true @@ -58,11 +58,11 @@ } } }, - "title": "Access map [Filebeat IIS]", + "title": "Access map [Filebeat IIS] ECS", "type": "tile_map" } }, - "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f", + "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T18:44:17.162Z", "version": 1 @@ -80,7 +80,7 @@ } } }, - "title": "Response codes over time [Filebeat IIS]", + "title": "Response codes over time [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -109,7 +109,7 @@ "enabled": true, "id": "3", "params": { - "field": "iis.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -186,11 +186,11 @@ } ] }, - "title": "Response codes over time [Filebeat IIS]", + "title": "Response codes over time [Filebeat IIS] ECS", "type": "histogram" } }, - "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f", + "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T19:05:58.905Z", "version": 1 @@ -208,7 +208,7 @@ } } }, - "title": "Browsers breakdown [Filebeat IIS]", + "title": "Browsers breakdown [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -224,7 +224,7 @@ "enabled": true, "id": "2", "params": { - "field": "iis.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -258,11 +258,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Browsers breakdown [Filebeat IIS]", + "title": "Browsers breakdown [Filebeat IIS] ECS", "type": "pie" } }, - "id": "63129c80-fe12-11e7-a3b0-d13028918f9f", + "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T18:47:38.312Z", "version": 1 @@ -280,7 +280,7 @@ } } }, - "title": "Operating systems breakdown [Filebeat IIS]", + "title": "Operating systems breakdown [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -296,7 +296,7 @@ "enabled": true, "id": "2", "params": { - "field": "iis.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 @@ -330,11 +330,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Operating systems breakdown [Filebeat IIS]", + "title": "Operating systems breakdown [Filebeat IIS] ECS", "type": "pie" } }, - "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f", + "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T18:51:54.619Z", "version": 2 @@ -352,7 +352,7 @@ } } }, - "title": "Error logs over time [Filebeat IIS]", + "title": "Error logs over time [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -381,7 +381,7 @@ "enabled": true, "id": "3", "params": { - "field": "iis.error.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -458,11 +458,11 @@ } ] }, - "title": "Error logs over time [Filebeat IIS]", + "title": "Error logs over time [Filebeat IIS] ECS", "type": "histogram" } }, - "id": "41f38230-fe17-11e7-a3b0-d13028918f9f", + "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T19:22:30.227Z", "version": 1 @@ -480,7 +480,7 @@ } } }, - "title": "Top URLs by response code [Filebeat IIS]", + "title": "Top URLs by response code [Filebeat IIS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -497,7 +497,7 @@ "id": "2", "params": { "customLabel": "URL", - "field": "iis.access.url", + "field": "url.path", "order": "desc", "orderBy": "1", "row": false, @@ -510,7 +510,7 @@ "enabled": true, "id": "3", "params": { - "field": "iis.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -532,11 +532,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top URLs by response code [Filebeat IIS]", + "title": "Top URLs by response code [Filebeat IIS] ECS", "type": "pie" } }, - "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f", + "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", "type": "visualization", "updated_at": "2018-01-20T19:58:24.005Z", "version": 2 @@ -570,7 +570,7 @@ "x": 0, "y": 0 }, - "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f", + "id": "eb2db5b0-fe11-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "1", "type": "visualization", "version": "6.1.2" @@ -583,7 +583,7 @@ "x": 0, "y": 3 }, - "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f", + "id": "f31414b0-fe14-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "2", "type": "visualization", "version": "6.1.2" @@ -596,7 +596,7 @@ "x": 0, "y": 9 }, - "id": "63129c80-fe12-11e7-a3b0-d13028918f9f", + "id": "63129c80-fe12-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "4", "type": "visualization", "version": "6.1.2" @@ -609,7 +609,7 @@ "x": 6, "y": 9 }, - "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f", + "id": "ccd3f9c0-fe12-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "5", "type": "visualization", "version": "6.1.2" @@ -622,7 +622,7 @@ "x": 7, "y": 3 }, - "id": "41f38230-fe17-11e7-a3b0-d13028918f9f", + "id": "41f38230-fe17-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "6", "type": "visualization", "version": "6.1.2" @@ -635,18 +635,18 @@ "x": 0, "y": 6 }, - "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f", + "id": "c0d02cd0-fe1b-11e7-a3b0-d13028918f9f-ecs", "panelIndex": "7", "type": "visualization", "version": "6.1.2" } ], "timeRestore": false, - "title": "[Filebeat IIS] Access and error logs", + "title": "[Filebeat IIS] Access and error logs ECS", "uiStateJSON": {}, "version": 1 }, - "id": "4278ad30-fe16-11e7-a3b0-d13028918f9f", + "id": "4278ad30-fe16-11e7-a3b0-d13028918f9f-ecs", "type": "dashboard", "updated_at": "2018-01-20T19:57:50.287Z", "version": 4 diff --git a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json index 2e0746ff9140..6abfc572c162 100644 --- a/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json +++ b/filebeat/module/kafka/_meta/kibana/7/dashboard/Filebeat-Kafka-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Kafka stacktraces", - "title": "Number of stracktraces by class [Filebeat Kafka]", + "savedSearchId": "Kafka stacktraces-ecs", + "title": "Number of stracktraces by class [Filebeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -117,11 +117,11 @@ } ] }, - "title": "Number of Kafka stracktraces by class [Filebeat Kafka]", + "title": "Number of Kafka stracktraces by class [Filebeat Kafka] ECS", "type": "histogram" } }, - "id": "number-of-kafka-stracktraces-by-class", + "id": "number-of-kafka-stracktraces-by-class-ecs", "type": "visualization", "version": 2 }, @@ -150,19 +150,19 @@ "@timestamp", "desc" ], - "title": "Stacktraces [Filebeat Kafka]", + "title": "Stacktraces [Filebeat Kafka] ECS", "version": 1 }, - "id": "Kafka stacktraces", + "id": "Kafka stacktraces-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "kafka.log.level", + "log.level", "kafka.log.component", - "kafka.log.message" + "message" ], "description": "", "hits": 0, @@ -177,7 +177,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "kafka", @@ -188,7 +188,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "kafka", "type": "phrase" } @@ -235,10 +235,10 @@ "@timestamp", "desc" ], - "title": "All logs [Filebeat Kafka]", + "title": "All logs [Filebeat Kafka] ECS", "version": 1 }, - "id": "All Kafka logs", + "id": "All Kafka logs-ecs", "type": "search", "version": 1 }, @@ -250,8 +250,8 @@ "filter": [] } }, - "savedSearchId": "All Kafka logs", - "title": "Log levels over time [Filebeat Kafka]", + "savedSearchId": "All Kafka logs-ecs", + "title": "Log levels over time [Filebeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -281,7 +281,7 @@ "id": "3", "params": { "customLabel": "Log Level", - "field": "kafka.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -360,11 +360,11 @@ } ] }, - "title": "Log levels over time [Filebeat Kafka]", + "title": "Log levels over time [Filebeat Kafka] ECS", "type": "histogram" } }, - "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3", + "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3-ecs", "type": "visualization", "version": 1 }, @@ -389,7 +389,7 @@ "panelsJSON": [ { "col": 1, - "id": "number-of-kafka-stracktraces-by-class", + "id": "number-of-kafka-stracktraces-by-class-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -403,7 +403,7 @@ "kafka.log.trace.class", "kafka.log.trace.full" ], - "id": "Kafka stacktraces", + "id": "Kafka stacktraces-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -417,11 +417,11 @@ { "col": 1, "columns": [ - "kafka.log.level", + "log.level", "kafka.log.component", - "kafka.log.message" + "message" ], - "id": "All Kafka logs", + "id": "All Kafka logs-ecs", "panelIndex": 3, "row": 6, "size_x": 12, @@ -434,7 +434,7 @@ }, { "col": 1, - "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3", + "id": "3f7c33c0-87ee-11e7-ad9c-db80de0bf8d3-ecs", "panelIndex": 4, "row": 4, "size_x": 12, @@ -443,11 +443,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Kafka] Overview", + "title": "[Filebeat Kafka] Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "943caca0-87ee-11e7-ad9c-db80de0bf8d3", + "id": "943caca0-87ee-11e7-ad9c-db80de0bf8d3-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json index a4d815391365..7bae7158ff2e 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-log.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "Logs Severity [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "Logs Severity [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -29,7 +29,7 @@ "enabled": true, "id": "2", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -45,11 +45,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Logs Severity [Filebeat Logstash]", + "title": "Logs Severity [Filebeat Logstash] ECS", "type": "pie" } }, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, @@ -65,8 +65,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "logs over time [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "logs over time [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -95,7 +95,7 @@ "enabled": true, "id": "3", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -172,20 +172,20 @@ } ] }, - "title": "logs over time [Filebeat Logstash]", + "title": "logs over time [Filebeat Logstash] ECS", "type": "histogram" } }, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "logstash.log.level", + "log.level", "logstash.log.module", - "logstash.log.message", + "message", "source" ], "description": "", @@ -201,7 +201,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "logstash", @@ -212,7 +212,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "logstash", "type": "phrase" } @@ -259,10 +259,10 @@ "@timestamp", "desc" ], - "title": "logs [Filebeat Logstash]", + "title": "logs [Filebeat Logstash] ECS", "version": 1 }, - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "search", "version": 1 }, @@ -287,7 +287,7 @@ "panelsJSON": [ { "col": 7, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -296,7 +296,7 @@ }, { "col": 1, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -306,12 +306,12 @@ { "col": 1, "columns": [ - "logstash.log.level", + "log.level", "logstash.log.module", - "logstash.log.message", + "message", "source" ], - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 4, "row": 4, "size_x": 12, @@ -324,11 +324,11 @@ } ], "timeRestore": false, - "title": "Logstash Logs [Filebeat Logstash]", + "title": "Logstash Logs [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1 }, - "id": "Filebeat-Logstash-Log-Dashboard", + "id": "Filebeat-Logstash-Log-Dashboard-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json index c1caa3422c6e..9311f33ad242 100644 --- a/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json +++ b/filebeat/module/logstash/_meta/kibana/7/dashboard/Filebeat-logstash-slowlog.json @@ -3,7 +3,7 @@ { "attributes": { "columns": [ - "logstash.slowlog.level", + "log.level", "logstash.slowlog.plugin_type", "logstash.slowlog.plugin_name", "logstash.slowlog.message", @@ -23,7 +23,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "logstash", @@ -34,7 +34,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "logstash", "type": "phrase" } @@ -78,13 +78,13 @@ } }, "sort": [ - "logstash.slowlog.level", + "log.level", "asc" ], - "title": "Slow logs [Filebeat Logstash]", + "title": "Slow logs [Filebeat Logstash] ECS", "version": 1 }, - "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", + "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", "type": "search", "version": 1 }, @@ -100,8 +100,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "Logs Severity [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "Logs Severity [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -117,7 +117,7 @@ "enabled": true, "id": "2", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -133,11 +133,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Logs Severity [Filebeat Logstash]", + "title": "Logs Severity [Filebeat Logstash] ECS", "type": "pie" } }, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, @@ -153,8 +153,8 @@ } } }, - "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", - "title": "logs over time [Filebeat Logstash]", + "savedSearchId": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", + "title": "logs over time [Filebeat Logstash] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -183,7 +183,7 @@ "enabled": true, "id": "3", "params": { - "field": "logstash.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -260,11 +260,11 @@ } ] }, - "title": "logs over time [Filebeat Logstash]", + "title": "logs over time [Filebeat Logstash] ECS", "type": "histogram" } }, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, @@ -280,8 +280,8 @@ } } }, - "savedSearchId": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", - "title": "Slowest plugins [Filebeat Logstash]", + "savedSearchId": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", + "title": "Slowest plugins [Filebeat Logstash] ECS", "uiStateJSON": { "vis": { "params": { @@ -363,20 +363,20 @@ }, "totalFunc": "sum" }, - "title": "Slowest plugins [Filebeat Logstash]", + "title": "Slowest plugins [Filebeat Logstash] ECS", "type": "table" } }, - "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6", + "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "logstash.log.level", + "log.level", "logstash.log.module", - "logstash.log.message", + "message", "source" ], "description": "", @@ -392,7 +392,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "logstash", @@ -403,7 +403,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "logstash", "type": "phrase" } @@ -450,10 +450,10 @@ "@timestamp", "desc" ], - "title": "logs [Filebeat Logstash]", + "title": "logs [Filebeat Logstash] ECS", "version": 1 }, - "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6", + "id": "cfaba090-cbda-11e7-9852-73e0a9df1bb6-ecs", "type": "search", "version": 1 }, @@ -479,14 +479,14 @@ { "col": 1, "columns": [ - "logstash.slowlog.level", + "log.level", "logstash.slowlog.plugin_type", "logstash.slowlog.plugin_name", "logstash.slowlog.message", "logstash.slowlog.plugin_params", "logstash.slowlog.execution_time_ns" ], - "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6", + "id": "742e45d0-cbdd-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 1, "row": 7, "size_x": 12, @@ -499,7 +499,7 @@ }, { "col": 7, - "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6", + "id": "0b1dace0-cbdb-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -508,7 +508,7 @@ }, { "col": 1, - "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6", + "id": "e90b7240-cbda-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -517,7 +517,7 @@ }, { "col": 1, - "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6", + "id": "b3315630-cbdf-11e7-9852-73e0a9df1bb6-ecs", "panelIndex": 4, "row": 4, "size_x": 12, @@ -526,7 +526,7 @@ } ], "timeRestore": false, - "title": "Slowlogs [Filebeat Logstash]", + "title": "Slowlogs [Filebeat Logstash] ECS", "uiStateJSON": { "P-4": { "vis": { @@ -541,7 +541,7 @@ }, "version": 1 }, - "id": "Filebeat-Logstash-Slowlog-Dashboard", + "id": "Filebeat-Logstash-Slowlog-Dashboard-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json index 418d8576d5d1..bce38f2b3a7b 100644 --- a/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json +++ b/filebeat/module/mongodb/_meta/kibana/7/dashboard/Filebeat-Mongodb-overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", - "title": "Logs Severity [Filebeat MongoDB]", + "savedSearchId": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", + "title": "Logs Severity [Filebeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -30,7 +30,7 @@ "id": "2", "params": { "customLabel": "Log severity", - "field": "mongodb.log.severity", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -46,11 +46,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Logs Severity [Filebeat MongoDB]", + "title": "Logs Severity [Filebeat MongoDB] ECS", "type": "pie" } }, - "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94", + "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94-ecs", "type": "visualization", "version": 3 }, @@ -58,10 +58,10 @@ "attributes": { "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], "description": "", "hits": 0, @@ -72,7 +72,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "mongodb.log.severity: F or mongodb.log.severity: W" + "query": "log.level: F or log.level: W" }, "version": true } @@ -81,10 +81,10 @@ "@timestamp", "desc" ], - "title": "Error logs [Filebeat MongoDB]", + "title": "Error logs [Filebeat MongoDB] ECS", "version": 1 }, - "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94", + "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94-ecs", "type": "search", "version": 3 }, @@ -92,10 +92,10 @@ "attributes": { "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], "description": "", "hits": 0, @@ -106,7 +106,7 @@ "index": "filebeat-*", "query": { "language": "lucene", - "query": "mongodb.log.severity: *" + "query": "log.level: *" }, "version": true } @@ -115,10 +115,10 @@ "mongodb.log.timestamp", "asc" ], - "title": "All logs [Filebeat MongoDB]", + "title": "All logs [Filebeat MongoDB] ECS", "version": 1 }, - "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", + "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", "type": "search", "version": 2 }, @@ -143,7 +143,7 @@ "panelsJSON": [ { "col": 1, - "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94", + "id": "0fef5710-0a82-11e8-bffe-ff7d4f68cf94-ecs", "panelIndex": 1, "row": 1, "size_x": 4, @@ -154,12 +154,12 @@ "col": 5, "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], - "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94", + "id": "e49fe000-0a7e-11e8-bffe-ff7d4f68cf94-ecs", "panelIndex": 2, "row": 1, "size_x": 8, @@ -174,12 +174,12 @@ "col": 1, "columns": [ "mongodb.log.timestamp", - "mongodb.log.severity", + "log.level", "mongodb.log.component", "mongodb.log.context", - "mongodb.log.message" + "message" ], - "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94", + "id": "bfc96a60-0a80-11e8-bffe-ff7d4f68cf94-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -192,11 +192,11 @@ } ], "timeRestore": false, - "title": "Overview [Filebeat MongoDB]", + "title": "Overview [Filebeat MongoDB] ECS", "uiStateJSON": {}, "version": 1 }, - "id": "abcf35b0-0a82-11e8-bffe-ff7d4f68cf94", + "id": "abcf35b0-0a82-11e8-bffe-ff7d4f68cf94-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json index fe4ce23a6045..8ac1322da081 100644 --- a/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json +++ b/filebeat/module/mysql/_meta/kibana/7/dashboard/Filebeat-mysql.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log", - "title": "Top slowest queries [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", + "title": "Top slowest queries [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "params": { @@ -51,7 +51,7 @@ "id": "3", "params": { "customLabel": "User", - "field": "mysql.slowlog.user", + "field": "user.name", "order": "desc", "orderBy": "1", "size": 5 @@ -71,11 +71,11 @@ }, "totalFunc": "sum" }, - "title": "Top slowest queries [Filebeat MySQL]", + "title": "Top slowest queries [Filebeat MySQL] ECS", "type": "table" } }, - "id": "MySQL-slowest-queries", + "id": "MySQL-slowest-queries-ecs", "type": "visualization", "version": 1 }, @@ -87,8 +87,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log", - "title": "Slow queries over time [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", + "title": "Slow queries over time [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -198,11 +198,11 @@ ], "yAxis": {} }, - "title": "Slow queries over time [Filebeat MySQL]", + "title": "Slow queries over time [Filebeat MySQL] ECS", "type": "histogram" } }, - "id": "MySQL-Slow-queries-over-time", + "id": "MySQL-Slow-queries-over-time-ecs", "type": "visualization", "version": 1 }, @@ -214,8 +214,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-error-log", - "title": "Error logs over time [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-error-log-ecs", + "title": "Error logs over time [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -326,19 +326,19 @@ ], "yAxis": {} }, - "title": "Error logs over time [Filebeat MySQL]", + "title": "Error logs over time [Filebeat MySQL] ECS", "type": "histogram" } }, - "id": "MySQL-error-logs", + "id": "MySQL-error-logs-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "mysql.error.level", - "mysql.error.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -353,7 +353,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "mysql", @@ -364,7 +364,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "mysql", "type": "phrase" } @@ -424,10 +424,10 @@ "@timestamp", "desc" ], - "title": "Error logs [Filebeat MySQL]", + "title": "Error logs [Filebeat MySQL] ECS", "version": 1 }, - "id": "Filebeat-MySQL-error-log", + "id": "Filebeat-MySQL-error-log-ecs", "type": "search", "version": 1 }, @@ -439,8 +439,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-error-log", - "title": "Error logs levels breakdown [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-error-log-ecs", + "title": "Error logs levels breakdown [Filebeat MySQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -464,7 +464,7 @@ "enabled": true, "id": "2", "params": { - "field": "mysql.error.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -481,11 +481,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "Error logs levels breakdown [Filebeat MySQL]", + "title": "Error logs levels breakdown [Filebeat MySQL] ECS", "type": "pie" } }, - "id": "MySQL-Error-logs-levels", + "id": "MySQL-Error-logs-levels-ecs", "type": "visualization", "version": 1 }, @@ -497,8 +497,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-MySQL-Slow-log", - "title": "Slow logs breakdown [Filebeat MySQL]", + "savedSearchId": "Filebeat-MySQL-Slow-log-ecs", + "title": "Slow logs breakdown [Filebeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -531,11 +531,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "Slow logs breakdown [Filebeat MySQL]", + "title": "Slow logs breakdown [Filebeat MySQL] ECS", "type": "pie" } }, - "id": "MySQL-Slow-logs-by-count", + "id": "MySQL-Slow-logs-by-count-ecs", "type": "visualization", "version": 1 }, @@ -557,7 +557,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "mysql", @@ -568,7 +568,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "mysql", "type": "phrase" } @@ -628,10 +628,10 @@ "@timestamp", "desc" ], - "title": "Slow logs [Filebeat MySQL]", + "title": "Slow logs [Filebeat MySQL] ECS", "version": 1 }, - "id": "Filebeat-MySQL-Slow-log", + "id": "Filebeat-MySQL-Slow-log-ecs", "type": "search", "version": 1 }, @@ -661,7 +661,7 @@ "panelsJSON": [ { "col": 1, - "id": "MySQL-slowest-queries", + "id": "MySQL-slowest-queries-ecs", "panelIndex": 1, "row": 8, "size_x": 6, @@ -670,7 +670,7 @@ }, { "col": 1, - "id": "MySQL-Slow-queries-over-time", + "id": "MySQL-Slow-queries-over-time-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -679,7 +679,7 @@ }, { "col": 7, - "id": "MySQL-error-logs", + "id": "MySQL-error-logs-ecs", "panelIndex": 3, "row": 1, "size_x": 6, @@ -689,10 +689,10 @@ { "col": 7, "columns": [ - "mysql.error.level", - "mysql.error.message" + "log.level", + "message" ], - "id": "Filebeat-MySQL-error-log", + "id": "Filebeat-MySQL-error-log-ecs", "panelIndex": 4, "row": 8, "size_x": 6, @@ -705,7 +705,7 @@ }, { "col": 7, - "id": "MySQL-Error-logs-levels", + "id": "MySQL-Error-logs-levels-ecs", "panelIndex": 5, "row": 4, "size_x": 6, @@ -714,7 +714,7 @@ }, { "col": 1, - "id": "MySQL-Slow-logs-by-count", + "id": "MySQL-Slow-logs-by-count-ecs", "panelIndex": 6, "row": 4, "size_x": 6, @@ -723,7 +723,7 @@ } ], "timeRestore": false, - "title": "[Filebeat MySQL] Overview", + "title": "[Filebeat MySQL] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -738,7 +738,7 @@ }, "version": 1 }, - "id": "Filebeat-MySQL-Dashboard", + "id": "Filebeat-MySQL-Dashboard-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json index 5d6566a86f69..8c75d52dfc52 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-logs.json @@ -3,8 +3,8 @@ { "attributes": { "columns": [ - "nginx.error.level", - "nginx.error.message" + "log.level", + "message" ], "description": "", "hits": 0, @@ -37,20 +37,20 @@ "@timestamp", "desc" ], - "title": "Nginx error logs [Filebeat Nginx]", + "title": "Nginx error logs [Filebeat Nginx] ECS", "version": 1 }, - "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519", + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "nginx.access.url", - "nginx.access.method", - "nginx.access.response_code", - "nginx.access.body_sent.bytes" + "url.original", + "http.request.method", + "http.response.status_code", + "http.response.body.bytes" ], "description": "", "hits": 0, @@ -83,10 +83,10 @@ "@timestamp", "desc" ], - "title": "Nginx access logs [Filebeat Nginx]", + "title": "Nginx access logs [Filebeat Nginx] ECS", "version": 1 }, - "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519", + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", "type": "search", "version": 4 }, @@ -96,7 +96,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Access logs over time [Filebeat Nginx]", + "title": "Access logs over time [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -120,7 +120,7 @@ "id": "3189aa80-a1f3-11e7-a062-a1c3587f4874" } ], - "filter": "fileset.module:nginx AND fileset.name:access", + "filter": "event.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -151,7 +151,7 @@ ], "split_mode": "everything", "stacked": "none", - "terms_field": "nginx.access.url", + "terms_field": "url.original", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], @@ -160,11 +160,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Access logs over time [Filebeat Nginx]", + "title": "Access logs over time [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519", + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 2 }, @@ -174,20 +174,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519)" + "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "type": "markdown" } }, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 1 }, @@ -218,10 +218,10 @@ { "col": 1, "columns": [ - "nginx.error.level", - "nginx.error.message" + "log.level", + "message" ], - "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519", + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 11, "row": 5, "size_x": 12, @@ -235,12 +235,12 @@ { "col": 1, "columns": [ - "nginx.access.url", - "nginx.access.method", - "nginx.access.response_code", - "nginx.access.body_sent.bytes" + "url.original", + "http.request.method", + "http.response.status_code", + "http.response.body.bytes" ], - "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519", + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 16, "row": 8, "size_x": 12, @@ -253,7 +253,7 @@ }, { "col": 1, - "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519", + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 18, "row": 2, "size_x": 12, @@ -262,7 +262,7 @@ }, { "col": 1, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 19, "row": 1, "size_x": 12, @@ -271,11 +271,11 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] Access and error logs", + "title": "[Filebeat Nginx] Access and error logs ECS", "uiStateJSON": {}, "version": 1 }, - "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519", + "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs", "type": "dashboard", "version": 2 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json index e955762c6cea..2841bfcd99ef 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/Filebeat-nginx-overview.json @@ -15,7 +15,7 @@ } } }, - "title": "Browsers breakdown [Filebeat Nginx]", + "title": "Browsers breakdown [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -31,7 +31,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -60,11 +60,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Nginx Access Browsers", + "title": "Nginx Access Browsers ECS", "type": "pie" } }, - "id": "Nginx-Access-Browsers", + "id": "Nginx-Access-Browsers-ecs", "type": "visualization", "version": 1 }, @@ -83,7 +83,7 @@ } } }, - "title": "Operating systems breakdown [Filebeat Nginx]", + "title": "Operating systems breakdown [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -99,7 +99,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 @@ -128,11 +128,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Nginx Access OSes", + "title": "Nginx Access OSes ECS", "type": "pie" } }, - "id": "Nginx-Access-OSes", + "id": "Nginx-Access-OSes-ecs", "type": "visualization", "version": 1 }, @@ -144,8 +144,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Nginx-module", - "title": "Access Map [Filebeat Nginx]", + "savedSearchId": "Filebeat-Nginx-module-ecs", + "title": "Access Map [Filebeat Nginx] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -167,7 +167,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "nginx.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -202,11 +202,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Nginx Access Map", + "title": "Nginx Access Map ECS", "type": "tile_map" } }, - "id": "Nginx-Access-Map", + "id": "Nginx-Access-Map-ecs", "type": "visualization", "version": 1 }, @@ -216,7 +216,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Response codes over time [Filebeat Nginx]", + "title": "Response codes over time [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -224,7 +224,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "fileset.module:nginx AND fileset.name:access", + "filter": "event.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -250,32 +250,32 @@ "split_filters": [ { "color": "#68BC00", - "filter": "nginx.access.response_code:[200 TO 299]", + "filter": "http.response.status_code:[200 TO 299]", "id": "5acdc750-a29d-11e7-a062-a1c3587f4874", "label": "200s" }, { "color": "rgba(252,196,0,1)", - "filter": "nginx.access.response_code:[300 TO 399]", + "filter": "http.response.status_code:[300 TO 399]", "id": "6efd2ae0-a29d-11e7-a062-a1c3587f4874", "label": "300s" }, { "color": "rgba(211,49,21,1)", - "filter": "nginx.access.response_code:[400 TO 499]", + "filter": "http.response.status_code:[400 TO 499]", "id": "76089a90-a29d-11e7-a062-a1c3587f4874", "label": "400s" }, { "color": "rgba(171,20,158,1)", - "filter": "nginx.access.response_code:[500 TO 599]", + "filter": "http.response.status_code:[500 TO 599]", "id": "7c7929d0-a29d-11e7-a062-a1c3587f4874", "label": "500s" } ], "split_mode": "filters", "stacked": "stacked", - "terms_field": "nginx.access.response_code", + "terms_field": "http.response.status_code", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], @@ -284,11 +284,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Response codes over time [Filebeat Nginx]", + "title": "Response codes over time [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519", + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 7 }, @@ -298,7 +298,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Top pages [Filebeat Nginx]", + "title": "Top pages [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -311,7 +311,7 @@ "id": "6252c320-a1f5-11e7-92ba-5d0b8663aece" } ], - "filter": "fileset.module:nginx AND fileset.name:access", + "filter": "event.module:nginx AND fileset.name:access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -334,7 +334,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "nginx.access.url", + "terms_field": "url.original", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417", "value_template": "" } @@ -344,11 +344,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top pages [Filebeat Nginx]", + "title": "Top pages [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519", + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 3 }, @@ -358,7 +358,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Errors over time [Filebeat Nginx]", + "title": "Errors over time [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -366,7 +366,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "fileset.module:nginx AND fileset.name:error", + "filter": "event.module:nginx AND fileset.name:error", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -390,7 +390,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "nginx.error.level", + "terms_field": "log.level", "terms_order_by": "61ca57f2-469d-11e7-af02-69e470af7417" } ], @@ -399,11 +399,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Errors over time [Filebeat Nginx]", + "title": "Errors over time [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519", + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 5 }, @@ -413,7 +413,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Data Volume [Filebeat Nginx]", + "title": "Data Volume [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -421,7 +421,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "fileset.module: nginx AND fileset.name: access", + "filter": "event.module: nginx AND fileset.name: access", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "filebeat-*", "interval": "auto", @@ -438,7 +438,7 @@ "line_width": 1, "metrics": [ { - "field": "nginx.access.body_sent.bytes", + "field": "http.response.body.bytes", "id": "61ca57f2-469d-11e7-af02-69e470af7417", "type": "sum" } @@ -448,7 +448,7 @@ "split_filters": [ { "color": "#68BC00", - "filter": "nginx.access.response_code:[200 TO 299]", + "filter": "http.response.status_code:[200 TO 299]", "id": "7c343c20-a29e-11e7-a062-a1c3587f4874", "label": "200s" } @@ -463,11 +463,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Data Volume [Filebeat Nginx]", + "title": "Data Volume [Filebeat Nginx] ECS", "type": "metrics" } }, - "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519", + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 2 }, @@ -477,31 +477,31 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519)" + "markdown": "[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)" }, - "title": "Dashboards [Filebeat Nginx]", + "title": "Dashboards [Filebeat Nginx] ECS", "type": "markdown" } }, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "nginx.access.url", - "nginx.access.method", - "nginx.access.response_code", - "nginx.access.referrer", - "nginx.access.body_sent.bytes" + "url.original", + "http.request.method", + "http.response.status_code", + "http.request.referrer", + "http.response.body.bytes" ], "description": "", "hits": 0, @@ -539,10 +539,10 @@ "@timestamp", "desc" ], - "title": "Nginx logs [Filebeat Nginx]", + "title": "Nginx logs [Filebeat Nginx] ECS", "version": 1 }, - "id": "Filebeat-Nginx-module", + "id": "Filebeat-Nginx-module-ecs", "type": "search", "version": 2 }, @@ -572,7 +572,7 @@ "panelsJSON": [ { "col": 10, - "id": "Nginx-Access-Browsers", + "id": "Nginx-Access-Browsers-ecs", "panelIndex": 3, "row": 12, "size_x": 3, @@ -581,7 +581,7 @@ }, { "col": 7, - "id": "Nginx-Access-OSes", + "id": "Nginx-Access-OSes-ecs", "panelIndex": 4, "row": 12, "size_x": 3, @@ -590,7 +590,7 @@ }, { "col": 1, - "id": "Nginx-Access-Map", + "id": "Nginx-Access-Map-ecs", "panelIndex": 8, "row": 2, "size_x": 12, @@ -599,7 +599,7 @@ }, { "col": 1, - "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519", + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 13, "row": 6, "size_x": 12, @@ -608,7 +608,7 @@ }, { "col": 7, - "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519", + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 14, "row": 9, "size_x": 6, @@ -617,7 +617,7 @@ }, { "col": 1, - "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519", + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 15, "row": 9, "size_x": 6, @@ -626,7 +626,7 @@ }, { "col": 1, - "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519", + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 16, "row": 12, "size_x": 6, @@ -635,7 +635,7 @@ }, { "col": 1, - "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519", + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", "panelIndex": 17, "row": 1, "size_x": 12, @@ -644,7 +644,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] Overview", + "title": "[Filebeat Nginx] Overview ECS", "uiStateJSON": { "P-4": { "vis": { @@ -682,7 +682,7 @@ }, "version": 1 }, - "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519", + "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json index 0403ead98a50..9113043e29f6 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-access-remote-ip-count-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Remote IP Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Remote IP Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -125,11 +125,11 @@ } ] }, - "title": "ML Nginx Access Remote IP Timechart", + "title": "ML Nginx Access Remote IP Timechart ECS", "type": "area" } }, - "id": "ML-Nginx-Access-Remote-IP-Timechart", + "id": "ML-Nginx-Access-Remote-IP-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -141,8 +141,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Response Code Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Response Code Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -178,7 +178,7 @@ "enabled": true, "id": "3", "params": { - "field": "nginx.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -201,11 +201,11 @@ "times": [], "yAxis": {} }, - "title": "ML Nginx Access Response Code Timechart", + "title": "ML Nginx Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -215,8 +215,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top Remote IPs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top Remote IPs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -262,11 +262,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top Remote IPs Table", + "title": "ML Nginx Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -278,8 +278,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Access Map [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Access Map [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -301,7 +301,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "nginx.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -336,11 +336,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Nginx Access Map", + "title": "ML Nginx Access Map ECS", "type": "tile_map" } }, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -350,8 +350,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top URLs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top URLs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -376,7 +376,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -397,11 +397,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top URLs Table", + "title": "ML Nginx Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -441,10 +441,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Nginx]", + "title": "ML Access Data [Filebeat Nginx] ECS", "version": 1 }, - "id": "ML-Filebeat-Nginx-Access", + "id": "ML-Filebeat-Nginx-Access-ecs", "type": "search", "version": 3 }, @@ -474,7 +474,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Nginx-Access-Remote-IP-Timechart", + "id": "ML-Nginx-Access-Remote-IP-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -483,7 +483,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -492,7 +492,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -501,7 +501,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -510,7 +510,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -519,7 +519,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] [ML] Remote IP Count Explorer", + "title": "[Filebeat Nginx] [ML] Remote IP Count Explorer ECS", "uiStateJSON": { "P-3": { "vis": { @@ -544,7 +544,7 @@ }, "version": 1 }, - "id": "ML-Nginx-Access-Remote-IP-Count-Explorer", + "id": "ML-Nginx-Access-Remote-IP-Count-Explorer-ecs", "type": "dashboard", "version": 3 } diff --git a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json index e43ca0b671d0..96dbcefb6862 100644 --- a/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json +++ b/filebeat/module/nginx/_meta/kibana/7/dashboard/ml-nginx-remote-ip-url-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Unique Count URL Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Unique Count URL Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -16,7 +16,7 @@ "enabled": true, "id": "1", "params": { - "field": "nginx.access.url" + "field": "url.original" }, "schema": "metric", "type": "cardinality" @@ -114,11 +114,11 @@ } ] }, - "title": "ML Nginx Access Unique Count URL Timechart", + "title": "ML Nginx Access Unique Count URL Timechart ECS", "type": "line" } }, - "id": "ML-Nginx-Access-Unique-Count-URL-Timechart", + "id": "ML-Nginx-Access-Unique-Count-URL-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -130,8 +130,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Response Code Timechart [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Response Code Timechart [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -167,7 +167,7 @@ "enabled": true, "id": "3", "params": { - "field": "nginx.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -190,11 +190,11 @@ "times": [], "yAxis": {} }, - "title": "ML Nginx Access Response Code Timechart", + "title": "ML Nginx Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -204,8 +204,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top Remote IPs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top Remote IPs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -251,11 +251,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top Remote IPs Table", + "title": "ML Nginx Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -267,8 +267,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Access Map [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Access Map [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -290,7 +290,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "nginx.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -325,11 +325,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Nginx Access Map", + "title": "ML Nginx Access Map ECS", "type": "tile_map" } }, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -339,8 +339,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Nginx-Access", - "title": "Top URLs [Filebeat Nginx] [ML]", + "savedSearchId": "ML-Filebeat-Nginx-Access-ecs", + "title": "Top URLs [Filebeat Nginx] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -365,7 +365,7 @@ "enabled": true, "id": "2", "params": { - "field": "nginx.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -386,11 +386,11 @@ }, "totalFunc": "sum" }, - "title": "ML Nginx Access Top URLs Table", + "title": "ML Nginx Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -430,10 +430,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Nginx]", + "title": "ML Access Data [Filebeat Nginx] ECS", "version": 1 }, - "id": "ML-Filebeat-Nginx-Access", + "id": "ML-Filebeat-Nginx-Access-ecs", "type": "search", "version": 3 }, @@ -463,7 +463,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Nginx-Access-Unique-Count-URL-Timechart", + "id": "ML-Nginx-Access-Unique-Count-URL-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -472,7 +472,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Response-Code-Timechart", + "id": "ML-Nginx-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -481,7 +481,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-Remote-IPs-Table", + "id": "ML-Nginx-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -490,7 +490,7 @@ }, { "col": 7, - "id": "ML-Nginx-Access-Map", + "id": "ML-Nginx-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -499,7 +499,7 @@ }, { "col": 1, - "id": "ML-Nginx-Access-Top-URLs-Table", + "id": "ML-Nginx-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -508,7 +508,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Nginx] [ML] Remote IP URL Explorer", + "title": "[Filebeat Nginx] [ML] Remote IP URL Explorer ECS", "uiStateJSON": { "P-2": { "vis": { @@ -543,7 +543,7 @@ }, "version": 1 }, - "id": "ML-Nginx-Remote-IP-URL-Explorer", + "id": "ML-Nginx-Remote-IP-URL-Explorer-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json index e9b2f6c92687..0642a853b46d 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-compliance.json @@ -52,10 +52,10 @@ "@timestamp", "desc" ], - "title": "Mounts [Osquery results]", + "title": "Mounts [Osquery results] ECS", "version": 1 }, - "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05", + "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -72,8 +72,8 @@ } } }, - "savedSearchId": "7a9482d0-eb00-11e7-8f04-51231daa5b05", - "title": "Mounts by type [Osquery Result]", + "savedSearchId": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", + "title": "Mounts by type [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -123,11 +123,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Mounts by type [Osquery Result]", + "title": "Mounts by type [Osquery Result] ECS", "type": "pie" } }, - "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05", + "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -184,10 +184,10 @@ "@timestamp", "desc" ], - "title": "DEB packages installed [Osquery results]", + "title": "DEB packages installed [Osquery results] ECS", "version": 1 }, - "id": "3824b080-eb02-11e7-8f04-51231daa5b05", + "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -204,8 +204,8 @@ } } }, - "savedSearchId": "b5d6baa0-eb02-11e7-8f04-51231daa5b05", - "title": "OS versions [Osquery result]", + "savedSearchId": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", + "title": "OS versions [Osquery result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -269,11 +269,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "OS versions [Osquery result]", + "title": "OS versions [Osquery result] ECS", "type": "pie" } }, - "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05", + "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -317,8 +317,8 @@ } } }, - "savedSearchId": "f59e21e0-eb03-11e7-8f04-51231daa5b05", - "title": "Number of Kernel modules [Osquery Result]", + "savedSearchId": "f59e21e0-eb03-11e7-8f04-51231daa5b05-ecs", + "title": "Number of Kernel modules [Osquery Result] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -386,11 +386,11 @@ "isDisplayWarning": false, "type": "gauge" }, - "title": "Number of Kernel modules [Osquery Result]", + "title": "Number of Kernel modules [Osquery Result] ECS", "type": "gauge" } }, - "id": "240f3630-eb05-11e7-8f04-51231daa5b05", + "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", "type": "visualization", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -401,20 +401,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040)" + "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "type": "markdown" } }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", "version": 3 @@ -469,10 +469,10 @@ "@timestamp", "desc" ], - "title": "OS versions [Osquery results]", + "title": "OS versions [Osquery results] ECS", "version": 1 }, - "id": "b5d6baa0-eb02-11e7-8f04-51231daa5b05", + "id": "b5d6baa0-eb02-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -529,10 +529,10 @@ "@timestamp", "desc" ], - "title": "Kernel modules [Osquery results]", + "title": "Kernel modules [Osquery results] ECS", "version": 1 }, - "id": "f59e21e0-eb03-11e7-8f04-51231daa5b05", + "id": "f59e21e0-eb03-11e7-8f04-51231daa5b05-ecs", "type": "search", "updated_at": "2018-01-08T17:35:32.102Z", "version": 1 @@ -566,7 +566,7 @@ "x": 6, "y": 6 }, - "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05", + "id": "7a9482d0-eb00-11e7-8f04-51231daa5b05-ecs", "panelIndex": "1", "type": "search", "version": "6.2.4" @@ -579,7 +579,7 @@ "x": 5, "y": 1 }, - "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05", + "id": "a9fd8bb0-eb01-11e7-8f04-51231daa5b05-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -592,7 +592,7 @@ "x": 0, "y": 6 }, - "id": "3824b080-eb02-11e7-8f04-51231daa5b05", + "id": "3824b080-eb02-11e7-8f04-51231daa5b05-ecs", "panelIndex": "3", "type": "search", "version": "6.2.4" @@ -605,7 +605,7 @@ "x": 0, "y": 1 }, - "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05", + "id": "1da1ed30-eb03-11e7-8f04-51231daa5b05-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -626,7 +626,7 @@ "x": 0, "y": 4 }, - "id": "240f3630-eb05-11e7-8f04-51231daa5b05", + "id": "240f3630-eb05-11e7-8f04-51231daa5b05-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" @@ -639,14 +639,14 @@ "x": 0, "y": 0 }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "panelIndex": "6", "type": "visualization", "version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Osquery Result] Compliance pack", + "title": "[Osquery Result] Compliance pack ECS", "uiStateJSON": { "P-5": { "vis": { @@ -658,7 +658,7 @@ }, "version": 1 }, - "id": "69f5ae20-eb02-11e7-8f04-51231daa5b05", + "id": "69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs", "type": "dashboard", "updated_at": "2018-01-08T19:42:15.406Z", "version": 2 diff --git a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json index 38e897645b0a..17b5b234e559 100644 --- a/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json +++ b/filebeat/module/osquery/_meta/kibana/7/dashboard/osquery-rootkit.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Info OSSEC rootkit [Osquery Result]", + "title": "Info OSSEC rootkit [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -15,11 +15,11 @@ "fontSize": 12, "markdown": "This dashboard shows data collected by the ossec-rootkit pack from osquery." }, - "title": "Info OSSEC rootkit [Osquery Result]", + "title": "Info OSSEC rootkit [Osquery Result] ECS", "type": "markdown" } }, - "id": "6ec10290-f4aa-11e7-8647-534bb4c21040", + "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:30:49.785Z", "version": 1 @@ -36,8 +36,8 @@ } } }, - "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040", - "title": "Number of rootkits found [Osquery Result]", + "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", + "title": "Number of rootkits found [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -81,11 +81,11 @@ }, "type": "metric" }, - "title": "Number of rootkits found [Osquery Result]", + "title": "Number of rootkits found [Osquery Result] ECS", "type": "metric" } }, - "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040", + "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:40:05.060Z", "version": 3 @@ -102,8 +102,8 @@ } } }, - "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040", - "title": "Number of hosts infected [Osquery Result]", + "savedSearchId": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", + "title": "Number of hosts infected [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -113,7 +113,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "beat.hostname" + "field": "agent.hostname" }, "schema": "metric", "type": "cardinality" @@ -147,11 +147,11 @@ }, "type": "metric" }, - "title": "Number of hosts infected [Osquery Result]", + "title": "Number of hosts infected [Osquery Result] ECS", "type": "metric" } }, - "id": "ab587180-f4a9-11e7-8647-534bb4c21040", + "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:39:45.085Z", "version": 2 @@ -162,20 +162,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040)" + "markdown": "[Compilance](#/dashboard/69f5ae20-eb02-11e7-8f04-51231daa5b05-ecs) | [OSSEC Rootkit](#/dashboard/c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs)" }, - "title": "Navigation [Osquery Result]", + "title": "Navigation [Osquery Result] ECS", "type": "markdown" } }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "type": "visualization", "updated_at": "2018-01-08T19:41:10.264Z", "version": 3 @@ -185,7 +185,7 @@ "columns": [ "osquery.result.name", "osquery.result.columns.path", - "beat.hostname" + "agent.hostname" ], "description": "", "hits": 0, @@ -219,7 +219,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "osquery", @@ -230,7 +230,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "osquery", "type": "phrase" } @@ -277,10 +277,10 @@ "@timestamp", "desc" ], - "title": "OSSEC Rootkits [Osquery Result]", + "title": "OSSEC Rootkits [Osquery Result] ECS", "version": 1 }, - "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040", + "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", "type": "search", "updated_at": "2018-01-08T19:38:24.483Z", "version": 2 @@ -314,7 +314,7 @@ "x": 8, "y": 1 }, - "id": "6ec10290-f4aa-11e7-8647-534bb4c21040", + "id": "6ec10290-f4aa-11e7-8647-534bb4c21040-ecs", "panelIndex": "1", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -327,7 +327,7 @@ "x": 4, "y": 1 }, - "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040", + "id": "ffdbba50-f4a9-11e7-8647-534bb4c21040-ecs", "panelIndex": "2", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -340,7 +340,7 @@ "x": 0, "y": 1 }, - "id": "ab587180-f4a9-11e7-8647-534bb4c21040", + "id": "ab587180-f4a9-11e7-8647-534bb4c21040-ecs", "panelIndex": "3", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -353,7 +353,7 @@ "x": 0, "y": 0 }, - "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040", + "id": "2d6e0760-f4ab-11e7-8647-534bb4c21040-ecs", "panelIndex": "4", "type": "visualization", "version": "6.1.0-SNAPSHOT" @@ -366,18 +366,18 @@ "x": 0, "y": 3 }, - "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040", + "id": "0fe5dc00-f49b-11e7-8647-534bb4c21040-ecs", "panelIndex": "5", "type": "search", "version": "6.1.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Osquery Result] OSSEC rootkit pack", + "title": "[Osquery Result] OSSEC rootkit pack ECS", "uiStateJSON": {}, "version": 1 }, - "id": "c0a7ce90-f4aa-11e7-8647-534bb4c21040", + "id": "c0a7ce90-f4aa-11e7-8647-534bb4c21040-ecs", "type": "dashboard", "updated_at": "2018-01-08T19:40:16.304Z", "version": 6 diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json index 9978b509444f..375fc4d56d17 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "PostgreSQL All Logs", - "title": "Log Level Count [Filebeat PostgreSQL]", + "savedSearchId": "PostgreSQL All Logs-ecs", + "title": "Log Level Count [Filebeat PostgreSQL] ECS", "uiStateJSON": { "vis": { "params": { @@ -34,7 +34,7 @@ "enabled": true, "id": "2", "params": { - "field": "postgresql.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 12 @@ -54,21 +54,21 @@ }, "totalFunc": "sum" }, - "title": "Log Level Count [Filebeat PostgreSQL]", + "title": "Log Level Count [Filebeat PostgreSQL] ECS", "type": "table" } }, - "id": "PostgreSQL Log Level Count", + "id": "PostgreSQL Log Level Count-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.level", - "postgresql.log.message", + "log.level", + "message", "postgresql.log.query" ], "description": "", @@ -84,7 +84,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "postgresql", @@ -95,7 +95,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "postgresql", "type": "phrase" } @@ -116,10 +116,10 @@ "@timestamp", "desc" ], - "title": "All Logs [Filebeat PostgreSQL]", + "title": "All Logs [Filebeat PostgreSQL] ECS", "version": 1 }, - "id": "PostgreSQL All Logs", + "id": "PostgreSQL All Logs-ecs", "type": "search", "version": 1 }, @@ -131,8 +131,8 @@ "filter": [] } }, - "savedSearchId": "PostgreSQL All Logs", - "title": "Logs by level over time [Filebeat PostgreSQL]", + "savedSearchId": "PostgreSQL All Logs-ecs", + "title": "Logs by level over time [Filebeat PostgreSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -161,7 +161,7 @@ "enabled": true, "id": "3", "params": { - "field": "postgresql.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -240,11 +240,11 @@ } ] }, - "title": "Logs by level over time [Filebeat PostgreSQL]", + "title": "Logs by level over time [Filebeat PostgreSQL] ECS", "type": "histogram" } }, - "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3", + "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3-ecs", "type": "visualization", "version": 1 }, @@ -269,7 +269,7 @@ "panelsJSON": [ { "col": 1, - "id": "PostgreSQL Log Level Count", + "id": "PostgreSQL Log Level Count-ecs", "panelIndex": 1, "row": 1, "size_x": 3, @@ -279,13 +279,13 @@ { "col": 1, "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", - "postgresql.log.level", - "postgresql.log.message", + "log.level", + "message", "postgresql.log.query" ], - "id": "PostgreSQL All Logs", + "id": "PostgreSQL All Logs-ecs", "panelIndex": 2, "row": 4, "size_x": 12, @@ -298,7 +298,7 @@ }, { "col": 4, - "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3", + "id": "3dbd5370-87f3-11e7-ad9c-db80de0bf8d3-ecs", "panelIndex": 3, "row": 1, "size_x": 9, @@ -307,7 +307,7 @@ } ], "timeRestore": false, - "title": "[Filebeat PostgreSQL] Overview", + "title": "[Filebeat PostgreSQL] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -322,7 +322,7 @@ }, "version": 1 }, - "id": "158be870-87f4-11e7-ad9c-db80de0bf8d3", + "id": "158be870-87f4-11e7-ad9c-db80de0bf8d3-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json index 653b071aa650..d2a49c416d2b 100644 --- a/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json +++ b/filebeat/module/postgresql/_meta/kibana/7/dashboard/Filebeat-Postgresql-slowlogs.json @@ -11,8 +11,8 @@ } } }, - "savedSearchId": "PostgreSQL Query Durations", - "title": "Query count and cumulated duration [Filebeat PostgreSQL]", + "savedSearchId": "PostgreSQL Query Durations-ecs", + "title": "Query count and cumulated duration [Filebeat PostgreSQL] ECS", "uiStateJSON": { "vis": { "colors": { @@ -144,18 +144,18 @@ } ] }, - "title": "Query count and cumulated duration [Filebeat PostgreSQL]", + "title": "Query count and cumulated duration [Filebeat PostgreSQL] ECS", "type": "histogram" } }, - "id": "PostgreSQL Query Count and Duration", + "id": "PostgreSQL Query Count and Duration-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" @@ -178,17 +178,17 @@ "@timestamp", "desc" ], - "title": "Slow Queries [Filebeat PostgreSQL]", + "title": "Slow Queries [Filebeat PostgreSQL] ECS", "version": 1 }, - "id": "Slow PostgreSQL Queries", + "id": "Slow PostgreSQL Queries-ecs", "type": "search", "version": 1 }, { "attributes": { "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" @@ -211,10 +211,10 @@ "@timestamp", "desc" ], - "title": "Query Durations [Filebeat PostgreSQL]", + "title": "Query Durations [Filebeat PostgreSQL] ECS", "version": 1 }, - "id": "PostgreSQL Query Durations", + "id": "PostgreSQL Query Durations-ecs", "type": "search", "version": 1 }, @@ -239,7 +239,7 @@ "panelsJSON": [ { "col": 1, - "id": "PostgreSQL Query Count and Duration", + "id": "PostgreSQL Query Count and Duration-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -249,12 +249,12 @@ { "col": 7, "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" ], - "id": "Slow PostgreSQL Queries", + "id": "Slow PostgreSQL Queries-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -268,12 +268,12 @@ { "col": 1, "columns": [ - "postgresql.log.user", + "user.name", "postgresql.log.database", "postgresql.log.duration", "postgresql.log.query" ], - "id": "PostgreSQL Query Durations", + "id": "PostgreSQL Query Durations-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -286,11 +286,11 @@ } ], "timeRestore": false, - "title": "[Filebeat PostgreSQL] Query Duration Overview", + "title": "[Filebeat PostgreSQL] Query Duration Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "e4c5f230-87f3-11e7-ad9c-db80de0bf8d3", + "id": "e4c5f230-87f3-11e7-ad9c-db80de0bf8d3-ecs", "type": "dashboard", "version": 1 } diff --git a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json index 91c000ad7ec1..4cd6acabd6e1 100644 --- a/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json +++ b/filebeat/module/redis/_meta/kibana/7/dashboard/Filebeat-redis.json @@ -20,7 +20,7 @@ "version": true } }, - "title": "Log levels and roles breakdown [Filebeat Redis]", + "title": "Log levels and roles breakdown [Filebeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -49,7 +49,7 @@ "id": "2", "params": { "customLabel": "Log level", - "field": "redis.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -65,11 +65,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Log levels and roles breakdown [Filebeat Redis]", + "title": "Log levels and roles breakdown [Filebeat Redis] ECS", "type": "pie" } }, - "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b", + "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b-ecs", "type": "visualization", "version": 2 }, @@ -93,7 +93,7 @@ "version": true } }, - "title": "Logs over time [Filebeat Redis]", + "title": "Logs over time [Filebeat Redis] ECS", "uiStateJSON": { "vis": { "colors": { @@ -129,7 +129,7 @@ "enabled": true, "id": "3", "params": { - "field": "redis.log.level", + "field": "log.level", "order": "desc", "orderBy": "1", "size": 5 @@ -215,21 +215,21 @@ } ] }, - "title": "Logs over time [Filebeat Redis]", + "title": "Logs over time [Filebeat Redis] ECS", "type": "histogram" } }, - "id": "d2864600-478f-11e7-be88-2ddb32f3df97", + "id": "d2864600-478f-11e7-be88-2ddb32f3df97-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "beat.name", - "redis.log.level", + "host.name", + "log.level", "redis.log.role", - "redis.log.message" + "message" ], "description": "", "hits": 0, @@ -244,7 +244,7 @@ "alias": null, "disabled": false, "index": "filebeat-*", - "key": "fileset.module", + "key": "event.module", "negate": false, "params": { "query": "redis", @@ -255,7 +255,7 @@ }, "query": { "match": { - "fileset.module": { + "event.module": { "query": "redis", "type": "phrase" } @@ -302,10 +302,10 @@ "@timestamp", "desc" ], - "title": "Logs [Filebeat Redis]", + "title": "Logs [Filebeat Redis] ECS", "version": 1 }, - "id": "73613570-4791-11e7-be88-2ddb32f3df97", + "id": "73613570-4791-11e7-be88-2ddb32f3df97-ecs", "type": "search", "version": 2 }, @@ -317,8 +317,8 @@ "filter": [] } }, - "savedSearchId": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", - "title": "Top slowest commands [Filebeat Redis]", + "savedSearchId": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", + "title": "Top slowest commands [Filebeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -426,18 +426,18 @@ } ] }, - "title": "Top slowest commands [Filebeat Redis]", + "title": "Top slowest commands [Filebeat Redis] ECS", "type": "histogram" } }, - "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97", + "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "beat.name", + "host.name", "message", "redis.slowlog.duration.us", "redis.slowlog.key" @@ -465,10 +465,10 @@ "@timestamp", "desc" ], - "title": "Slow logs [Filebeat Redis]", + "title": "Slow logs [Filebeat Redis] ECS", "version": 1 }, - "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", + "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", "type": "search", "version": 2 }, @@ -498,7 +498,7 @@ "panelsJSON": [ { "col": 1, - "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b", + "id": "78b9afe0-478f-11e7-b1f0-cb29bac6bf8b-ecs", "panelIndex": 2, "row": 5, "size_x": 3, @@ -507,7 +507,7 @@ }, { "col": 4, - "id": "d2864600-478f-11e7-be88-2ddb32f3df97", + "id": "d2864600-478f-11e7-be88-2ddb32f3df97-ecs", "panelIndex": 3, "row": 5, "size_x": 9, @@ -517,12 +517,12 @@ { "col": 1, "columns": [ - "beat.name", - "redis.log.level", + "host.name", + "log.level", "redis.log.role", - "redis.log.message" + "message" ], - "id": "73613570-4791-11e7-be88-2ddb32f3df97", + "id": "73613570-4791-11e7-be88-2ddb32f3df97-ecs", "panelIndex": 4, "row": 8, "size_x": 12, @@ -535,7 +535,7 @@ }, { "col": 7, - "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97", + "id": "dcccaa80-4791-11e7-be88-2ddb32f3df97-ecs", "panelIndex": 5, "row": 1, "size_x": 6, @@ -545,12 +545,12 @@ { "col": 1, "columns": [ - "beat.name", + "host.name", "message", "redis.slowlog.duration.us", "redis.slowlog.key" ], - "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b", + "id": "0ab87b80-478e-11e7-b1f0-cb29bac6bf8b-ecs", "panelIndex": 6, "row": 1, "size_x": 6, @@ -563,7 +563,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Redis] Overview", + "title": "[Filebeat Redis] Overview ECS", "uiStateJSON": { "P-5": { "vis": { @@ -573,7 +573,7 @@ }, "version": 1 }, - "id": "7fea2930-478e-11e7-b1f0-cb29bac6bf8b", + "id": "7fea2930-478e-11e7-b1f0-cb29bac6bf8b-ecs", "type": "dashboard", "version": 4 } diff --git a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json index 71245b0e755a..2dfc4107d497 100644 --- a/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json +++ b/filebeat/module/santa/_meta/kibana/7/dashboard/filebeat-santa-log-overview.json @@ -12,7 +12,7 @@ } } }, - "title": "Description [Filebeat Santa]", + "title": "Description [Filebeat Santa] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -22,11 +22,11 @@ "markdown": "![Santa Icon](https://raw.githubusercontent.com/google/santa/master/Source/SantaGUI/Resources/Images.xcassets/AppIcon.appiconset/santa-hat-icon-128.png)\n\nGoogle Santa is a binary whitelisting/blacklisting system for macOS that monitors process executions.", "openLinksInNewTab": false }, - "title": "Description [Filebeat Santa]", + "title": "Description [Filebeat Santa] ECS", "type": "markdown" } }, - "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307", + "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs", "type": "visualization", "updated_at": "2018-12-14T06:31:14.285Z", "version": 1 @@ -43,7 +43,7 @@ } } }, - "title": "Decisions [Filebeat Santa]", + "title": "Decisions [Filebeat Santa] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -84,11 +84,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Decisions [Filebeat Santa]", + "title": "Decisions [Filebeat Santa] ECS", "type": "metrics" } }, - "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307", + "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs", "type": "visualization", "updated_at": "2018-12-14T06:40:02.169Z", "version": 1 @@ -105,8 +105,8 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Total Events [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Total Events [Filebeat Santa] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -149,11 +149,11 @@ }, "type": "metric" }, - "title": "Total Events [Filebeat Santa]", + "title": "Total Events [Filebeat Santa] ECS", "type": "metric" } }, - "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307", + "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs", "type": "visualization", "updated_at": "2018-12-14T06:41:42.712Z", "version": 1 @@ -170,8 +170,8 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Decision and Reason [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Decision and Reason [Filebeat Santa] ECS", "uiStateJSON": { "vis": { "colors": { @@ -237,11 +237,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Decision and Reason [Filebeat Santa]", + "title": "Decision and Reason [Filebeat Santa] ECS", "type": "pie" } }, - "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307", + "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs", "type": "visualization", "updated_at": "2018-12-14T06:47:57.150Z", "version": 1 @@ -258,8 +258,8 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Num of Hosts Reporting [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Num of Hosts Reporting [Filebeat Santa] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -303,11 +303,11 @@ }, "type": "metric" }, - "title": "Num of Hosts Reporting [Filebeat Santa]", + "title": "Num of Hosts Reporting [Filebeat Santa] ECS", "type": "metric" } }, - "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307", + "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs", "type": "visualization", "updated_at": "2018-12-14T06:51:31.622Z", "version": 1 @@ -324,8 +324,8 @@ } } }, - "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", - "title": "Code Signers [Filebeat Santa]", + "savedSearchId": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", + "title": "Code Signers [Filebeat Santa] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -361,11 +361,11 @@ "scale": "linear", "showLabel": true }, - "title": "Code Signers [Filebeat Santa]", + "title": "Code Signers [Filebeat Santa] ECS", "type": "tagcloud" } }, - "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307", + "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs", "type": "visualization", "updated_at": "2018-12-14T06:57:58.885Z", "version": 2 @@ -449,10 +449,10 @@ "@timestamp", "desc" ], - "title": "Santa Logs Search [Filebeat Santa]", + "title": "Santa Logs Search [Filebeat Santa] ECS", "version": 1 }, - "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", "type": "search", "updated_at": "2018-12-14T06:57:11.037Z", "version": 2 @@ -485,7 +485,7 @@ "x": 0, "y": 0 }, - "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307", + "id": "dad521d0-ff69-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-alpha1-SNAPSHOT" @@ -499,7 +499,7 @@ "x": 10, "y": 0 }, - "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307", + "id": "1579d690-ff6b-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-alpha1-SNAPSHOT" @@ -513,7 +513,7 @@ "x": 8, "y": 12 }, - "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307", + "id": "51677b80-ff6b-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-alpha1-SNAPSHOT" @@ -527,7 +527,7 @@ "x": 36, "y": 12 }, - "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307", + "id": "30962fe0-ff6c-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-alpha1-SNAPSHOT" @@ -541,7 +541,7 @@ "x": 0, "y": 12 }, - "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307", + "id": "b06c0460-ff6c-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-alpha1-SNAPSHOT" @@ -555,7 +555,7 @@ "x": 18, "y": 12 }, - "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307", + "id": "11858000-ff6d-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-alpha1-SNAPSHOT" @@ -569,17 +569,17 @@ "x": 0, "y": 22 }, - "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307", + "id": "6d56a010-ff6a-11e8-93c5-d5ecd1b3e307-ecs", "panelIndex": "7", "type": "search", "version": "7.0.0-alpha1-SNAPSHOT" } ], "timeRestore": false, - "title": "[Filebeat Santa] Overview", + "title": "[Filebeat Santa] Overview ECS", "version": 1 }, - "id": "161855f0-ff6a-11e8-93c5-d5ecd1b3e307", + "id": "161855f0-ff6a-11e8-93c5-d5ecd1b3e307-ecs", "type": "dashboard", "updated_at": "2018-12-14T06:58:23.367Z", "version": 5 diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json index 80e62f40e874..d17f7526b2e3 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-auth-sudo-commands.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", - "title": "Sudo commands by user [Filebeat System]", + "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", + "title": "Sudo commands by user [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -59,11 +59,11 @@ "setYExtents": false, "times": [] }, - "title": "Sudo commands by user", + "title": "Sudo commands by user ECS", "type": "histogram" } }, - "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a", + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", "type": "visualization", "version": 2 }, @@ -83,7 +83,7 @@ } } }, - "title": "Sudo errors [Filebeat System]", + "title": "Sudo errors [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -133,11 +133,11 @@ "setYExtents": false, "times": [] }, - "title": "Sudo errors", + "title": "Sudo errors ECS", "type": "histogram" } }, - "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a", + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", "type": "visualization", "version": 2 }, @@ -149,8 +149,8 @@ "filter": [] } }, - "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", - "title": "Top sudo commands [Filebeat System]", + "savedSearchId": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", + "title": "Top sudo commands [Filebeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -208,11 +208,11 @@ }, "totalFunc": "sum" }, - "title": "Top sudo commands", + "title": "Top sudo commands ECS", "type": "table" } }, - "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a", + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", "type": "visualization", "version": 2 }, @@ -222,20 +222,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -266,10 +266,10 @@ "@timestamp", "desc" ], - "title": "Sudo commands [Filebeat System]", + "title": "Sudo commands [Filebeat System] ECS", "version": 1 }, - "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a", + "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", "type": "search", "version": 2 }, @@ -299,7 +299,7 @@ "panelsJSON": [ { "col": 1, - "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a", + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", "panelIndex": 1, "row": 6, "size_x": 12, @@ -308,7 +308,7 @@ }, { "col": 1, - "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a", + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", "panelIndex": 2, "row": 10, "size_x": 12, @@ -317,7 +317,7 @@ }, { "col": 1, - "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a", + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", "panelIndex": 3, "row": 2, "size_x": 12, @@ -326,7 +326,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 4, "row": 1, "size_x": 12, @@ -335,7 +335,7 @@ } ], "timeRestore": false, - "title": "[Filebeat System] Sudo commands", + "title": "[Filebeat System] Sudo commands ECS", "uiStateJSON": { "P-3": { "vis": { @@ -350,7 +350,7 @@ }, "version": 1 }, - "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a", + "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json index 2e7e7fd6f9ba..327a4e3c093e 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-new-users-and-groups.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users [Filebeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -35,7 +35,7 @@ "id": "2", "params": { "customLabel": "Host", - "field": "system.auth.hostname", + "field": "host.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -61,7 +61,7 @@ "id": "4", "params": { "customLabel": "UID", - "field": "system.auth.useradd.uid", + "field": "user.id", "order": "desc", "orderBy": "1", "size": 5 @@ -121,11 +121,11 @@ }, "totalFunc": "sum" }, - "title": "New users", + "title": "New users ECS", "type": "table" } }, - "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab", + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", "type": "visualization", "version": 2 }, @@ -137,8 +137,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users over time [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users over time [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -188,11 +188,11 @@ "setYExtents": false, "times": [] }, - "title": "New users over time", + "title": "New users over time ECS", "type": "histogram" } }, - "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab", + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", "type": "visualization", "version": 2 }, @@ -204,8 +204,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users by shell [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users by shell [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -258,11 +258,11 @@ "isDonut": false, "legendPosition": "right" }, - "title": "New users by shell", + "title": "New users by shell ECS", "type": "pie" } }, - "id": "e121b140-fa78-11e6-a1df-a78bd7504d38", + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -274,8 +274,8 @@ "filter": [] } }, - "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", - "title": "New users by home directory [Filebeat System]", + "savedSearchId": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "title": "New users by home directory [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -329,11 +329,11 @@ "isDonut": false, "legendPosition": "right" }, - "title": "New users by home directory", + "title": "New users by home directory ECS", "type": "pie" } }, - "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38", + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -345,8 +345,8 @@ "filter": [] } }, - "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", - "title": "New groups [Filebeat System]", + "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", + "title": "New groups [Filebeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -383,7 +383,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.auth.groupadd.gid", + "field": "group.id", "order": "desc", "orderBy": "1", "size": 5 @@ -404,11 +404,11 @@ }, "totalFunc": "sum" }, - "title": "New groups", + "title": "New groups ECS", "type": "table" } }, - "id": "12667040-fa80-11e6-a1df-a78bd7504d38", + "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -420,8 +420,8 @@ "filter": [] } }, - "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", - "title": "New groups over time [Filebeat System]", + "savedSearchId": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", + "title": "New groups over time [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -471,11 +471,11 @@ "setYExtents": false, "times": [] }, - "title": "New groups over time", + "title": "New groups over time ECS", "type": "histogram" } }, - "id": "346bb290-fa80-11e6-a1df-a78bd7504d38", + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", "type": "visualization", "version": 2 }, @@ -485,20 +485,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -506,7 +506,7 @@ "attributes": { "columns": [ "system.auth.useradd.name", - "system.auth.useradd.uid", + "user.id", "system.auth.useradd.gid", "system.auth.useradd.home", "system.auth.useradd.shell" @@ -530,10 +530,10 @@ "@timestamp", "desc" ], - "title": "useradd logs [Filebeat System]", + "title": "useradd logs [Filebeat System] ECS", "version": 1 }, - "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab", + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", "type": "search", "version": 2 }, @@ -541,7 +541,7 @@ "attributes": { "columns": [ "system.auth.groupadd.name", - "system.auth.groupadd.gid" + "group.id" ], "description": "", "hits": 0, @@ -562,10 +562,10 @@ "@timestamp", "desc" ], - "title": "groupadd logs [Filebeat System]", + "title": "groupadd logs [Filebeat System] ECS", "version": 1 }, - "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38", + "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", "type": "search", "version": 2 }, @@ -595,7 +595,7 @@ "panelsJSON": [ { "col": 1, - "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab", + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", "panelIndex": 1, "row": 2, "size_x": 6, @@ -604,7 +604,7 @@ }, { "col": 7, - "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab", + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", "panelIndex": 2, "row": 2, "size_x": 6, @@ -613,7 +613,7 @@ }, { "col": 1, - "id": "e121b140-fa78-11e6-a1df-a78bd7504d38", + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 3, "row": 5, "size_x": 6, @@ -622,7 +622,7 @@ }, { "col": 7, - "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38", + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 4, "row": 5, "size_x": 6, @@ -631,7 +631,7 @@ }, { "col": 1, - "id": "12667040-fa80-11e6-a1df-a78bd7504d38", + "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 5, "row": 8, "size_x": 6, @@ -640,7 +640,7 @@ }, { "col": 7, - "id": "346bb290-fa80-11e6-a1df-a78bd7504d38", + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", "panelIndex": 6, "row": 8, "size_x": 6, @@ -649,7 +649,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 7, "row": 1, "size_x": 12, @@ -658,7 +658,7 @@ } ], "timeRestore": false, - "title": "[Filebeat System] New users and groups", + "title": "[Filebeat System] New users and groups ECS", "uiStateJSON": { "P-1": { "vis": { @@ -683,7 +683,7 @@ }, "version": 1 }, - "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab", + "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json index c310967d41c5..0a7b456771ce 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-ssh-login-attempts.json @@ -11,12 +11,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "system.auth.ssh.event:Accepted" + "query": "event.action:Accepted" } } } }, - "title": "Successful SSH logins [Filebeat System]", + "title": "Successful SSH logins [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -76,11 +76,11 @@ "setYExtents": false, "times": [] }, - "title": "Successful SSH logins", + "title": "Successful SSH logins ECS", "type": "histogram" } }, - "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a", + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", "type": "visualization", "version": 2 }, @@ -94,7 +94,7 @@ "index": "filebeat-*" } }, - "title": "SSH login attempts [Filebeat System]", + "title": "SSH login attempts [Filebeat System] ECS", "uiStateJSON": { "vis": { "colors": { @@ -131,7 +131,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.auth.ssh.event", + "field": "event.action", "order": "desc", "orderBy": "1", "size": 5 @@ -152,11 +152,11 @@ "setYExtents": false, "times": [] }, - "title": "SSH login attempts", + "title": "SSH login attempts ECS", "type": "histogram" } }, - "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a", + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", "type": "visualization", "version": 2 }, @@ -171,12 +171,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid" + "query": "event.action:Failed OR event.action:Invalid" } } } }, - "title": "SSH users of failed login attempts [Filebeat System]", + "title": "SSH users of failed login attempts [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -208,11 +208,11 @@ "orientation": "single", "scale": "linear" }, - "title": "SSH users of failed login attempts", + "title": "SSH users of failed login attempts ECS", "type": "tagcloud" } }, - "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a", + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", "type": "visualization", "version": 2 }, @@ -227,12 +227,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid" + "query": "event.action:Failed OR event.action:Invalid" } } } }, - "title": "SSH failed login attempts source locations [Filebeat System]", + "title": "SSH failed login attempts source locations [Filebeat System] ECS", "uiStateJSON": { "mapCenter": [ 17.602139123350838, @@ -255,7 +255,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "system.auth.ssh.geoip.location", + "field": "source.geo.location", "precision": 2 }, "schema": "segment", @@ -291,22 +291,22 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "SSH failed login attempts source locations", + "title": "SSH failed login attempts source locations ECS", "type": "tile_map" } }, - "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d", + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "system.auth.ssh.event", + "event.action", "system.auth.ssh.method", "system.auth.user", - "system.auth.ssh.ip", - "system.auth.ssh.geoip.country_iso_code" + "source.ip", + "source.geo.country_iso_code" ], "description": "", "hits": 0, @@ -327,10 +327,10 @@ "@timestamp", "desc" ], - "title": "SSH login attempts [Filebeat System]", + "title": "SSH login attempts [Filebeat System] ECS", "version": 1 }, - "id": "62439dc0-f9c9-11e6-a747-6121780e0414", + "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", "type": "search", "version": 2 }, @@ -340,20 +340,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -383,7 +383,7 @@ "panelsJSON": [ { "col": 1, - "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a", + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", "panelIndex": 1, "row": 5, "size_x": 12, @@ -392,7 +392,7 @@ }, { "col": 1, - "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a", + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", "panelIndex": 2, "row": 2, "size_x": 12, @@ -401,7 +401,7 @@ }, { "col": 1, - "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a", + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", "panelIndex": 3, "row": 8, "size_x": 6, @@ -410,7 +410,7 @@ }, { "col": 7, - "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d", + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", "panelIndex": 4, "row": 8, "size_x": 6, @@ -420,13 +420,13 @@ { "col": 1, "columns": [ - "system.auth.ssh.event", + "event.action", "system.auth.ssh.method", "system.auth.user", - "system.auth.ssh.ip", - "system.auth.ssh.geoip.country_iso_code" + "source.ip", + "source.geo.country_iso_code" ], - "id": "62439dc0-f9c9-11e6-a747-6121780e0414", + "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", "panelIndex": 5, "row": 12, "size_x": 12, @@ -439,7 +439,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 6, "row": 1, "size_x": 12, @@ -448,7 +448,7 @@ } ], "timeRestore": false, - "title": "[Filebeat System] SSH login attempts", + "title": "[Filebeat System] SSH login attempts ECS", "uiStateJSON": { "P-4": { "mapBounds": { @@ -481,7 +481,7 @@ }, "version": 1 }, - "id": "5517a150-f9ce-11e6-8115-a7c18106d86a", + "id": "5517a150-f9ce-11e6-8115-a7c18106d86a-ecs", "type": "dashboard", "version": 7 } diff --git a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json index 24d995932df3..cd137b4c4102 100644 --- a/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json +++ b/filebeat/module/system/_meta/kibana/7/dashboard/Filebeat-syslog.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Syslog-system-logs", - "title": "Syslog events by hostname [Filebeat System]", + "savedSearchId": "Syslog-system-logs-ecs", + "title": "Syslog events by hostname [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -38,7 +38,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.syslog.hostname", + "field": "host.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -61,11 +61,11 @@ "times": [], "yAxis": {} }, - "title": "Syslog events by hostname", + "title": "Syslog events by hostname ECS", "type": "histogram" } }, - "id": "Syslog-events-by-hostname", + "id": "Syslog-events-by-hostname-ecs", "type": "visualization", "version": 2 }, @@ -77,8 +77,8 @@ "filter": [] } }, - "savedSearchId": "Syslog-system-logs", - "title": "Syslog hostnames and processes [Filebeat System]", + "savedSearchId": "Syslog-system-logs-ecs", + "title": "Syslog hostnames and processes [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -94,7 +94,7 @@ "enabled": true, "id": "2", "params": { - "field": "system.syslog.hostname", + "field": "host.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -106,7 +106,7 @@ "enabled": true, "id": "3", "params": { - "field": "system.syslog.program", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -123,20 +123,20 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Syslog hostnames and processes", + "title": "Syslog hostnames and processes ECS", "type": "pie" } }, - "id": "Syslog-hostnames-and-processes", + "id": "Syslog-hostnames-and-processes-ecs", "type": "visualization", "version": 2 }, { "attributes": { "columns": [ - "system.syslog.hostname", - "system.syslog.program", - "system.syslog.message" + "host.hostname", + "process.name", + "message" ], "description": "", "hits": 0, @@ -170,10 +170,10 @@ "@timestamp", "desc" ], - "title": "Syslog logs [Filebeat System]", + "title": "Syslog logs [Filebeat System] ECS", "version": 1 }, - "id": "Syslog-system-logs", + "id": "Syslog-system-logs-ecs", "type": "search", "version": 2 }, @@ -183,20 +183,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab)" + "markdown": "[Syslog](#/dashboard/Filebeat-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)" }, - "title": "Dashboards [Filebeat System]", + "title": "Dashboards [Filebeat System] ECS", "type": "markdown" } }, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "type": "visualization", "version": 1 }, @@ -226,7 +226,7 @@ "panelsJSON": [ { "col": 1, - "id": "Syslog-events-by-hostname", + "id": "Syslog-events-by-hostname-ecs", "panelIndex": 1, "row": 2, "size_x": 8, @@ -235,7 +235,7 @@ }, { "col": 9, - "id": "Syslog-hostnames-and-processes", + "id": "Syslog-hostnames-and-processes-ecs", "panelIndex": 2, "row": 2, "size_x": 4, @@ -245,11 +245,11 @@ { "col": 1, "columns": [ - "system.syslog.hostname", - "system.syslog.program", - "system.syslog.message" + "host.hostname", + "process.name", + "message" ], - "id": "Syslog-system-logs", + "id": "Syslog-system-logs-ecs", "panelIndex": 3, "row": 6, "size_x": 12, @@ -262,7 +262,7 @@ }, { "col": 1, - "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54", + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", "panelIndex": 4, "row": 1, "size_x": 12, @@ -271,11 +271,11 @@ } ], "timeRestore": false, - "title": "[Filebeat System] Syslog dashboard", + "title": "[Filebeat System] Syslog dashboard ECS", "uiStateJSON": {}, "version": 1 }, - "id": "Filebeat-syslog-dashboard", + "id": "Filebeat-syslog-dashboard-ecs", "type": "dashboard", "version": 6 } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json index 720432226601..7edb0d63278a 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/Filebeat-traefik-overview.json @@ -15,7 +15,7 @@ } } }, - "title": "Browsers breakdown [Filebeat Traefik]", + "title": "Browsers breakdown [Filebeat Traefik] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -31,7 +31,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.user_agent.name", + "field": "user_agent.name", "order": "desc", "orderBy": "1", "size": 5 @@ -60,11 +60,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Traefik Access Browsers", + "title": "Traefik Access Browsers ECS", "type": "pie" } }, - "id": "Traefik-Access-Browsers", + "id": "Traefik-Access-Browsers-ecs", "type": "visualization", "version": 2 }, @@ -83,7 +83,7 @@ } } }, - "title": "Operating systems breakdown [Filebeat Traefik]", + "title": "Operating systems breakdown [Filebeat Traefik] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -99,7 +99,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.user_agent.os_name", + "field": "user_agent.os.name", "order": "desc", "orderBy": "1", "size": 5 @@ -128,11 +128,11 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Traefik Access OSes", + "title": "Traefik Access OSes ECS", "type": "pie" } }, - "id": "Traefik-Access-OSes", + "id": "Traefik-Access-OSes-ecs", "type": "visualization", "version": 2 }, @@ -144,8 +144,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Traefik-module", - "title": "Response codes over time [Filebeat Traefik]", + "savedSearchId": "Filebeat-Traefik-module-ecs", + "title": "Response codes over time [Filebeat Traefik] ECS", "uiStateJSON": { "vis": { "colors": { @@ -181,7 +181,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -204,11 +204,11 @@ "times": [], "yAxis": {} }, - "title": "New Visualization", + "title": "New Visualization ECS", "type": "histogram" } }, - "id": "New-Visualization", + "id": "New-Visualization-ecs", "type": "visualization", "version": 2 }, @@ -227,7 +227,7 @@ } } }, - "title": "Response codes by top URLs [Filebeat Traefik]", + "title": "Response codes by top URLs [Filebeat Traefik] ECS", "uiStateJSON": { "vis": { "colors": { @@ -250,7 +250,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "row": false, @@ -263,7 +263,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -280,11 +280,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Traefik Access Response codes by top URLs", + "title": "Traefik Access Response codes by top URLs ECS", "type": "pie" } }, - "id": "Traefik-Access-Response-codes-by-top-URLs", + "id": "Traefik-Access-Response-codes-by-top-URLs-ecs", "type": "visualization", "version": 2 }, @@ -316,7 +316,7 @@ } } }, - "title": "Sent Byte Size [Filebeat Traefik]", + "title": "Sent Byte Size [Filebeat Traefik] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -326,7 +326,7 @@ "id": "1", "params": { "customLabel": "Data sent", - "field": "traefik.access.body_sent.bytes" + "field": "http.response.body.bytes" }, "schema": "metric", "type": "sum" @@ -370,11 +370,11 @@ "times": [], "yAxis": {} }, - "title": "Sent sizes", + "title": "Sent sizes ECS", "type": "line" } }, - "id": "Sent-sizes", + "id": "Sent-sizes-ecs", "type": "visualization", "version": 2 }, @@ -386,8 +386,8 @@ "filter": [] } }, - "savedSearchId": "Filebeat-Traefik-module", - "title": "Access Map [Filebeat Traefik]", + "savedSearchId": "Filebeat-Traefik-module-ecs", + "title": "Access Map [Filebeat Traefik] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -409,7 +409,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "traefik.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -444,11 +444,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Traefik Access Map", + "title": "Traefik Access Map ECS", "type": "tile_map" } }, - "id": "Traefik-Access-Map", + "id": "Traefik-Access-Map-ecs", "type": "visualization", "version": 2 }, @@ -488,10 +488,10 @@ "@timestamp", "desc" ], - "title": "Traefik logs [Filebeat Traefik]", + "title": "Traefik logs [Filebeat Traefik] ECS", "version": 1 }, - "id": "Filebeat-Traefik-module", + "id": "Filebeat-Traefik-module-ecs", "type": "search", "version": 2 }, @@ -519,7 +519,7 @@ "panelsJSON": [ { "col": 1, - "id": "Traefik-Access-Browsers", + "id": "Traefik-Access-Browsers-ecs", "panelIndex": 3, "row": 10, "size_x": 4, @@ -528,7 +528,7 @@ }, { "col": 5, - "id": "Traefik-Access-OSes", + "id": "Traefik-Access-OSes-ecs", "panelIndex": 4, "row": 10, "size_x": 4, @@ -537,7 +537,7 @@ }, { "col": 1, - "id": "New-Visualization", + "id": "New-Visualization-ecs", "panelIndex": 5, "row": 4, "size_x": 12, @@ -546,7 +546,7 @@ }, { "col": 1, - "id": "Traefik-Access-Response-codes-by-top-URLs", + "id": "Traefik-Access-Response-codes-by-top-URLs-ecs", "panelIndex": 6, "row": 7, "size_x": 12, @@ -555,7 +555,7 @@ }, { "col": 9, - "id": "Sent-sizes", + "id": "Sent-sizes-ecs", "panelIndex": 7, "row": 10, "size_x": 4, @@ -564,7 +564,7 @@ }, { "col": 1, - "id": "Traefik-Access-Map", + "id": "Traefik-Access-Map-ecs", "panelIndex": 8, "row": 1, "size_x": 12, @@ -573,7 +573,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Traefik] Access logs", + "title": "[Filebeat Traefik] Access logs ECS", "uiStateJSON": { "P-4": { "vis": { @@ -589,7 +589,7 @@ }, "version": 1 }, - "id": "Filebeat-Traefik-Dashboard", + "id": "Filebeat-Traefik-Dashboard-ecs", "type": "dashboard", "version": 3 } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json index 89ab54f3918a..51cbb1a2312e 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-access-remote-ip-count-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Remote IP Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Remote IP Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -40,7 +40,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.remote_ip", + "field": "source.address", "order": "desc", "orderBy": "1", "size": 5 @@ -125,11 +125,11 @@ } ] }, - "title": "ML Traefik Access Remote IP Timechart", + "title": "ML Traefik Access Remote IP Timechart ECS", "type": "area" } }, - "id": "ML-Traefik-Access-Remote-IP-Timechart", + "id": "ML-Traefik-Access-Remote-IP-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -141,8 +141,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Response Code Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Response Code Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -178,7 +178,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -201,11 +201,11 @@ "times": [], "yAxis": {} }, - "title": "ML Traefik Access Response Code Timechart", + "title": "ML Traefik Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -215,8 +215,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top Remote IPs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top Remote IPs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -241,7 +241,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.remote_ip", + "field": "source.address", "order": "desc", "orderBy": "1", "size": 5 @@ -262,11 +262,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top Remote IPs Table", + "title": "ML Traefik Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -278,8 +278,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Access Map [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Access Map [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -301,7 +301,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "traefik.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -336,11 +336,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Traefik Access Map", + "title": "ML Traefik Access Map ECS", "type": "tile_map" } }, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -350,8 +350,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top URLs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top URLs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -376,7 +376,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -397,11 +397,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top URLs Table", + "title": "ML Traefik Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -441,10 +441,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Traefik]", + "title": "ML Access Data [Filebeat Traefik] ECS", "version": 1 }, - "id": "ML-Filebeat-Traefik-Access", + "id": "ML-Filebeat-Traefik-Access-ecs", "type": "search", "version": 3 }, @@ -474,7 +474,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Traefik-Access-Remote-IP-Timechart", + "id": "ML-Traefik-Access-Remote-IP-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -483,7 +483,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -492,7 +492,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -501,7 +501,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -510,7 +510,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -519,7 +519,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Traefik] [ML] Remote IP Count Explorer", + "title": "[Filebeat Traefik] [ML] Remote IP Count Explorer ECS", "uiStateJSON": { "P-3": { "vis": { @@ -544,7 +544,7 @@ }, "version": 1 }, - "id": "ML-Traefik-Access-Remote-IP-Count-Explorer", + "id": "ML-Traefik-Access-Remote-IP-Count-Explorer-ecs", "type": "dashboard", "version": 3 } diff --git a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json index b09a006d89d9..d406a5c90f14 100644 --- a/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json +++ b/filebeat/module/traefik/_meta/kibana/7/dashboard/ml-traefik-remote-ip-url-explorer.json @@ -6,8 +6,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Unique Count URL Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Unique Count URL Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -16,7 +16,7 @@ "enabled": true, "id": "1", "params": { - "field": "traefik.access.url" + "field": "url.original" }, "schema": "metric", "type": "cardinality" @@ -114,11 +114,11 @@ } ] }, - "title": "ML Traefik Access Unique Count URL Timechart", + "title": "ML Traefik Access Unique Count URL Timechart ECS", "type": "line" } }, - "id": "ML-Traefik-Access-Unique-Count-URL-Timechart", + "id": "ML-Traefik-Access-Unique-Count-URL-Timechart-ecs", "type": "visualization", "version": 2 }, @@ -130,8 +130,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Response Code Timechart [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Response Code Timechart [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "colors": { @@ -167,7 +167,7 @@ "enabled": true, "id": "3", "params": { - "field": "traefik.access.response_code", + "field": "http.response.status_code", "order": "desc", "orderBy": "1", "size": 5 @@ -190,11 +190,11 @@ "times": [], "yAxis": {} }, - "title": "ML Traefik Access Response Code Timechart", + "title": "ML Traefik Access Response Code Timechart ECS", "type": "histogram" } }, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "type": "visualization", "version": 3 }, @@ -204,8 +204,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top Remote IPs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top Remote IPs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -230,7 +230,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.remote_ip", + "field": "source.address", "order": "desc", "orderBy": "1", "size": 5 @@ -251,11 +251,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top Remote IPs Table", + "title": "ML Traefik Access Top Remote IPs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "type": "visualization", "version": 3 }, @@ -267,8 +267,8 @@ "filter": [] } }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Access Map [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Access Map [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "mapCenter": [ 12.039320557540572, @@ -290,7 +290,7 @@ "id": "2", "params": { "autoPrecision": true, - "field": "traefik.access.geoip.location" + "field": "source.geo.location" }, "schema": "segment", "type": "geohash_grid" @@ -325,11 +325,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "ML Traefik Access Map", + "title": "ML Traefik Access Map ECS", "type": "tile_map" } }, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "type": "visualization", "version": 3 }, @@ -339,8 +339,8 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "savedSearchId": "ML-Filebeat-Traefik-Access", - "title": "Top URLs [Filebeat Traefik] [ML]", + "savedSearchId": "ML-Filebeat-Traefik-Access-ecs", + "title": "Top URLs [Filebeat Traefik] [ML] ECS", "uiStateJSON": { "vis": { "params": { @@ -365,7 +365,7 @@ "enabled": true, "id": "2", "params": { - "field": "traefik.access.url", + "field": "url.original", "order": "desc", "orderBy": "1", "size": 1000 @@ -386,11 +386,11 @@ }, "totalFunc": "sum" }, - "title": "ML Traefik Access Top URLs Table", + "title": "ML Traefik Access Top URLs Table ECS", "type": "table" } }, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "type": "visualization", "version": 3 }, @@ -430,10 +430,10 @@ "@timestamp", "desc" ], - "title": "ML Access Data [Filebeat Traefik]", + "title": "ML Access Data [Filebeat Traefik] ECS", "version": 1 }, - "id": "ML-Filebeat-Traefik-Access", + "id": "ML-Filebeat-Traefik-Access-ecs", "type": "search", "version": 3 }, @@ -463,7 +463,7 @@ "panelsJSON": [ { "col": 1, - "id": "ML-Traefik-Access-Unique-Count-URL-Timechart", + "id": "ML-Traefik-Access-Unique-Count-URL-Timechart-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -472,7 +472,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Response-Code-Timechart", + "id": "ML-Traefik-Access-Response-Code-Timechart-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -481,7 +481,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-Remote-IPs-Table", + "id": "ML-Traefik-Access-Top-Remote-IPs-Table-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -490,7 +490,7 @@ }, { "col": 7, - "id": "ML-Traefik-Access-Map", + "id": "ML-Traefik-Access-Map-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -499,7 +499,7 @@ }, { "col": 1, - "id": "ML-Traefik-Access-Top-URLs-Table", + "id": "ML-Traefik-Access-Top-URLs-Table-ecs", "panelIndex": 5, "row": 7, "size_x": 12, @@ -508,7 +508,7 @@ } ], "timeRestore": false, - "title": "[Filebeat Traefik] [ML] Remote IP URL Explorer", + "title": "[Filebeat Traefik] [ML] Remote IP URL Explorer ECS", "uiStateJSON": { "P-2": { "vis": { @@ -543,7 +543,7 @@ }, "version": 1 }, - "id": "ML-Traefik-Remote-IP-URL-Explorer", + "id": "ML-Traefik-Remote-IP-URL-Explorer-ecs", "type": "dashboard", "version": 4 } diff --git a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json index e25338f9b982..86a18d6ccbe9 100644 --- a/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json +++ b/journalbeat/_meta/kibana/7/dashboard/Journalbeat-overview.json @@ -59,26 +59,26 @@ } ], "timeRestore": false, - "title": "[Journalbeat] Overview", + "title": "[Journalbeat] Overview ECS", "version": 1 }, - "id": "effdfcd0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "effdfcd0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "dashboard": "7.0.0" }, "references": [ { - "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_0", "type": "search" }, { - "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_1", "type": "search" }, { - "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd", + "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", "name": "panel_2", "type": "search" } @@ -113,10 +113,10 @@ "@timestamp", "desc" ], - "title": "[Journalbeat] Kernel errors", + "title": "[Journalbeat] Kernel errors ECS", "version": 1 }, - "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "25251fc0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "search": "7.0.0" }, @@ -157,10 +157,10 @@ "@timestamp", "desc" ], - "title": "[Journalbeat] Authorization", + "title": "[Journalbeat] Authorization ECS", "version": 1 }, - "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd", + "id": "52a2a1c0-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "search": "7.0.0" }, @@ -200,10 +200,10 @@ "@timestamp", "desc" ], - "title": "[Journalbeat] Systemd messages", + "title": "[Journalbeat] Systemd messages ECS", "version": 1 }, - "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd", + "id": "842a1340-2877-11e9-bc7e-af96a8fe0ddd-ecs", "migrationVersion": { "search": "7.0.0" }, diff --git a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json index c8eecb62d93e..05fd491afe0e 100644 --- a/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json +++ b/metricbeat/module/apache/_meta/kibana/7/dashboard/Metricbeat-apache-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "CPU usage [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "CPU usage [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -101,11 +101,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - CPU", + "title": "Apache HTTPD - CPU ECS", "type": "line" } }, - "id": "Apache-HTTPD-CPU", + "id": "Apache-HTTPD-CPU-ecs", "type": "visualization", "version": 2 }, @@ -117,8 +117,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Hostname list [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Hostname list [Metricbeat Apache] ECS", "uiStateJSON": { "vis": { "params": { @@ -163,11 +163,11 @@ "direction": null } }, - "title": "Apache HTTPD - Hostname list", + "title": "Apache HTTPD - Hostname list ECS", "type": "table" } }, - "id": "Apache-HTTPD-Hostname-list", + "id": "Apache-HTTPD-Hostname-list-ecs", "type": "visualization", "version": 2 }, @@ -179,8 +179,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Load1/5/15 [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Load1/5/15 [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -255,11 +255,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Load1/5/15", + "title": "Apache HTTPD - Load1/5/15 ECS", "type": "line" } }, - "id": "Apache-HTTPD-Load1-slash-5-slash-15", + "id": "Apache-HTTPD-Load1-slash-5-slash-15-ecs", "type": "visualization", "version": 2 }, @@ -271,8 +271,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Scoreboard [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Scoreboard [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -428,11 +428,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Scoreboard", + "title": "Apache HTTPD - Scoreboard ECS", "type": "line" } }, - "id": "Apache-HTTPD-Scoreboard", + "id": "Apache-HTTPD-Scoreboard-ecs", "type": "visualization", "version": 2 }, @@ -444,8 +444,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Total accesses and kbytes [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Total accesses and kbytes [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -474,11 +474,11 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Apache HTTPD - Total accesses and kbytes", + "title": "Apache HTTPD - Total accesses and kbytes ECS", "type": "metric" } }, - "id": "Apache-HTTPD-Total-accesses-and-kbytes", + "id": "Apache-HTTPD-Total-accesses-and-kbytes-ecs", "type": "visualization", "version": 2 }, @@ -490,8 +490,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Uptime [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Uptime [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -520,11 +520,11 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Apache HTTPD - Uptime", + "title": "Apache HTTPD - Uptime ECS", "type": "metric" } }, - "id": "Apache-HTTPD-Uptime", + "id": "Apache-HTTPD-Uptime-ecs", "type": "visualization", "version": 2 }, @@ -536,8 +536,8 @@ "filter": [] } }, - "savedSearchId": "Apache-HTTPD", - "title": "Workers [Metricbeat Apache]", + "savedSearchId": "Apache-HTTPD-ecs", + "title": "Workers [Metricbeat Apache] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -603,11 +603,11 @@ "times": [], "yAxis": {} }, - "title": "Apache HTTPD - Workers", + "title": "Apache HTTPD - Workers ECS", "type": "line" } }, - "id": "Apache-HTTPD-Workers", + "id": "Apache-HTTPD-Workers-ecs", "type": "visualization", "version": 2 }, @@ -638,7 +638,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module: apache" + "query": "event.module: apache" } } } @@ -647,10 +647,10 @@ "@timestamp", "desc" ], - "title": "Apache HTTPD", + "title": "Apache HTTPD ECS", "version": 1 }, - "id": "Apache-HTTPD", + "id": "Apache-HTTPD-ecs", "type": "search", "version": 1 }, @@ -680,7 +680,7 @@ "panelsJSON": [ { "col": 7, - "id": "Apache-HTTPD-CPU", + "id": "Apache-HTTPD-CPU-ecs", "panelIndex": 1, "row": 10, "size_x": 6, @@ -689,7 +689,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Hostname-list", + "id": "Apache-HTTPD-Hostname-list-ecs", "panelIndex": 2, "row": 1, "size_x": 3, @@ -698,7 +698,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Load1-slash-5-slash-15", + "id": "Apache-HTTPD-Load1-slash-5-slash-15-ecs", "panelIndex": 3, "row": 10, "size_x": 6, @@ -707,7 +707,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Scoreboard", + "id": "Apache-HTTPD-Scoreboard-ecs", "panelIndex": 4, "row": 7, "size_x": 12, @@ -716,7 +716,7 @@ }, { "col": 7, - "id": "Apache-HTTPD-Total-accesses-and-kbytes", + "id": "Apache-HTTPD-Total-accesses-and-kbytes-ecs", "panelIndex": 5, "row": 1, "size_x": 6, @@ -725,7 +725,7 @@ }, { "col": 4, - "id": "Apache-HTTPD-Uptime", + "id": "Apache-HTTPD-Uptime-ecs", "panelIndex": 6, "row": 1, "size_x": 3, @@ -734,7 +734,7 @@ }, { "col": 1, - "id": "Apache-HTTPD-Workers", + "id": "Apache-HTTPD-Workers-ecs", "panelIndex": 7, "row": 4, "size_x": 12, @@ -743,7 +743,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Apache] Overview", + "title": "[Metricbeat Apache] Overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -772,7 +772,7 @@ }, "version": 1 }, - "id": "Metricbeat-Apache-HTTPD-server-status", + "id": "Metricbeat-Apache-HTTPD-server-status-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json index 81eddab34221..1d8faa43ed75 100644 --- a/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json +++ b/metricbeat/module/docker/_meta/kibana/7/dashboard/Metricbeat-docker-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Docker containers [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Docker containers [Metricbeat Docker] ECS", "uiStateJSON": { "vis": { "params": { @@ -28,7 +28,7 @@ "id": "2", "params": { "customLabel": "Name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -81,7 +81,7 @@ "id": "1", "params": { "customLabel": "Number of Containers", - "field": "docker.container.id" + "field": "container.id" }, "schema": "metric", "type": "cardinality" @@ -99,12 +99,12 @@ }, "totalFunc": "sum" }, - "title": "Docker containers [Metricbeat Docker]", + "title": "Docker containers [Metricbeat Docker] ECS", "type": "table" } }, "col": 1, - "id": "Docker-containers", + "id": "Docker-containers-ecs", "panelIndex": 1, "row": 1, "size_x": 7, @@ -120,8 +120,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Number of Containers [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Number of Containers [Metricbeat Docker] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -207,12 +207,12 @@ "handleNoResults": true, "type": "gauge" }, - "title": "Number of Containers [Metricbeat Docker]", + "title": "Number of Containers [Metricbeat Docker] ECS", "type": "metric" } }, "col": 8, - "id": "Docker-Number-of-Containers", + "id": "Docker-Number-of-Containers-ecs", "panelIndex": 2, "row": 1, "size_x": 5, @@ -228,8 +228,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Docker containers per host [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Docker containers per host [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -239,7 +239,7 @@ "id": "1", "params": { "customLabel": "Number of containers", - "field": "docker.container.id" + "field": "container.id" }, "schema": "metric", "type": "cardinality" @@ -249,7 +249,7 @@ "id": "2", "params": { "customLabel": "Hosts", - "field": "beat.hostname", + "field": "agent.hostname", "order": "desc", "orderBy": "1", "size": 5 @@ -266,12 +266,12 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Docker containers per host [Metricbeat Docker]", + "title": "Docker containers per host [Metricbeat Docker] ECS", "type": "pie" } }, "col": 8, - "id": "Docker-containers-per-host", + "id": "Docker-containers-per-host-ecs", "panelIndex": 3, "row": 3, "size_x": 2, @@ -287,8 +287,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Docker", - "title": "Docker images and names [Metricbeat Docker]", + "savedSearchId": "Metricbeat-Docker-ecs", + "title": "Docker images and names [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -304,7 +304,7 @@ "enabled": true, "id": "2", "params": { - "field": "docker.container.image", + "field": "container.image.name", "order": "desc", "orderBy": "1", "size": 5 @@ -316,7 +316,7 @@ "enabled": true, "id": "3", "params": { - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -333,12 +333,12 @@ "legendPosition": "bottom", "shareYAxis": true }, - "title": "Docker images and names [Metricbeat Docker]", + "title": "Docker images and names [Metricbeat Docker] ECS", "type": "pie" } }, "col": 10, - "id": "Docker-images-and-names", + "id": "Docker-images-and-names-ecs", "panelIndex": 7, "row": 3, "size_x": 3, @@ -369,12 +369,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker AND metricset.name:cpu" + "query": "event.module:docker AND metricset.name:cpu" } } } }, - "title": "CPU usage [Metricbeat Docker]", + "title": "CPU usage [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -410,7 +410,7 @@ "id": "3", "params": { "customLabel": "Container name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1.75", "size": 5 @@ -496,12 +496,12 @@ ], "yAxis": {} }, - "title": "CPU usage [Metricbeat Docker]", + "title": "CPU usage [Metricbeat Docker] ECS", "type": "area" } }, "col": 1, - "id": "Docker-CPU-usage", + "id": "Docker-CPU-usage-ecs", "panelIndex": 4, "row": 6, "size_x": 6, @@ -532,12 +532,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker AND metricset.name:memory" + "query": "event.module:docker AND metricset.name:memory" } } } }, - "title": "Memory usage [Metricbeat Docker]", + "title": "Memory usage [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -570,7 +570,7 @@ "id": "3", "params": { "customLabel": "Container name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -656,12 +656,12 @@ ], "yAxis": {} }, - "title": "Memory usage [Metricbeat Docker]", + "title": "Memory usage [Metricbeat Docker] ECS", "type": "area" } }, "col": 7, - "id": "Docker-memory-usage", + "id": "Docker-memory-usage-ecs", "panelIndex": 5, "row": 6, "size_x": 6, @@ -692,12 +692,12 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker AND metricset.name:network" + "query": "event.module:docker AND metricset.name:network" } } } }, - "title": "Network IO [Metricbeat Docker]", + "title": "Network IO [Metricbeat Docker] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -730,7 +730,7 @@ "id": "3", "params": { "customLabel": "Container name", - "field": "docker.container.name", + "field": "container.name", "order": "desc", "orderBy": "1", "size": 5 @@ -826,12 +826,12 @@ ], "yAxis": {} }, - "title": "Network IO [Metricbeat Docker]", + "title": "Network IO [Metricbeat Docker] ECS", "type": "area" } }, "col": 1, - "id": "Docker-Network-IO", + "id": "Docker-Network-IO-ecs", "panelIndex": 6, "row": 9, "size_x": 12, @@ -866,7 +866,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:docker" + "query": "event.module:docker" } } } @@ -875,10 +875,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat Docker", + "title": "Metricbeat Docker ECS", "version": 1 }, - "id": "Metricbeat-Docker", + "id": "Metricbeat-Docker-ecs", "type": "search", "version": 4 }, @@ -908,7 +908,7 @@ "panelsJSON": [ { "col": 1, - "id": "Docker-containers", + "id": "Docker-containers-ecs", "panelIndex": 1, "row": 1, "size_x": 7, @@ -917,7 +917,7 @@ }, { "col": 8, - "id": "Docker-Number-of-Containers", + "id": "Docker-Number-of-Containers-ecs", "panelIndex": 2, "row": 1, "size_x": 5, @@ -926,7 +926,7 @@ }, { "col": 8, - "id": "Docker-containers-per-host", + "id": "Docker-containers-per-host-ecs", "panelIndex": 3, "row": 3, "size_x": 2, @@ -935,7 +935,7 @@ }, { "col": 10, - "id": "Docker-images-and-names", + "id": "Docker-images-and-names-ecs", "panelIndex": 7, "row": 3, "size_x": 3, @@ -944,7 +944,7 @@ }, { "col": 1, - "id": "Docker-CPU-usage", + "id": "Docker-CPU-usage-ecs", "panelIndex": 4, "row": 6, "size_x": 6, @@ -953,7 +953,7 @@ }, { "col": 7, - "id": "Docker-memory-usage", + "id": "Docker-memory-usage-ecs", "panelIndex": 5, "row": 6, "size_x": 6, @@ -962,7 +962,7 @@ }, { "col": 1, - "id": "Docker-Network-IO", + "id": "Docker-Network-IO-ecs", "panelIndex": 6, "row": 9, "size_x": 12, @@ -971,7 +971,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Docker] Overview", + "title": "[Metricbeat Docker] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -1008,7 +1008,7 @@ }, "version": 1 }, - "id": "AV4REOpp5NkDleZmzKkE", + "id": "AV4REOpp5NkDleZmzKkE-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json index b308511303dd..8761996a3266 100644 --- a/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json +++ b/metricbeat/module/golang/_meta/kibana/7/dashboard/Metricbeat-golang-overview.json @@ -17,7 +17,7 @@ } } }, - "title": "Heap Summary [Metricbeat Golang]", + "title": "Heap Summary [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -26,11 +26,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.total\").label(\"System Total Memory\").yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"min:golang.heap.allocations.allocated\").label(\"Bytes Allocated(min)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.allocated\").label(\"Bytes Allocated(max)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.next_gc_limit\").label(\"GC Limit\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.pause.count\").condition(lt,1, null).points().label(\"GC Cycles(count)\").yaxis(2,label=\"Count\")", "interval": "10s" }, - "title": "Heap Summary [Metricbeat Golang]", + "title": "Heap Summary [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "58000780-f529-11e6-844d-b170e2f0a07e", + "id": "58000780-f529-11e6-844d-b170e2f0a07e-ecs", "type": "visualization", "version": 2 }, @@ -51,7 +51,7 @@ } } }, - "title": "Heap [Metricbeat Golang]", + "title": "Heap [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -60,11 +60,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.total\").label(\"Heap Total\").derivative().movingaverage(30).yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.active\").label(\"Heap Inuse\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.allocated\").label(\"Heap Allocated\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.allocations.idle\").label(\"Heap Idle\").movingaverage(30)", "interval": "10s" }, - "title": "Heap [Metricbeat Golang]", + "title": "Heap [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "95388680-f52a-11e6-969c-518c48c913e4", + "id": "95388680-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -85,7 +85,7 @@ } } }, - "title": "Objects [Metricbeat Golang]", + "title": "Objects [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -94,11 +94,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.objects\").label(\"Object Count(avg)\").yaxis(1,label=\"Count\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.allocations.total\").derivative().label(\"Allocation Rate\").yaxis(2,label=\"Rate\").movingaverage(30)", "interval": "10s" }, - "title": "Objects [Metricbeat Golang]", + "title": "Objects [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "b59a5200-f52a-11e6-969c-518c48c913e4", + "id": "b59a5200-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -119,7 +119,7 @@ } } }, - "title": "System [Metricbeat Golang]", + "title": "System [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -128,11 +128,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.total\").label(\"System Total\").yaxis(label=\"Bytes\",units=bytes),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.obtained\").label(\"System Obtained\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.stack\").label(\"System Stack\"),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.system.released\").label(\"System Released\")", "interval": "10s" }, - "title": "System [Metricbeat Golang]", + "title": "System [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4", + "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -153,7 +153,7 @@ } } }, - "title": "GC count [Metricbeat Golang]", + "title": "GC count [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -162,11 +162,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.count\").label(\"GC Count\").bars().yaxis(label=\"Count\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.total_count\").label(\"GC Rate\").derivative().movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.cpu_fraction\").label(\"CPU Fraction\").yaxis(2,label=\"Fraction\")", "interval": "10s" }, - "title": "GC count [Metricbeat Golang]", + "title": "GC count [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "b046cb80-f52a-11e6-969c-518c48c913e4", + "id": "b046cb80-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -187,7 +187,7 @@ } } }, - "title": "GC durations [Metricbeat Golang]", + "title": "GC durations [Metricbeat Golang] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -196,11 +196,11 @@ "expression": ".es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.sum.ns\").bars().label(\"sum of GC Pause durations(ns)\").yaxis(label=\"Durations(ns)\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.total_pause.ns\").derivative().movingaverage(30).label(\"Total GC Pause(ns) Rate\"),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.max.ns\").label(\"Max GC Pause(ns)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"avg:golang.heap.gc.pause.avg.ns\").label(\"Avg GC Pause(ns)\").movingaverage(30),.es(index=\"metricbeat*\",metric=\"max:golang.heap.gc.pause.count\").condition(lt,1, null).label(\"GC Pause count\").points().yaxis(2,label=\"Count\")", "interval": "10s" }, - "title": "GC durations [Metricbeat Golang]", + "title": "GC durations [Metricbeat Golang] ECS", "type": "timelion" } }, - "id": "ab226b50-f52a-11e6-969c-518c48c913e4", + "id": "ab226b50-f52a-11e6-969c-518c48c913e4-ecs", "type": "visualization", "version": 2 }, @@ -230,7 +230,7 @@ "panelsJSON": [ { "col": 1, - "id": "58000780-f529-11e6-844d-b170e2f0a07e", + "id": "58000780-f529-11e6-844d-b170e2f0a07e-ecs", "panelIndex": 8, "row": 1, "size_x": 12, @@ -239,7 +239,7 @@ }, { "col": 1, - "id": "95388680-f52a-11e6-969c-518c48c913e4", + "id": "95388680-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 9, "row": 4, "size_x": 4, @@ -248,7 +248,7 @@ }, { "col": 9, - "id": "b59a5200-f52a-11e6-969c-518c48c913e4", + "id": "b59a5200-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 10, "row": 4, "size_x": 4, @@ -257,7 +257,7 @@ }, { "col": 5, - "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4", + "id": "9a9a8bf0-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 11, "row": 4, "size_x": 4, @@ -266,7 +266,7 @@ }, { "col": 7, - "id": "b046cb80-f52a-11e6-969c-518c48c913e4", + "id": "b046cb80-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 12, "row": 8, "size_x": 6, @@ -275,7 +275,7 @@ }, { "col": 1, - "id": "ab226b50-f52a-11e6-969c-518c48c913e4", + "id": "ab226b50-f52a-11e6-969c-518c48c913e4-ecs", "panelIndex": 13, "row": 8, "size_x": 6, @@ -284,11 +284,11 @@ } ], "timeRestore": false, - "title": "[Metricbeat Golang] Overview", + "title": "[Metricbeat Golang] Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "f2dc7320-f519-11e6-a3c9-9d1f7c42b045", + "id": "f2dc7320-f519-11e6-a3c9-9d1f7c42b045-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json index 0f69e3e35b02..8e63c868b7be 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-backend.json @@ -29,7 +29,7 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 6, "y": 0 }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -55,7 +55,7 @@ "x": 6, "y": 2 }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" @@ -68,7 +68,7 @@ "x": 9, "y": 0 }, - "id": "40bed190-473b-11e8-bc13-1397384faad3", + "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.2" @@ -81,7 +81,7 @@ "x": 0, "y": 2 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -94,17 +94,17 @@ "x": 0, "y": 4 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Backend", + "title": "[Metricbeat HAProxy] Backend ECS", "version": 1 }, - "id": "9151c900-471d-11e8-bc13-1397384faad3", + "id": "9151c900-471d-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:31:25.838Z", "version": 15 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json index cf576d4d13a4..83f91be2ecd2 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-frontend.json @@ -29,7 +29,7 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -42,17 +42,17 @@ "x": 6, "y": 0 }, - "id": "86159190-47c5-11e8-bc13-1397384faad3", + "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Frontend", + "title": "[Metricbeat HAProxy] Frontend ECS", "version": 1 }, - "id": "d5878d00-47c5-11e8-bc13-1397384faad3", + "id": "d5878d00-47c5-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:32:51.945Z", "version": 5 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json index d848cca02b85..24a8cd5f4488 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-backend.json @@ -29,7 +29,7 @@ "x": 0, "y": 5 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 9, "y": 0 }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -55,7 +55,7 @@ "x": 6, "y": 2 }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" @@ -68,7 +68,7 @@ "x": 6, "y": 0 }, - "id": "40bed190-473b-11e8-bc13-1397384faad3", + "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.2" @@ -81,7 +81,7 @@ "x": 4, "y": 5 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -94,7 +94,7 @@ "x": 8, "y": 5 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" @@ -107,7 +107,7 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.2" @@ -120,17 +120,17 @@ "x": 0, "y": 3 }, - "id": "981d1040-47be-11e8-bc13-1397384faad3", + "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP backend", + "title": "[Metricbeat HAProxy] HTTP backend ECS", "version": 1 }, - "id": "0836a4b0-47bd-11e8-bc13-1397384faad3", + "id": "0836a4b0-47bd-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:33:28.791Z", "version": 6 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json index 3b97ef38e38b..8be2d4cced9d 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-frontend.json @@ -29,7 +29,7 @@ "x": 6, "y": 3 }, - "id": "86159190-47c5-11e8-bc13-1397384faad3", + "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.2" @@ -55,17 +55,17 @@ "x": 0, "y": 3 }, - "id": "30956d00-47d7-11e8-bc13-1397384faad3", + "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP frontend", + "title": "[Metricbeat HAProxy] HTTP frontend ECS", "version": 1 }, - "id": "e9057ae0-47c5-11e8-bc13-1397384faad3", + "id": "e9057ae0-47c5-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:34:15.954Z", "version": 5 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json index 3e3720581bcc..5d59ab730990 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-http-server.json @@ -29,7 +29,7 @@ "x": 0, "y": 5 }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -42,7 +42,7 @@ "x": 6, "y": 3 }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" @@ -55,7 +55,7 @@ "x": 0, "y": 0 }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.2" @@ -68,7 +68,7 @@ "x": 0, "y": 3 }, - "id": "981d1040-47be-11e8-bc13-1397384faad3", + "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.2" @@ -81,7 +81,7 @@ "x": 6, "y": 0 }, - "id": "72e84b00-47e1-11e8-bc13-1397384faad3", + "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.2" @@ -94,17 +94,17 @@ "x": 6, "y": 5 }, - "id": "976b0910-47e4-11e8-bc13-1397384faad3", + "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] HTTP server", + "title": "[Metricbeat HAProxy] HTTP server ECS", "version": 1 }, - "id": "8cc50a50-47e0-11e8-bc13-1397384faad3", + "id": "8cc50a50-47e0-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:34:50.803Z", "version": 9 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json index 4260414b2d13..3a0af4d69f22 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-overview.json @@ -29,7 +29,7 @@ "x": 8, "y": 2 }, - "id": "79350d50-47db-11e8-bc13-1397384faad3", + "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", "panelIndex": "2", "title": "Servers", "type": "visualization", @@ -43,7 +43,7 @@ "x": 4, "y": 2 }, - "id": "8c8f0300-47dc-11e8-bc13-1397384faad3", + "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", "panelIndex": "3", "title": "Backends", "type": "visualization", @@ -57,7 +57,7 @@ "x": 0, "y": 2 }, - "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3", + "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", "panelIndex": "4", "title": "Frontends", "type": "visualization", @@ -71,17 +71,17 @@ "x": 0, "y": 0 }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat HAProxy] Overview", + "title": "[Metricbeat HAProxy] Overview ECS", "version": 1 }, - "id": "4b555c30-47dd-11e8-bc13-1397384faad3", + "id": "4b555c30-47dd-11e8-bc13-1397384faad3-ecs", "type": "dashboard", "updated_at": "2018-04-24T18:31:56.356Z", "version": 3 diff --git a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json index 11d7504d3e71..0c89814c26ac 100644 --- a/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json +++ b/metricbeat/module/haproxy/_meta/kibana/7/dashboard/Metricbeat-haproxy-visualizations.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections [Metricbeat HAProxy]", + "title": "Connections [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -86,11 +86,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy connections", + "title": "HAProxy connections ECS", "type": "metrics" } }, - "id": "a64b4fd0-471c-11e8-bc13-1397384faad3", + "id": "a64b4fd0-471c-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-23T20:54:01.082Z", "version": 3 @@ -101,7 +101,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Active servers in backend [Metricbeat HAProxy]", + "title": "Active servers in backend [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -212,11 +212,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "HAProxy active servers in backend", + "title": "HAProxy active servers in backend ECS", "type": "metrics" } }, - "id": "794b6cd0-471d-11e8-bc13-1397384faad3", + "id": "794b6cd0-471d-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-23T21:36:57.634Z", "version": 8 @@ -227,7 +227,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections per server [Metricbeat HAProxy]", + "title": "Connections per server [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -240,7 +240,7 @@ "id": "978f2660-4735-11e8-b619-8f82b8185e96" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", "filter": "haproxy.stat.component_type:(2 OR 3)", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", @@ -280,11 +280,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy connections per server", + "title": "HAProxy connections per server ECS", "type": "metrics" } }, - "id": "bb0ab500-4735-11e8-bc13-1397384faad3", + "id": "bb0ab500-4735-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:12:35.298Z", "version": 3 @@ -295,7 +295,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Downtime seconds [Metricbeat HAProxy]", + "title": "Downtime seconds [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -354,11 +354,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "HAProxy downtime seconds", + "title": "HAProxy downtime seconds ECS", "type": "metrics" } }, - "id": "40bed190-473b-11e8-bc13-1397384faad3", + "id": "40bed190-473b-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-23T21:29:04.708Z", "version": 3 @@ -369,7 +369,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average time in queue [Metricbeat HAProxy]", + "title": "Average time in queue [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -408,11 +408,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy average time in queue", + "title": "HAProxy average time in queue ECS", "type": "metrics" } }, - "id": "b3463670-47a1-11e8-bc13-1397384faad3", + "id": "b3463670-47a1-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T09:27:25.783Z", "version": 1 @@ -423,7 +423,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Traffic volume [Metricbeat HAProxy]", + "title": "Traffic volume [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -496,11 +496,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy traffic volume", + "title": "HAProxy traffic volume ECS", "type": "metrics" } }, - "id": "86159190-47c5-11e8-bc13-1397384faad3", + "id": "86159190-47c5-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T14:43:27.616Z", "version": 3 @@ -511,7 +511,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "HTTP response codes [Metricbeat HAProxy]", + "title": "HTTP response codes [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -697,11 +697,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy HTTP response codes", + "title": "HAProxy HTTP response codes ECS", "type": "metrics" } }, - "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3", + "id": "fcbdfa60-47bd-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:31:30.169Z", "version": 4 @@ -712,7 +712,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average response time [Metricbeat HAProxy]", + "title": "Average response time [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -752,11 +752,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy average response time", + "title": "HAProxy average response time ECS", "type": "metrics" } }, - "id": "981d1040-47be-11e8-bc13-1397384faad3", + "id": "981d1040-47be-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T13:01:49.811Z", "version": 2 @@ -767,7 +767,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Requests [Metricbeat HAProxy]", + "title": "Requests [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -884,11 +884,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy requests", + "title": "HAProxy requests ECS", "type": "metrics" } }, - "id": "30956d00-47d7-11e8-bc13-1397384faad3", + "id": "30956d00-47d7-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T15:50:19.344Z", "version": 1 @@ -899,7 +899,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Average connection time [Metricbeat HAProxy]", + "title": "Average connection time [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -963,11 +963,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy average connection time", + "title": "HAProxy average connection time ECS", "type": "metrics" } }, - "id": "0751ed00-479c-11e8-bc13-1397384faad3", + "id": "0751ed00-479c-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T08:51:34.252Z", "version": 4 @@ -978,7 +978,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Number of server connections [Metricbeat HAProxy]", + "title": "Number of server connections [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1031,11 +1031,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy number of server connections", + "title": "HAProxy number of server connections ECS", "type": "metrics" } }, - "id": "72e84b00-47e1-11e8-bc13-1397384faad3", + "id": "72e84b00-47e1-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:05:00.128Z", "version": 2 @@ -1046,7 +1046,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Healthcheck [Metricbeat HAProxy]", + "title": "Healthcheck [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1131,11 +1131,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "HAProxy healthcheck", + "title": "HAProxy healthcheck ECS", "type": "metrics" } }, - "id": "976b0910-47e4-11e8-bc13-1397384faad3", + "id": "976b0910-47e4-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:49:15.393Z", "version": 5 @@ -1146,7 +1146,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Servers per connection [Metricbeat HAProxy]", + "title": "Servers per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1159,7 +1159,7 @@ "id": "50830800-47d9-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/8cc50a50-47e0-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.service_name:\"{{ key }}\"'))", "filter": "", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "ignore_global_filter": 0, @@ -1199,11 +1199,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy servers per connection", + "title": "HAProxy servers per connection ECS", "type": "metrics" } }, - "id": "79350d50-47db-11e8-bc13-1397384faad3", + "id": "79350d50-47db-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T17:11:53.619Z", "version": 7 @@ -1214,7 +1214,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Backends per connection [Metricbeat HAProxy]", + "title": "Backends per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1227,7 +1227,7 @@ "id": "4aeddd40-47dc-11e8-9db9-274c7a5e25e4" } ], - "drilldown_url": "../app/kibana#/dashboard/0836a4b0-47bd-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/0836a4b0-47bd-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1263,11 +1263,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy backends per connection", + "title": "HAProxy backends per connection ECS", "type": "metrics" } }, - "id": "8c8f0300-47dc-11e8-bc13-1397384faad3", + "id": "8c8f0300-47dc-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T16:46:24.802Z", "version": 2 @@ -1278,7 +1278,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Frontends per connection [Metricbeat HAProxy]", + "title": "Frontends per connection [Metricbeat HAProxy] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1291,7 +1291,7 @@ "id": "b81d8640-47dc-11e8-9a25-99b107967d82" } ], - "drilldown_url": "../app/kibana#/dashboard/e9057ae0-47c5-11e8-bc13-1397384faad3?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", + "drilldown_url": "../app/kibana#/dashboard/e9057ae0-47c5-11e8-bc13-1397384faad3-ecs?_a=(query:(language:lucene,query:'haproxy.stat.proxy.name:\"{{ key }}\"'))", "id": "61ca57f0-469d-11e7-af02-69e470af7417", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1327,11 +1327,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "HAProxy frontends per connection", + "title": "HAProxy frontends per connection ECS", "type": "metrics" } }, - "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3", + "id": "f1e27ed0-47dc-11e8-bc13-1397384faad3-ecs", "type": "visualization", "updated_at": "2018-04-24T16:54:16.639Z", "version": 3 diff --git a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json index 26d9a778a348..c86935cd7a43 100644 --- a/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json +++ b/metricbeat/module/kafka/_meta/kibana/7/dashboard/Metricbeat-kafka-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka]", + "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -88,11 +88,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka]", + "title": "Kafka Topic & Consumer Offsets [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f", + "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 9 @@ -103,7 +103,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Controls [Metricbeat Kafka]", + "title": "Kafka Controls [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -143,11 +143,11 @@ "updateFiltersOnChange": true, "useTimeFilter": false }, - "title": "Kafka Controls [Metricbeat Kafka]", + "title": "Kafka Controls [Metricbeat Kafka] ECS", "type": "input_control_vis" } }, - "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f", + "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 10 @@ -158,7 +158,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka]", + "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -222,11 +222,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka]", + "title": "Kafka Consumer Group Lag vs Time [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f", + "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 8 @@ -297,7 +297,7 @@ } } }, - "title": "Kafka Metrics [Metricbeat Kafka]", + "title": "Kafka Metrics [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -371,11 +371,11 @@ }, "type": "metric" }, - "title": "Kafka Metrics [Metricbeat Kafka]", + "title": "Kafka Metrics [Metricbeat Kafka] ECS", "type": "metric" } }, - "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f", + "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 12 @@ -386,7 +386,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Consumer Partition Reassignments [Metricbeat Kafka]", + "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -450,11 +450,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Consumer Partition Reassignments [Metricbeat Kafka]", + "title": "Consumer Partition Reassignments [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f", + "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 8 @@ -499,7 +499,7 @@ } } }, - "title": "Consumer Metrics [Metricbeat Kafka]", + "title": "Consumer Metrics [Metricbeat Kafka] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -543,11 +543,11 @@ }, "type": "metric" }, - "title": "Consumer Metrics [Metricbeat Kafka]", + "title": "Consumer Metrics [Metricbeat Kafka] ECS", "type": "metric" } }, - "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f", + "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 8 @@ -565,7 +565,7 @@ } } }, - "title": "Kafka Consumer Group Clients [Metricbeat Kafka]", + "title": "Kafka Consumer Group Clients [Metricbeat Kafka] ECS", "uiStateJSON": { "vis": { "params": { @@ -652,11 +652,11 @@ }, "totalFunc": "sum" }, - "title": "Kafka Consumer Group Clients [Metricbeat Kafka]", + "title": "Kafka Consumer Group Clients [Metricbeat Kafka] ECS", "type": "table" } }, - "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9", + "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", "type": "visualization", "updated_at": "2018-10-18T16:12:14.222Z", "version": 2 @@ -667,7 +667,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Broker Details [Metricbeat Kafka]", + "title": "Kafka Broker Details [Metricbeat Kafka] ECS", "uiStateJSON": { "table": { "sort": { @@ -778,11 +778,11 @@ "time_field": "@timestamp", "type": "table" }, - "title": "Kafka Broker Details [Metricbeat Kafka]", + "title": "Kafka Broker Details [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9", + "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", "type": "visualization", "updated_at": "2018-10-18T16:28:30.809Z", "version": 6 @@ -793,7 +793,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kafka Topic Details [Metricbeat Kafka]", + "title": "Kafka Topic Details [Metricbeat Kafka] ECS", "uiStateJSON": { "table": { "sort": { @@ -988,11 +988,11 @@ "time_field": "@timestamp", "type": "table" }, - "title": "Kafka Topic Details [Metricbeat Kafka]", + "title": "Kafka Topic Details [Metricbeat Kafka] ECS", "type": "metrics" } }, - "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9", + "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", "type": "visualization", "updated_at": "2018-10-18T16:51:33.352Z", "version": 3 @@ -1026,7 +1026,7 @@ "x": 0, "y": 20 }, - "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f", + "id": "b9d12c80-8e63-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "1", "title": "Kafka Topic & Consumer Offsets", "type": "visualization", @@ -1040,7 +1040,7 @@ "x": 0, "y": 0 }, - "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f", + "id": "8d2f79a0-8e65-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "3", "title": "Kafka Controls", "type": "visualization", @@ -1054,7 +1054,7 @@ "x": 0, "y": 6 }, - "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f", + "id": "944188f0-8e79-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "6", "title": "Consumer Group Lag by Topic", "type": "visualization", @@ -1071,7 +1071,7 @@ "x": 16, "y": 0 }, - "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f", + "id": "dc89f8d0-8e8e-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "10", "title": "Kafka Metrics", "type": "visualization", @@ -1086,7 +1086,7 @@ "x": 0, "y": 33 }, - "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f", + "id": "587f2360-8f21-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "12", "title": "Consumer Partition Reassignments", "type": "visualization", @@ -1101,7 +1101,7 @@ "x": 41, "y": 0 }, - "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f", + "id": "1681f1a0-90e7-11e8-8fa2-3d5f811fbd0f-ecs", "panelIndex": "13", "title": "Consumer Metrics", "type": "visualization", @@ -1126,7 +1126,7 @@ "x": 24, "y": 27 }, - "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9", + "id": "9a7576e0-d231-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "14", "title": "Kafka Consumer Group Clients", "type": "visualization", @@ -1141,7 +1141,7 @@ "x": 24, "y": 6 }, - "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9", + "id": "27dd5960-d2ed-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "15", "title": "Kafka Brokers", "type": "visualization", @@ -1163,7 +1163,7 @@ "x": 24, "y": 16 }, - "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9", + "id": "491fee50-d2f5-11e8-8766-dbbdc39e7ba9-ecs", "panelIndex": "16", "title": "Kafka Topic Details", "type": "visualization", @@ -1171,10 +1171,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat Kafka] Overview", + "title": "[Metricbeat Kafka] Overview ECS", "version": 1 }, - "id": "ea488d90-8e63-11e8-8fa2-3d5f811fbd0f", + "id": "ea488d90-8e63-11e8-8fa2-3d5f811fbd0f-ecs", "type": "dashboard", "updated_at": "2018-10-18T17:11:35.895Z", "version": 23 diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json index 8a1a788513e3..ae02bfe3ea95 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-apiserver.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Top clients by number of requests", + "title": "Kubernetes API Server: Top clients by number of requests ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -66,11 +66,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Kubernetes API Server: Top clients by number of requests", + "title": "Kubernetes API Server: Top clients by number of requests ECS", "type": "metrics" } }, - "id": "7cbeb750-5794-11e8-afa2-e9067ea62228", + "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", "type": "visualization", "updated_at": "2018-05-14T18:23:10.501Z", "version": 5 @@ -81,7 +81,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Requests", + "title": "Kubernetes API Server: Requests ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -171,11 +171,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Kubernetes API Server: Requests", + "title": "Kubernetes API Server: Requests ECS", "type": "metrics" } }, - "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228", + "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", "type": "visualization", "updated_at": "2018-05-14T18:21:27.515Z", "version": 4 @@ -186,7 +186,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Kubernetes API Server: Top clients by resource", + "title": "Kubernetes API Server: Top clients by resource ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -248,11 +248,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Kubernetes API Server: Top clients by resource", + "title": "Kubernetes API Server: Top clients by resource ECS", "type": "metrics" } }, - "id": "95a7f110-57a2-11e8-afa2-e9067ea62228", + "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", "type": "visualization", "updated_at": "2018-05-14T18:23:50.093Z", "version": 4 @@ -287,7 +287,7 @@ "x": 0, "y": 22 }, - "id": "7cbeb750-5794-11e8-afa2-e9067ea62228", + "id": "7cbeb750-5794-11e8-afa2-e9067ea62228-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -301,7 +301,7 @@ "x": 0, "y": 0 }, - "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228", + "id": "ec360ff0-57a0-11e8-afa2-e9067ea62228-ecs", "panelIndex": "3", "type": "visualization", "version": "6.3.0" @@ -315,17 +315,17 @@ "x": 24, "y": 22 }, - "id": "95a7f110-57a2-11e8-afa2-e9067ea62228", + "id": "95a7f110-57a2-11e8-afa2-e9067ea62228-ecs", "panelIndex": "4", "type": "visualization", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Metricbeat Kubernetes] API server", + "title": "[Metricbeat Kubernetes] API server ECS", "version": 1 }, - "id": "af7225b0-5794-11e8-afa2-e9067ea62228", + "id": "af7225b0-5794-11e8-afa2-e9067ea62228-ecs", "type": "dashboard", "updated_at": "2018-05-14T18:23:55.202Z", "version": 5 diff --git a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json index f4191b01a092..788394b8111c 100644 --- a/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json +++ b/metricbeat/module/kubernetes/_meta/kibana/7/dashboard/Metricbeat-kubernetes-overview.json @@ -16,7 +16,7 @@ } } }, - "title": "Available pods per deployment [Metricbeat Kubernetes]", + "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -24,7 +24,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "id": "117fadf0-30df-11e7-8df8-6d3604a72912", "index_pattern": "metricbeat-*", "interval": "auto", @@ -64,11 +64,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Available pods per deployment [Metricbeat Kubernetes]", + "title": "Available pods per deployment [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "022a54c0-2bf5-11e7-859b-f78b612cde28", + "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-11T20:59:01.845Z", "version": 4 @@ -86,7 +86,7 @@ } } }, - "title": "CPU usage by node [Metricbeat Kubernetes]", + "title": "CPU usage by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -105,7 +105,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", + "filter": "event.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -191,11 +191,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "CPU usage by node [Metricbeat Kubernetes]", + "title": "CPU usage by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "44f12b40-2bf4-11e7-859b-f78b612cde28", + "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -213,7 +213,7 @@ } } }, - "title": "Kubernetes - Deployments", + "title": "Kubernetes - Deployments ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -232,7 +232,7 @@ "id": "68cdba10-30e0-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "69765620-30e0-11e7-8df8-6d3604a72912" @@ -272,11 +272,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Deployments", + "title": "Kubernetes - Deployments ECS", "type": "metrics" } }, - "id": "cd059410-2bfb-11e7-859b-f78b612cde28", + "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -294,7 +294,7 @@ } } }, - "title": "Kubernetes - Desired pods", + "title": "Kubernetes - Desired pods ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -313,7 +313,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -356,11 +356,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Desired pods", + "title": "Kubernetes - Desired pods ECS", "type": "metrics" } }, - "id": "e1018b90-2bfb-11e7-859b-f78b612cde28", + "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -381,7 +381,7 @@ } } }, - "title": "Memory usage by node [Metricbeat Kubernetes]", + "title": "Memory usage by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -399,7 +399,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", + "filter": "event.module:kubernetes AND (metricset.name:container OR metricset.name:state_node)", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -488,11 +488,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Memory usage by node [Metricbeat Kubernetes]", + "title": "Memory usage by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "d6564360-2bfc-11e7-859b-f78b612cde28", + "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-04T23:15:29.035Z", "version": 4 @@ -510,7 +510,7 @@ } } }, - "title": "Network in by node [Metricbeat Kubernetes]", + "title": "Network in by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -529,7 +529,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:pod", + "filter": "event.module:kubernetes AND metricset.name:pod", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -583,11 +583,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Network in by node [Metricbeat Kubernetes]", + "title": "Network in by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "16fa4470-2bfd-11e7-859b-f78b612cde28", + "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -605,7 +605,7 @@ } } }, - "title": "Network out by node [Metricbeat Kubernetes]", + "title": "Network out by node [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -624,7 +624,7 @@ "id": "1373ddd0-2bf2-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:pod", + "filter": "event.module:kubernetes AND metricset.name:pod", "gauge_color_rules": [ { "id": "140e4910-2bf2-11e7-859b-f78b612cde28" @@ -678,11 +678,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Network out by node [Metricbeat Kubernetes]", + "title": "Network out by node [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "294546b0-30d6-11e7-8df8-6d3604a72912", + "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -700,7 +700,7 @@ } } }, - "title": "Kubernetes - Nodes", + "title": "Kubernetes - Nodes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -719,7 +719,7 @@ "id": "68cdba10-30e0-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_node", + "filter": "event.module:kubernetes AND metricset.name:state_node", "gauge_color_rules": [ { "id": "69765620-30e0-11e7-8df8-6d3604a72912" @@ -759,11 +759,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Nodes", + "title": "Kubernetes - Nodes ECS", "type": "metrics" } }, - "id": "408fccf0-30d6-11e7-8df8-6d3604a72912", + "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -781,7 +781,7 @@ } } }, - "title": "Top CPU intensive pods [Metricbeat Kubernetes]", + "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -795,7 +795,7 @@ "id": "802104d0-2bfc-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:container", + "filter": "event.module:kubernetes AND metricset.name:container", "id": "5d3692a0-2bfc-11e7-859b-f78b612cde28", "index_pattern": "metricbeat-*", "interval": "auto", @@ -842,11 +842,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top CPU intensive pods [Metricbeat Kubernetes]", + "title": "Top CPU intensive pods [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "58e644f0-30d6-11e7-8df8-6d3604a72912", + "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -867,7 +867,7 @@ } } }, - "title": "Top memory intensive pods [Metricbeat Kubernetes]", + "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -880,7 +880,7 @@ "id": "802104d0-2bfc-11e7-859b-f78b612cde28" } ], - "filter": "metricset.module:kubernetes AND metricset.name:container", + "filter": "event.module:kubernetes AND metricset.name:container", "id": "5d3692a0-2bfc-11e7-859b-f78b612cde28", "index_pattern": "metricbeat-*", "interval": "auto", @@ -928,11 +928,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top memory intensive pods [Metricbeat Kubernetes]", + "title": "Top memory intensive pods [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "a4c9d360-30df-11e7-8df8-6d3604a72912", + "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-11T21:00:49.028Z", "version": 4 @@ -950,7 +950,7 @@ } } }, - "title": "Kubernetes - Unavailable pods", + "title": "Kubernetes - Unavailable pods ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -969,7 +969,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -1011,11 +1011,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Unavailable pods", + "title": "Kubernetes - Unavailable pods ECS", "type": "metrics" } }, - "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912", + "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -1036,7 +1036,7 @@ } } }, - "title": "Unavailable pods per deployment [Metricbeat Kubernetes]", + "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1044,7 +1044,7 @@ "params": { "axis_formatter": "number", "axis_position": "left", - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "id": "117fadf0-30df-11e7-8df8-6d3604a72912", "index_pattern": "metricbeat-*", "interval": "auto", @@ -1084,11 +1084,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Unavailable pods per deployment [Metricbeat Kubernetes]", + "title": "Unavailable pods per deployment [Metricbeat Kubernetes] ECS", "type": "metrics" } }, - "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912", + "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", "type": "visualization", "updated_at": "2018-03-11T20:59:18.668Z", "version": 4 @@ -1106,7 +1106,7 @@ } } }, - "title": "Kubernetes - Available pods", + "title": "Kubernetes - Available pods ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1125,7 +1125,7 @@ "id": "674d83b0-30d5-11e7-8df8-6d3604a72912" } ], - "filter": "metricset.module:kubernetes AND metricset.name:state_deployment", + "filter": "event.module:kubernetes AND metricset.name:state_deployment", "gauge_color_rules": [ { "id": "50f9b980-30d5-11e7-8df8-6d3604a72912" @@ -1169,11 +1169,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Kubernetes - Available pods", + "title": "Kubernetes - Available pods ECS", "type": "metrics" } }, - "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3", + "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", "type": "visualization", "updated_at": "2018-03-01T18:58:07.906Z", "version": 3 @@ -1211,7 +1211,7 @@ "x": 6, "y": 0 }, - "id": "022a54c0-2bf5-11e7-859b-f78b612cde28", + "id": "022a54c0-2bf5-11e7-859b-f78b612cde28-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.2" @@ -1224,7 +1224,7 @@ "x": 0, "y": 6 }, - "id": "44f12b40-2bf4-11e7-859b-f78b612cde28", + "id": "44f12b40-2bf4-11e7-859b-f78b612cde28-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.2" @@ -1237,7 +1237,7 @@ "x": 3, "y": 0 }, - "id": "cd059410-2bfb-11e7-859b-f78b612cde28", + "id": "cd059410-2bfb-11e7-859b-f78b612cde28-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.2" @@ -1250,7 +1250,7 @@ "x": 0, "y": 3 }, - "id": "e1018b90-2bfb-11e7-859b-f78b612cde28", + "id": "e1018b90-2bfb-11e7-859b-f78b612cde28-ecs", "panelIndex": "6", "type": "visualization", "version": "6.2.2" @@ -1263,7 +1263,7 @@ "x": 6, "y": 6 }, - "id": "d6564360-2bfc-11e7-859b-f78b612cde28", + "id": "d6564360-2bfc-11e7-859b-f78b612cde28-ecs", "panelIndex": "7", "type": "visualization", "version": "6.2.2" @@ -1276,7 +1276,7 @@ "x": 6, "y": 9 }, - "id": "16fa4470-2bfd-11e7-859b-f78b612cde28", + "id": "16fa4470-2bfd-11e7-859b-f78b612cde28-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.2" @@ -1289,7 +1289,7 @@ "x": 0, "y": 9 }, - "id": "294546b0-30d6-11e7-8df8-6d3604a72912", + "id": "294546b0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "9", "type": "visualization", "version": "6.2.2" @@ -1302,7 +1302,7 @@ "x": 0, "y": 0 }, - "id": "408fccf0-30d6-11e7-8df8-6d3604a72912", + "id": "408fccf0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.2" @@ -1315,7 +1315,7 @@ "x": 0, "y": 12 }, - "id": "58e644f0-30d6-11e7-8df8-6d3604a72912", + "id": "58e644f0-30d6-11e7-8df8-6d3604a72912-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.2" @@ -1328,7 +1328,7 @@ "x": 6, "y": 12 }, - "id": "a4c9d360-30df-11e7-8df8-6d3604a72912", + "id": "a4c9d360-30df-11e7-8df8-6d3604a72912-ecs", "panelIndex": "12", "type": "visualization", "version": "6.2.2" @@ -1341,7 +1341,7 @@ "x": 4, "y": 3 }, - "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912", + "id": "174a6ad0-30e0-11e7-8df8-6d3604a72912-ecs", "panelIndex": "13", "type": "visualization", "version": "6.2.2" @@ -1354,7 +1354,7 @@ "x": 6, "y": 3 }, - "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912", + "id": "7aac4fd0-30e0-11e7-8df8-6d3604a72912-ecs", "panelIndex": "14", "type": "visualization", "version": "6.2.2" @@ -1367,17 +1367,17 @@ "x": 2, "y": 3 }, - "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3", + "id": "da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3-ecs", "panelIndex": "15", "type": "visualization", "version": "6.2.2" } ], "timeRestore": false, - "title": "[Metricbeat Kubernetes] Overview", + "title": "[Metricbeat Kubernetes] Overview ECS", "version": 1 }, - "id": "AV4RGUqo5NkDleZmzKuZ", + "id": "AV4RGUqo5NkDleZmzKuZ-ecs", "type": "dashboard", "updated_at": "2018-03-11T21:00:58.354Z", "version": 4 diff --git a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json index 3916d588c72e..c7e78a012219 100644 --- a/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json +++ b/metricbeat/module/mongodb/_meta/kibana/7/dashboard/Metricbeat-mongodb-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Hosts [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Hosts [Metricbeat MongoDB] ECS", "uiStateJSON": { "vis": { "params": { @@ -37,7 +37,7 @@ "enabled": true, "id": "2", "params": { - "field": "metricset.host", + "field": "service.address", "order": "desc", "orderBy": "1", "size": 5 @@ -87,11 +87,11 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat MongoDB]", + "title": "Hosts [Metricbeat MongoDB] ECS", "type": "table" } }, - "id": "MongoDB-hosts", + "id": "MongoDB-hosts-ecs", "type": "visualization", "version": 2 }, @@ -103,8 +103,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Engine & Version [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Engine & Version [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -113,7 +113,7 @@ "enabled": true, "id": "1", "params": { - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -136,7 +136,7 @@ "id": "3", "params": { "customLabel": "Version", - "field": "mongodb.status.version", + "field": "service.version", "order": "desc", "orderBy": "1", "size": 5 @@ -153,11 +153,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "Engine & Version [Metricbeat MongoDB]", + "title": "Engine & Version [Metricbeat MongoDB] ECS", "type": "pie" } }, - "id": "MongoDB-Engine-ampersand-Version", + "id": "MongoDB-Engine-ampersand-Version-ecs", "type": "visualization", "version": 2 }, @@ -169,8 +169,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Operation counters [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Operation counters [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -326,11 +326,11 @@ ], "yAxis": {} }, - "title": "Operation counters [Metricbeat MongoDB]", + "title": "Operation counters [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-operation-counters", + "id": "MongoDB-operation-counters-ecs", "type": "visualization", "version": 2 }, @@ -342,8 +342,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Concurrent transactions Read [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Concurrent transactions Read [Metricbeat MongoDB] ECS", "uiStateJSON": { "vis": { "colors": { @@ -466,11 +466,11 @@ ], "yAxis": {} }, - "title": "Concurrent transactions Read [Metricbeat MongoDB]", + "title": "Concurrent transactions Read [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-Concurrent-transactions-Read", + "id": "MongoDB-Concurrent-transactions-Read-ecs", "type": "visualization", "version": 2 }, @@ -482,8 +482,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Concurrent transactions Write [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Concurrent transactions Write [Metricbeat MongoDB] ECS", "uiStateJSON": { "vis": { "colors": { @@ -606,11 +606,11 @@ ], "yAxis": {} }, - "title": "Concurrent transactions Write [Metricbeat MongoDB]", + "title": "Concurrent transactions Write [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-Concurrent-transactions-Write", + "id": "MongoDB-Concurrent-transactions-Write-ecs", "type": "visualization", "version": 2 }, @@ -622,8 +622,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Memory stats [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Memory stats [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -760,11 +760,11 @@ ], "yAxis": {} }, - "title": "Memory stats [Metricbeat MongoDB]", + "title": "Memory stats [Metricbeat MongoDB] ECS", "type": "line" } }, - "id": "MongoDB-memory-stats", + "id": "MongoDB-memory-stats-ecs", "type": "visualization", "version": 2 }, @@ -776,8 +776,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "Asserts [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "Asserts [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -923,11 +923,11 @@ ], "yAxis": {} }, - "title": "Asserts [Metricbeat MongoDB]", + "title": "Asserts [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-asserts", + "id": "MongoDB-asserts-ecs", "type": "visualization", "version": 2 }, @@ -939,8 +939,8 @@ "filter": [] } }, - "savedSearchId": "MongoDB-search", - "title": "WiredTiger Cache [Metricbeat MongoDB]", + "savedSearchId": "MongoDB-search-ecs", + "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1066,11 +1066,11 @@ ], "yAxis": {} }, - "title": "WiredTiger Cache [Metricbeat MongoDB]", + "title": "WiredTiger Cache [Metricbeat MongoDB] ECS", "type": "area" } }, - "id": "MongoDB-WiredTiger-Cache", + "id": "MongoDB-WiredTiger-Cache-ecs", "type": "visualization", "version": 2 }, @@ -1101,7 +1101,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:mongodb" + "query": "event.module:mongodb" } } } @@ -1110,10 +1110,10 @@ "@timestamp", "desc" ], - "title": "MongoDB search", + "title": "MongoDB search ECS", "version": 1 }, - "id": "MongoDB-search", + "id": "MongoDB-search-ecs", "type": "search", "version": 1 }, @@ -1143,7 +1143,7 @@ "panelsJSON": [ { "col": 1, - "id": "MongoDB-hosts", + "id": "MongoDB-hosts-ecs", "panelIndex": 1, "row": 1, "size_x": 8, @@ -1152,7 +1152,7 @@ }, { "col": 9, - "id": "MongoDB-Engine-ampersand-Version", + "id": "MongoDB-Engine-ampersand-Version-ecs", "panelIndex": 4, "row": 1, "size_x": 4, @@ -1161,7 +1161,7 @@ }, { "col": 1, - "id": "MongoDB-operation-counters", + "id": "MongoDB-operation-counters-ecs", "panelIndex": 2, "row": 4, "size_x": 6, @@ -1170,7 +1170,7 @@ }, { "col": 7, - "id": "MongoDB-Concurrent-transactions-Read", + "id": "MongoDB-Concurrent-transactions-Read-ecs", "panelIndex": 6, "row": 4, "size_x": 3, @@ -1179,7 +1179,7 @@ }, { "col": 10, - "id": "MongoDB-Concurrent-transactions-Write", + "id": "MongoDB-Concurrent-transactions-Write-ecs", "panelIndex": 7, "row": 4, "size_x": 3, @@ -1188,7 +1188,7 @@ }, { "col": 1, - "id": "MongoDB-memory-stats", + "id": "MongoDB-memory-stats-ecs", "panelIndex": 5, "row": 10, "size_x": 12, @@ -1197,7 +1197,7 @@ }, { "col": 7, - "id": "MongoDB-asserts", + "id": "MongoDB-asserts-ecs", "panelIndex": 3, "row": 7, "size_x": 6, @@ -1206,7 +1206,7 @@ }, { "col": 1, - "id": "MongoDB-WiredTiger-Cache", + "id": "MongoDB-WiredTiger-Cache-ecs", "panelIndex": 8, "row": 7, "size_x": 6, @@ -1215,7 +1215,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat MongoDB] Overview", + "title": "[Metricbeat MongoDB] Overview ECS", "uiStateJSON": { "P-1": { "vis": { @@ -1230,7 +1230,7 @@ }, "version": 1 }, - "id": "Metricbeat-MongoDB", + "id": "Metricbeat-MongoDB-ecs", "type": "dashboard", "version": 3 } diff --git a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json index ae00dabb15d4..93f84529c016 100644 --- a/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json +++ b/metricbeat/module/mysql/_meta/kibana/7/dashboard/Metricbeat-mysql-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Connections rate [Metricbeat MySQL]", + "title": "Connections rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -52,11 +52,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Connections rate [Metricbeat MySQL]", + "title": "Connections rate [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1", + "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -67,7 +67,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Command rates [Metricbeat MySQL]", + "title": "Command rates [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -193,11 +193,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Command rates [Metricbeat MySQL]", + "title": "Command rates [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1", + "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -208,7 +208,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Running threads [Metricbeat MySQL]", + "title": "Running threads [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -248,11 +248,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Running threads [Metricbeat MySQL]", + "title": "Running threads [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1", + "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -263,7 +263,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Opened tables rate [Metricbeat MySQL]", + "title": "Opened tables rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -309,11 +309,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Opened tables rate [Metricbeat MySQL]", + "title": "Opened tables rate [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1", + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 3 @@ -324,7 +324,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Threads created rate [Metricbeat MySQL]", + "title": "Threads created rate [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -370,11 +370,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Threads created rate [Metricbeat MySQL]", + "title": "Threads created rate [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1", + "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -385,7 +385,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Open files [Metricbeat MySQL]", + "title": "Open files [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -425,11 +425,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Open files [Metricbeat MySQL]", + "title": "Open files [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1", + "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:14:45.934Z", "version": 2 @@ -440,7 +440,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Sent and received bytes rates [Metricbeat MySQL]", + "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -513,11 +513,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Sent and received bytes rates [Metricbeat MySQL]", + "title": "Sent and received bytes rates [Metricbeat MySQL] ECS", "type": "metrics" } }, - "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1", + "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", "type": "visualization", "updated_at": "2018-01-05T09:15:49.714Z", "version": 3 @@ -555,7 +555,7 @@ "x": 0, "y": 3 }, - "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1", + "id": "d7e6bee0-f1f3-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.4" @@ -568,7 +568,7 @@ "x": 0, "y": 0 }, - "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1", + "id": "695a4f90-f1f4-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.4" @@ -581,7 +581,7 @@ "x": 6, "y": 3 }, - "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1", + "id": "124dce60-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "13", "type": "visualization", "version": "6.2.4" @@ -594,7 +594,7 @@ "x": 0, "y": 6 }, - "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1", + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "14", "type": "visualization", "version": "6.2.4" @@ -607,7 +607,7 @@ "x": 6, "y": 6 }, - "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1", + "id": "fb1f3f20-f1f5-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "15", "type": "visualization", "version": "6.2.4" @@ -620,7 +620,7 @@ "x": 6, "y": 9 }, - "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1", + "id": "f5b35930-f1f6-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "16", "type": "visualization", "version": "6.2.4" @@ -633,17 +633,17 @@ "x": 0, "y": 9 }, - "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1", + "id": "7404feb0-f1f7-11e7-85ab-594b1652e0d1-ecs", "panelIndex": "17", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Metricbeat MySQL] Overview", + "title": "[Metricbeat MySQL] Overview ECS", "version": 1 }, - "id": "66881e90-0006-11e7-bf7f-c9acc3d3e306", + "id": "66881e90-0006-11e7-bf7f-c9acc3d3e306-ecs", "type": "dashboard", "updated_at": "2018-01-05T09:14:45.934Z", "version": 3 diff --git a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json index 784f6c8a2ab5..da25f98f3186 100644 --- a/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json +++ b/metricbeat/module/nats/_meta/kibana/7/dashboard/Metricbeat-nats-overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Subscriptions Info [Metricbeat NATS]", + "title": "Subscriptions Info [Metricbeat NATS] ECS", "uiStateJSON": { "vis": { "params": { @@ -120,11 +120,11 @@ }, "totalFunc": "sum" }, - "title": "Subscriptions Info [Metricbeat NATS]", + "title": "Subscriptions Info [Metricbeat NATS] ECS", "type": "table" } }, - "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61", + "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:54:30.301Z", "version": 3 @@ -142,7 +142,7 @@ } } }, - "title": "Current Memory Usage [Metricbeat NATS]", + "title": "Current Memory Usage [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -186,11 +186,11 @@ }, "type": "metric" }, - "title": "Current Memory Usage [Metricbeat NATS]", + "title": "Current Memory Usage [Metricbeat NATS] ECS", "type": "metric" } }, - "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61", + "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:56:32.097Z", "version": 4 @@ -208,7 +208,7 @@ } } }, - "title": "Server Uptime [Metricbeat NATS]", + "title": "Server Uptime [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -252,11 +252,11 @@ }, "type": "metric" }, - "title": "Server Uptime [Metricbeat NATS]", + "title": "Server Uptime [Metricbeat NATS] ECS", "type": "metric" } }, - "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:57:04.084Z", "version": 4 @@ -274,7 +274,7 @@ } } }, - "title": "Total Connections [Metricbeat NATS]", + "title": "Total Connections [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -318,11 +318,11 @@ }, "type": "metric" }, - "title": "Total Connections [Metricbeat NATS]", + "title": "Total Connections [Metricbeat NATS] ECS", "type": "metric" } }, - "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:57:32.006Z", "version": 4 @@ -340,7 +340,7 @@ } } }, - "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS]", + "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -507,11 +507,11 @@ } ] }, - "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS]", + "title": "Remotes-Subsz-Connz-Routez Timeline [Metricbeat NATS] ECS", "type": "area" } }, - "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61", + "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-24T07:53:31.785Z", "version": 3 @@ -529,7 +529,7 @@ } } }, - "title": "Subscription Stats Timeline [Metricbeat NATS]", + "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -714,11 +714,11 @@ } ] }, - "title": "Subscription Stats Timeline [Metricbeat NATS]", + "title": "Subscription Stats Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61", + "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", "type": "visualization", "updated_at": "2019-01-23T14:55:04.899Z", "version": 3 @@ -736,7 +736,7 @@ } } }, - "title": "Slow Consumers Timeline [Metricbeat NATS]", + "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -833,11 +833,11 @@ } ] }, - "title": "Slow Consumers Timeline [Metricbeat NATS]", + "title": "Slow Consumers Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90", + "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", "type": "visualization", "updated_at": "2019-01-23T14:53:57.137Z", "version": 2 @@ -855,7 +855,7 @@ } } }, - "title": "IO Bytes Stats [Metricbeat NATS]", + "title": "IO Bytes Stats [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -974,11 +974,11 @@ } ] }, - "title": "IO Bytes Stats [Metricbeat NATS]", + "title": "IO Bytes Stats [Metricbeat NATS] ECS", "type": "line" } }, - "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90", + "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", "type": "visualization", "updated_at": "2019-01-24T07:48:22.914Z", "version": 4 @@ -996,7 +996,7 @@ } } }, - "title": "Memory Utilization Timeline [Metricbeat NATS]", + "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1093,11 +1093,11 @@ } ] }, - "title": "Memory Utilization Timeline [Metricbeat NATS]", + "title": "Memory Utilization Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90", + "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", "type": "visualization", "updated_at": "2019-01-24T07:52:55.445Z", "version": 5 @@ -1115,7 +1115,7 @@ } } }, - "title": "IO Messages Stats [Metricbeat NATS]", + "title": "IO Messages Stats [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1234,11 +1234,11 @@ } ] }, - "title": "IO Messages Stats [Metricbeat NATS]", + "title": "IO Messages Stats [Metricbeat NATS] ECS", "type": "line" } }, - "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb", + "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", "type": "visualization", "updated_at": "2019-01-24T07:47:25.774Z", "version": 2 @@ -1256,7 +1256,7 @@ } } }, - "title": "CPU Utilization Timeline [Metricbeat NATS]", + "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1353,11 +1353,11 @@ } ] }, - "title": "CPU Utilization Timeline [Metricbeat NATS]", + "title": "CPU Utilization Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb", + "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", "type": "visualization", "updated_at": "2019-01-24T07:51:51.767Z", "version": 2 @@ -1375,7 +1375,7 @@ } } }, - "title": "Cache Hit Rate Timeline [Metricbeat NATS]", + "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1472,11 +1472,11 @@ } ] }, - "title": "Cache Hit Rate Timeline [Metricbeat NATS]", + "title": "Cache Hit Rate Timeline [Metricbeat NATS] ECS", "type": "line" } }, - "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb", + "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", "type": "visualization", "updated_at": "2019-01-23T14:57:20.994Z", "version": 2 @@ -1511,7 +1511,7 @@ "x": 0, "y": 45 }, - "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61", + "id": "b129b220-1e44-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "6", "type": "visualization", "version": "6.5.4" @@ -1525,7 +1525,7 @@ "x": 24, "y": 34 }, - "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61", + "id": "30a61c00-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "7", "type": "visualization", "version": "6.5.4" @@ -1539,7 +1539,7 @@ "x": 37, "y": 34 }, - "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "206f1bc0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "8", "type": "visualization", "version": "6.5.4" @@ -1553,7 +1553,7 @@ "x": 24, "y": 41 }, - "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61", + "id": "4c380ff0-1e45-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "9", "type": "visualization", "version": "6.5.4" @@ -1567,7 +1567,7 @@ "x": 0, "y": 34 }, - "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61", + "id": "199d3d30-1e46-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "11", "type": "visualization", "version": "6.5.4" @@ -1581,7 +1581,7 @@ "x": 15, "y": 0 }, - "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61", + "id": "754215c0-1e46-11e9-a1b4-79a7ae42ab61-ecs", "panelIndex": "12", "type": "visualization", "version": "6.5.4" @@ -1595,7 +1595,7 @@ "x": 0, "y": 0 }, - "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90", + "id": "94534190-1e97-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "13", "type": "visualization", "version": "6.5.4" @@ -1609,7 +1609,7 @@ "x": 24, "y": 10 }, - "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90", + "id": "be1d8a20-1e98-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "14", "type": "visualization", "version": "6.5.4" @@ -1627,7 +1627,7 @@ "x": 24, "y": 22 }, - "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90", + "id": "8204e820-1e99-11e9-b9e7-93b3bd2eec90-ecs", "panelIndex": "15", "type": "visualization", "version": "6.5.4" @@ -1641,7 +1641,7 @@ "x": 0, "y": 10 }, - "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb", + "id": "cdbf4110-1f0d-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "16", "type": "visualization", "version": "6.3.2" @@ -1655,7 +1655,7 @@ "x": 0, "y": 22 }, - "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb", + "id": "138dc660-1f1a-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "17", "type": "visualization", "version": "6.3.2" @@ -1669,17 +1669,17 @@ "x": 33, "y": 0 }, - "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb", + "id": "dff743a0-1f1c-11e9-a673-d9577e5e50eb-ecs", "panelIndex": "18", "type": "visualization", "version": "6.3.2" } ], "timeRestore": false, - "title": "[Metricbeat NATS] Overview", + "title": "[Metricbeat NATS] Overview ECS", "version": 1 }, - "id": "Metricbeat-Nats-Dashboard", + "id": "Metricbeat-Nats-Dashboard-ecs", "type": "dashboard", "updated_at": "2019-01-24T08:13:29.732Z", "version": 4 diff --git a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json index 513738292a0a..6bcb92193532 100644 --- a/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json +++ b/metricbeat/module/nginx/_meta/kibana/7/dashboard/metricbeat-nginx-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Request Rate [Metricbeat Nginx]", + "title": "Request Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -52,11 +52,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Request Rate [Metricbeat Nginx]", + "title": "Request Rate [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129", + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T22:48:58.542Z", "version": 2 @@ -67,7 +67,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Accepts and Handled Rate [Metricbeat Nginx]", + "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -152,11 +152,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Accepts and Handled Rate [Metricbeat Nginx]", + "title": "Accepts and Handled Rate [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129", + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T23:07:23.056Z", "version": 2 @@ -167,7 +167,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Drops Rate [Metricbeat Nginx]", + "title": "Drops Rate [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -213,11 +213,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Drops Rate [Metricbeat Nginx]", + "title": "Drops Rate [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129", + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T22:51:46.375Z", "version": 1 @@ -228,7 +228,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Active connections [Metricbeat Nginx]", + "title": "Active connections [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -267,11 +267,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Active connections [Metricbeat Nginx]", + "title": "Active connections [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129", + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T23:09:55.944Z", "version": 2 @@ -282,7 +282,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx]", + "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -364,11 +364,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx]", + "title": "Reading / Writing / Waiting Rates [Metricbeat Nginx] ECS", "type": "metrics" } }, - "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129", + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", "type": "visualization", "updated_at": "2018-01-04T23:13:23.859Z", "version": 1 @@ -402,7 +402,7 @@ "x": 6, "y": 0 }, - "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129", + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "1", "type": "visualization", "version": "6.2.4" @@ -415,7 +415,7 @@ "x": 6, "y": 3 }, - "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129", + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "2", "type": "visualization", "version": "6.2.4" @@ -428,7 +428,7 @@ "x": 0, "y": 3 }, - "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129", + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "3", "type": "visualization", "version": "6.2.4" @@ -441,7 +441,7 @@ "x": 0, "y": 0 }, - "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129", + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -454,17 +454,17 @@ "x": 0, "y": 6 }, - "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129", + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", "panelIndex": "5", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Metricbeat Nginx] Overview", + "title": "[Metricbeat Nginx] Overview ECS", "version": 1 }, - "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129", + "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs", "type": "dashboard", "updated_at": "2018-01-04T23:14:26.755Z", "version": 1 diff --git a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json index 3b5e1ad38e43..bfc42629f112 100644 --- a/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json +++ b/metricbeat/module/rabbitmq/_meta/kibana/7/dashboard/Metricbeat-rabbitmq-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Memory Usage [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Memory Usage [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -70,11 +70,11 @@ "times": [], "yAxis": {} }, - "title": "RabbitMQ Memory Usage", + "title": "RabbitMQ Memory Usage ECS", "type": "line" } }, - "id": "RabbitMQ-Memory-Usage", + "id": "RabbitMQ-Memory-Usage-ecs", "type": "visualization", "version": 2 }, @@ -86,8 +86,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Number of Nodes [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Number of Nodes [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -108,11 +108,11 @@ "fontSize": 60, "handleNoResults": true }, - "title": "Rabbitmq-Number-of-Nodes", + "title": "Rabbitmq-Number-of-Nodes-ecs ECS", "type": "metric" } }, - "id": "Rabbitmq-Number-of-Nodes", + "id": "Rabbitmq-Number-of-Nodes-ecs ECS", "type": "visualization", "version": 2 }, @@ -124,8 +124,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Erlang Process Usage [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Erlang Process Usage [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -185,11 +185,11 @@ "times": [], "yAxis": {} }, - "title": "RabbitMQ Erlang Process Usage", + "title": "RabbitMQ Erlang Process Usage ECS", "type": "line" } }, - "id": "RabbitMQ-Erlang-Process-Usage", + "id": "RabbitMQ-Erlang-Process-Usage-ecs", "type": "visualization", "version": 2 }, @@ -201,8 +201,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Rabbitmq", - "title": "Queue Index Operations [Metricbeat RabbitMQ]", + "savedSearchId": "Metricbeat-Rabbitmq-ecs ECS", + "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -329,11 +329,11 @@ ], "yAxis": {} }, - "title": "Queue Index Operations [Metricbeat RabbitMQ]", + "title": "Queue Index Operations [Metricbeat RabbitMQ] ECS", "type": "line" } }, - "id": "RabbitMQ-Queue-Index-Operations", + "id": "RabbitMQ-Queue-Index-Operations-ecs", "type": "visualization", "version": 2 }, @@ -361,7 +361,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:rabbitmq" + "query": "event.module:rabbitmq" } } } @@ -370,10 +370,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat-Rabbitmq", + "title": "Metricbeat-Rabbitmq-ecs ECS", "version": 1 }, - "id": "Metricbeat-Rabbitmq", + "id": "Metricbeat-Rabbitmq-ecs ECS", "type": "search", "version": 1 }, @@ -403,7 +403,7 @@ "panelsJSON": [ { "col": 1, - "id": "RabbitMQ-Memory-Usage", + "id": "RabbitMQ-Memory-Usage-ecs", "panelIndex": 8, "row": 1, "size_x": 6, @@ -412,7 +412,7 @@ }, { "col": 8, - "id": "Rabbitmq-Number-of-Nodes", + "id": "Rabbitmq-Number-of-Nodes-ecs ECS", "panelIndex": 2, "row": 1, "size_x": 3, @@ -421,7 +421,7 @@ }, { "col": 1, - "id": "RabbitMQ-Erlang-Process-Usage", + "id": "RabbitMQ-Erlang-Process-Usage-ecs", "panelIndex": 10, "row": 4, "size_x": 6, @@ -430,7 +430,7 @@ }, { "col": 7, - "id": "RabbitMQ-Queue-Index-Operations", + "id": "RabbitMQ-Queue-Index-Operations-ecs", "panelIndex": 9, "row": 4, "size_x": 6, @@ -439,7 +439,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat RabbitMQ] Overview", + "title": "[Metricbeat RabbitMQ] Overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -451,7 +451,7 @@ }, "version": 1 }, - "id": "AV4YobKIge1VCbKU_qVo", + "id": "AV4YobKIge1VCbKU_qVo-ecs", "type": "dashboard", "version": 2 } diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json index ccf3508789cc..d39771ae8bfc 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-keys.json @@ -12,7 +12,7 @@ } } }, - "title": "Keyspace selector [Redis]", + "title": "Keyspace selector [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -39,11 +39,11 @@ "updateFiltersOnChange": true, "useTimeFilter": false }, - "title": "Keyspace selector [Redis]", + "title": "Keyspace selector [Redis] ECS", "type": "input_control_vis" } }, - "id": "00d39210-050d-11e9-9c60-d582a238e2c5", + "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:19:04.179Z", "version": 5 @@ -88,7 +88,7 @@ } } }, - "title": "Lists length [Redis]", + "title": "Lists length [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -228,11 +228,11 @@ } ] }, - "title": "Lists length [Redis]", + "title": "Lists length [Redis] ECS", "type": "line" } }, - "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5", + "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:22:12.807Z", "version": 4 @@ -250,7 +250,7 @@ } } }, - "title": "Keys by type [Redis]", + "title": "Keys by type [Redis] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -377,11 +377,11 @@ } ] }, - "title": "Keys by type [Redis]", + "title": "Keys by type [Redis] ECS", "type": "line" } }, - "id": "4435ac40-050e-11e9-9c60-d582a238e2c5", + "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:23:46.207Z", "version": 5 @@ -426,7 +426,7 @@ } } }, - "title": "Average string key size [Redis]", + "title": "Average string key size [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -548,11 +548,11 @@ } ] }, - "title": "Average string key size [Redis]", + "title": "Average string key size [Redis] ECS", "type": "line" } }, - "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5", + "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:28:20.970Z", "version": 1 @@ -595,7 +595,7 @@ } } }, - "title": "Average keys TTL [Redis]", + "title": "Average keys TTL [Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -734,11 +734,11 @@ } ] }, - "title": "Average keys TTL [Redis]", + "title": "Average keys TTL [Redis] ECS", "type": "line" } }, - "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5", + "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", "type": "visualization", "updated_at": "2018-12-21T11:34:03.597Z", "version": 1 @@ -808,7 +808,7 @@ "x": 0, "y": 0 }, - "id": "00d39210-050d-11e9-9c60-d582a238e2c5", + "id": "00d39210-050d-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "1", "title": "Keyspace selector", "type": "visualization", @@ -823,7 +823,7 @@ "x": 12, "y": 0 }, - "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5", + "id": "7f4bc7d0-050c-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "2", "title": "Lists length", "type": "visualization", @@ -842,7 +842,7 @@ "x": 0, "y": 5 }, - "id": "4435ac40-050e-11e9-9c60-d582a238e2c5", + "id": "4435ac40-050e-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "3", "title": "Keys by type", "type": "visualization", @@ -857,7 +857,7 @@ "x": 0, "y": 15 }, - "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5", + "id": "8541a4a0-0513-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "4", "title": "Average size of string keys", "type": "visualization", @@ -872,7 +872,7 @@ "x": 24, "y": 15 }, - "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5", + "id": "517a5fd0-0514-11e9-9c60-d582a238e2c5-ecs", "panelIndex": "5", "title": "Average keys TTL", "type": "visualization", @@ -880,10 +880,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat Redis] Keys", + "title": "[Metricbeat Redis] Keys ECS", "version": 1 }, - "id": "28969190-0511-11e9-9c60-d582a238e2c5", + "id": "28969190-0511-11e9-9c60-d582a238e2c5-ecs", "type": "dashboard", "updated_at": "2018-12-21T11:39:13.143Z", "version": 4 diff --git a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json index f244f0cb8532..1efa33513f0f 100644 --- a/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json +++ b/metricbeat/module/redis/_meta/kibana/7/dashboard/Metricbeat-redis-overview.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Clients [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Clients [Metricbeat Redis] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -75,12 +75,12 @@ "handleNoResults": true, "type": "gauge" }, - "title": "Clients [Metricbeat Redis]", + "title": "Clients [Metricbeat Redis] ECS", "type": "metric" } }, "col": 1, - "id": "Redis-Clients-Metrics", + "id": "Redis-Clients-Metrics-ecs", "panelIndex": 2, "row": 1, "size_x": 3, @@ -96,8 +96,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Connected clients [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Connected clients [Metricbeat Redis] ECS", "uiStateJSON": { "vis": { "colors": { @@ -216,12 +216,12 @@ ], "yAxis": {} }, - "title": "Connected clients [Metricbeat Redis]", + "title": "Connected clients [Metricbeat Redis] ECS", "type": "histogram" } }, "col": 4, - "id": "Redis-Connected-clients", + "id": "Redis-Connected-clients-ecs", "panelIndex": 1, "row": 1, "size_x": 5, @@ -237,8 +237,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Hosts [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Hosts [Metricbeat Redis] ECS", "uiStateJSON": { "vis": { "params": { @@ -256,7 +256,7 @@ "enabled": true, "id": "2", "params": { - "field": "metricset.host", + "field": "service.address", "order": "desc", "orderBy": "1", "size": 5 @@ -279,7 +279,7 @@ "id": "6", "params": { "customLabel": "PID", - "field": "redis.info.server.process_id" + "field": "process.pid" }, "schema": "metric", "type": "max" @@ -327,12 +327,12 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat Redis]", + "title": "Hosts [Metricbeat Redis] ECS", "type": "table" } }, "col": 1, - "id": "Redis-hosts", + "id": "Redis-hosts-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -348,8 +348,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Server Versions [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Server Versions [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -359,7 +359,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -369,7 +369,7 @@ "id": "2", "params": { "customLabel": "Multiplexing API", - "field": "redis.info.server.version", + "field": "service.version", "order": "desc", "orderBy": "1", "size": 5 @@ -386,12 +386,12 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Server Versions [Metricbeat Redis]", + "title": "Server Versions [Metricbeat Redis] ECS", "type": "pie" } }, "col": 1, - "id": "Redis-Server-Versions", + "id": "Redis-Server-Versions-ecs", "panelIndex": 4, "row": 6, "size_x": 4, @@ -407,8 +407,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Server mode [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Server mode [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -418,7 +418,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -445,12 +445,12 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Server mode [Metricbeat Redis]", + "title": "Server mode [Metricbeat Redis] ECS", "type": "pie" } }, "col": 5, - "id": "Redis-server-mode", + "id": "Redis-server-mode-ecs", "panelIndex": 5, "row": 6, "size_x": 4, @@ -466,8 +466,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Multiplexing API [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Multiplexing API [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -477,7 +477,7 @@ "id": "1", "params": { "customLabel": "Hosts", - "field": "metricset.host" + "field": "service.address" }, "schema": "metric", "type": "cardinality" @@ -504,12 +504,12 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Multiplexing API [Metricbeat Redis]", + "title": "Multiplexing API [Metricbeat Redis] ECS", "type": "pie" } }, "col": 9, - "id": "Redis-multiplexing-API", + "id": "Redis-multiplexing-API-ecs", "panelIndex": 6, "row": 6, "size_x": 3, @@ -525,8 +525,8 @@ "filter": [] } }, - "savedSearchId": "Metricbeat-Redis", - "title": "Keyspaces [Metricbeat Redis]", + "savedSearchId": "Metricbeat-Redis-ecs", + "title": "Keyspaces [Metricbeat Redis] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -645,12 +645,12 @@ ], "yAxis": {} }, - "title": "Keyspaces [Metricbeat Redis]", + "title": "Keyspaces [Metricbeat Redis] ECS", "type": "area" } }, "col": 9, - "id": "Redis-Keyspaces", + "id": "Redis-Keyspaces-ecs", "panelIndex": 7, "row": 1, "size_x": 4, @@ -685,7 +685,7 @@ "query": { "query_string": { "analyze_wildcard": true, - "query": "metricset.module:redis" + "query": "event.module:redis" } } } @@ -694,10 +694,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat Redis", + "title": "Metricbeat Redis ECS", "version": 1 }, - "id": "Metricbeat-Redis", + "id": "Metricbeat-Redis-ecs", "type": "search", "version": 7 }, @@ -727,7 +727,7 @@ "panelsJSON": [ { "col": 1, - "id": "Redis-Clients-Metrics", + "id": "Redis-Clients-Metrics-ecs", "panelIndex": 2, "row": 1, "size_x": 3, @@ -736,7 +736,7 @@ }, { "col": 4, - "id": "Redis-Connected-clients", + "id": "Redis-Connected-clients-ecs", "panelIndex": 1, "row": 1, "size_x": 5, @@ -745,7 +745,7 @@ }, { "col": 1, - "id": "Redis-hosts", + "id": "Redis-hosts-ecs", "panelIndex": 3, "row": 4, "size_x": 12, @@ -754,7 +754,7 @@ }, { "col": 1, - "id": "Redis-Server-Versions", + "id": "Redis-Server-Versions-ecs", "panelIndex": 4, "row": 6, "size_x": 4, @@ -763,7 +763,7 @@ }, { "col": 5, - "id": "Redis-server-mode", + "id": "Redis-server-mode-ecs", "panelIndex": 5, "row": 6, "size_x": 4, @@ -772,7 +772,7 @@ }, { "col": 9, - "id": "Redis-multiplexing-API", + "id": "Redis-multiplexing-API-ecs", "panelIndex": 6, "row": 6, "size_x": 3, @@ -781,7 +781,7 @@ }, { "col": 9, - "id": "Redis-Keyspaces", + "id": "Redis-Keyspaces-ecs", "panelIndex": 7, "row": 1, "size_x": 4, @@ -790,7 +790,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Redis] Overview", + "title": "[Metricbeat Redis] Overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -817,7 +817,7 @@ }, "version": 1 }, - "id": "AV4YjZ5pux-M-tCAunxK", + "id": "AV4YjZ5pux-M-tCAunxK-ecs", "type": "dashboard", "version": 1 } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json index 411d4b4310d2..af1286660722 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-containers-overview.json @@ -18,7 +18,7 @@ } } }, - "title": "Container CPU usage [Metricbeat System]", + "title": "Container CPU usage [Metricbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -90,7 +90,7 @@ "id": "6", "params": { "customLabel": "Process name", - "field": "system.process.name", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -110,11 +110,11 @@ }, "totalFunc": "sum" }, - "title": "Container CPU usage [Metricbeat System]", + "title": "Container CPU usage [Metricbeat System] ECS", "type": "table" } }, - "id": "Container-CPU-usage", + "id": "Container-CPU-usage-ecs", "type": "visualization", "version": 1 }, @@ -135,20 +135,20 @@ } } }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "type": "markdown" } }, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "type": "visualization", "version": 3 }, @@ -170,7 +170,7 @@ } } }, - "title": "Container Memory stats [Metricbeat System]", + "title": "Container Memory stats [Metricbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -272,7 +272,7 @@ "id": "8", "params": { "customLabel": "Process name", - "field": "system.process.name", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -352,11 +352,11 @@ }, "totalFunc": "sum" }, - "title": "Container Memory stats [Metricbeat System]", + "title": "Container Memory stats [Metricbeat System] ECS", "type": "table" } }, - "id": "Container-Memory-stats", + "id": "Container-Memory-stats-ecs", "type": "visualization", "version": 1 }, @@ -378,7 +378,7 @@ } } }, - "title": "Container Block IO [Metricbeat System]", + "title": "Container Block IO [Metricbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -430,7 +430,7 @@ "id": "4", "params": { "customLabel": "Process name", - "field": "system.process.name", + "field": "process.name", "order": "desc", "orderBy": "1", "size": 5 @@ -450,11 +450,11 @@ }, "totalFunc": "sum" }, - "title": "Container Block IO [Metricbeat System]", + "title": "Container Block IO [Metricbeat System] ECS", "type": "table" } }, - "id": "Container-Block-IO", + "id": "Container-Block-IO-ecs", "type": "visualization", "version": 1 }, @@ -484,7 +484,7 @@ "panelsJSON": [ { "col": 1, - "id": "Container-CPU-usage", + "id": "Container-CPU-usage-ecs", "panelIndex": 2, "row": 2, "size_x": 12, @@ -493,7 +493,7 @@ }, { "col": 1, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "panelIndex": 3, "row": 1, "size_x": 12, @@ -502,7 +502,7 @@ }, { "col": 1, - "id": "Container-Memory-stats", + "id": "Container-Memory-stats-ecs", "panelIndex": 4, "row": 5, "size_x": 12, @@ -511,7 +511,7 @@ }, { "col": 1, - "id": "Container-Block-IO", + "id": "Container-Block-IO-ecs", "panelIndex": 5, "row": 8, "size_x": 12, @@ -520,7 +520,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat System] Containers overview", + "title": "[Metricbeat System] Containers overview ECS", "uiStateJSON": { "P-2": { "vis": { @@ -555,7 +555,7 @@ }, "version": 1 }, - "id": "CPU-slash-Memory-per-container", + "id": "CPU-slash-Memory-per-container-ecs", "type": "dashboard", "version": 1 } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json index 59c466dd0bad..3094b6247de0 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-host-overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Network Traffic (Packets) [Metricbeat System]", + "title": "Network Traffic (Packets) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -118,11 +118,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Mericbeat: Network Traffic (Packets)", + "title": "Mericbeat: Network Traffic (Packets) ECS", "type": "metrics" } }, - "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23", + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", "type": "visualization", "version": 1 }, @@ -142,7 +142,7 @@ } } }, - "title": "System Load [Metricbeat System]", + "title": "System Load [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -223,11 +223,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "System Load [Metricbeat System]", + "title": "System Load [Metricbeat System] ECS", "type": "metrics" } }, - "id": "4d546850-1b15-11e7-b09e-037021c4f8df", + "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -244,7 +244,7 @@ } } }, - "title": "Network Traffic (Bytes) [Metricbeat System]", + "title": "Network Traffic (Bytes) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -349,11 +349,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Mericbeat: Network Traffic (Bytes)", + "title": "Mericbeat: Network Traffic (Bytes) ECS", "type": "metrics" } }, - "id": "089b85d0-1b16-11e7-b09e-037021c4f8df", + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -373,7 +373,7 @@ } } }, - "title": "Memory Usage [Metricbeat System]", + "title": "Memory Usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -476,11 +476,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Memory Usage [Metricbeat System]", + "title": "Memory Usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df", + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -500,7 +500,7 @@ } } }, - "title": "Top Processes By CPU [Metricbeat System]", + "title": "Top Processes By CPU [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -541,7 +541,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "system.process.name", + "terms_field": "process.name", "terms_order_by": "5f5b8d52-1b18-11e7-b09e-037021c4f8df" } ], @@ -550,11 +550,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top Processes By CPU [Metricbeat System]", + "title": "Top Processes By CPU [Metricbeat System] ECS", "type": "metrics" } }, - "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df", + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -574,7 +574,7 @@ } } }, - "title": "Processes By Memory [Metricbeat System]", + "title": "Processes By Memory [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -627,7 +627,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "system.process.name", + "terms_field": "process.name", "terms_order_by": "edfceb32-1b18-11e7-b09e-037021c4f8df" } ], @@ -636,11 +636,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Processes By Memory [Metricbeat System]", + "title": "Processes By Memory [Metricbeat System] ECS", "type": "metrics" } }, - "id": "2e224660-1b19-11e7-b09e-037021c4f8df", + "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -660,7 +660,7 @@ } } }, - "title": "CPU Usage [Metricbeat System]", + "title": "CPU Usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -804,11 +804,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "CPU Usage [Metricbeat System]", + "title": "CPU Usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df", + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -828,7 +828,7 @@ } } }, - "title": "Disk IO (Bytes) [Metricbeat System]", + "title": "Disk IO (Bytes) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -921,11 +921,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Disk IO (Bytes) [Metricbeat System]", + "title": "Disk IO (Bytes) [Metricbeat System] ECS", "type": "metrics" } }, - "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df", + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 1 }, @@ -945,7 +945,7 @@ } } }, - "title": "Load Gauge [Metricbeat System]", + "title": "Load Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -997,11 +997,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Load Gauge [Metricbeat System]", + "title": "Load Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 1 }, @@ -1021,7 +1021,7 @@ } } }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1117,11 +1117,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1141,7 +1141,7 @@ } } }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1205,11 +1205,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1229,7 +1229,7 @@ } } }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1335,11 +1335,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1359,7 +1359,7 @@ } } }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1465,11 +1465,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "type": "visualization", "version": 2 }, @@ -1489,7 +1489,7 @@ } } }, - "title": "Disk Usage [Metricbeat System]", + "title": "Disk Usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1550,11 +1550,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Disk Usage [Metricbeat System]", + "title": "Disk Usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e", + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", "type": "visualization", "version": 1 }, @@ -1575,20 +1575,20 @@ } } }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "type": "markdown" } }, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "type": "visualization", "version": 3 }, @@ -1608,7 +1608,7 @@ } } }, - "title": "Swap usage [Metricbeat System]", + "title": "Swap usage [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1672,11 +1672,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Swap usage [Metricbeat System]", + "title": "Swap usage [Metricbeat System] ECS", "type": "metrics" } }, - "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec", + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", "type": "visualization", "version": 1 }, @@ -1693,7 +1693,7 @@ } } }, - "title": "Memory usage vs total", + "title": "Memory usage vs total ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1758,11 +1758,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Memory usage vs total", + "title": "Memory usage vs total ECS", "type": "metrics" } }, - "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6", + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", "type": "visualization", "version": 1 }, @@ -1782,7 +1782,7 @@ } } }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1868,11 +1868,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "type": "metrics" } }, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "type": "visualization", "version": 2 }, @@ -1892,7 +1892,7 @@ } } }, - "title": "Packetloss [Metricbeat System]", + "title": "Packetloss [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1957,11 +1957,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Packetloss [Metricbeat System]", + "title": "Packetloss [Metricbeat System] ECS", "type": "metrics" } }, - "id": "96976150-4d5d-11e7-aa29-87a97a796de6", + "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", "type": "visualization", "version": 1 }, @@ -1981,7 +1981,7 @@ } } }, - "title": "Interfaces by Incoming traffic [Metricbeat System]", + "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -2027,11 +2027,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Interfaces by Incoming traffic [Metricbeat System]", + "title": "Interfaces by Incoming traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "type": "visualization", "version": 1 }, @@ -2051,7 +2051,7 @@ } } }, - "title": "Interfaces by Outgoing traffic [Metricbeat System]", + "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -2097,11 +2097,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Interfaces by Outgoing traffic [Metricbeat System]", + "title": "Interfaces by Outgoing traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "type": "visualization", "version": 1 }, @@ -2120,7 +2120,7 @@ } } }, - "title": "Number of processes [Metricbeat System]", + "title": "Number of processes [Metricbeat System] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -2136,7 +2136,7 @@ "id": "1", "params": { "customLabel": "Processes", - "field": "system.process.pid" + "field": "process.pid" }, "schema": "metric", "type": "cardinality" @@ -2185,11 +2185,11 @@ }, "type": "gauge" }, - "title": "Number of processes", + "title": "Number of processes ECS", "type": "metric" } }, - "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4", + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", "type": "visualization", "version": 1 }, @@ -2199,20 +2199,20 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Tip [Metricbeat System]", + "title": "Tip [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**TIP:** To select another host, go to the [System Overview](#/dashboard/Metricbeat-system-overview) dashboard and double-click a host name." + "markdown": "**TIP:** To select another host, go to the [System Overview](#/dashboard/Metricbeat-system-overview-ecs) dashboard and double-click a host name." }, - "title": "Tip [Metricbeat System]", + "title": "Tip [Metricbeat System] ECS", "type": "markdown" } }, - "id": "3d65d450-a9c3-11e7-af20-67db8aecb295", + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", "type": "visualization", "version": 2 }, @@ -2226,7 +2226,7 @@ "highlightAll": true, "query": { "language": "lucene", - "query": "beat.name:\"CHANGEME_HOSTNAME\"" + "query": "host.name:\"CHANGEME_HOSTNAME\"" }, "version": true } @@ -2237,7 +2237,7 @@ "panelsJSON": [ { "col": 1, - "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23", + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", "panelIndex": 1, "row": 12, "size_x": 6, @@ -2246,7 +2246,7 @@ }, { "col": 7, - "id": "4d546850-1b15-11e7-b09e-037021c4f8df", + "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", "panelIndex": 2, "row": 6, "size_x": 6, @@ -2255,7 +2255,7 @@ }, { "col": 7, - "id": "089b85d0-1b16-11e7-b09e-037021c4f8df", + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", "panelIndex": 3, "row": 12, "size_x": 6, @@ -2264,7 +2264,7 @@ }, { "col": 1, - "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df", + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", "panelIndex": 4, "row": 9, "size_x": 6, @@ -2273,7 +2273,7 @@ }, { "col": 7, - "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df", + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", "panelIndex": 5, "row": 15, "size_x": 6, @@ -2282,7 +2282,7 @@ }, { "col": 1, - "id": "2e224660-1b19-11e7-b09e-037021c4f8df", + "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", "panelIndex": 6, "row": 15, "size_x": 6, @@ -2291,7 +2291,7 @@ }, { "col": 1, - "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df", + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", "panelIndex": 7, "row": 6, "size_x": 6, @@ -2300,7 +2300,7 @@ }, { "col": 7, - "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df", + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", "panelIndex": 8, "row": 9, "size_x": 6, @@ -2309,7 +2309,7 @@ }, { "col": 5, - "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 9, "row": 2, "size_x": 2, @@ -2318,7 +2318,7 @@ }, { "col": 1, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 10, "row": 2, "size_x": 2, @@ -2327,7 +2327,7 @@ }, { "col": 3, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 11, "row": 2, "size_x": 2, @@ -2336,7 +2336,7 @@ }, { "col": 7, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 12, "row": 2, "size_x": 2, @@ -2345,7 +2345,7 @@ }, { "col": 9, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "panelIndex": 13, "row": 2, "size_x": 2, @@ -2354,7 +2354,7 @@ }, { "col": 9, - "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e", + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", "panelIndex": 14, "row": 4, "size_x": 4, @@ -2363,7 +2363,7 @@ }, { "col": 1, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "panelIndex": 16, "row": 1, "size_x": 6, @@ -2372,7 +2372,7 @@ }, { "col": 1, - "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec", + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", "panelIndex": 21, "row": 4, "size_x": 2, @@ -2381,7 +2381,7 @@ }, { "col": 3, - "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6", + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", "panelIndex": 22, "row": 4, "size_x": 2, @@ -2390,7 +2390,7 @@ }, { "col": 7, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "panelIndex": 23, "row": 4, "size_x": 2, @@ -2399,7 +2399,7 @@ }, { "col": 11, - "id": "96976150-4d5d-11e7-aa29-87a97a796de6", + "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", "panelIndex": 25, "row": 2, "size_x": 2, @@ -2408,7 +2408,7 @@ }, { "col": 1, - "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "panelIndex": 27, "row": 18, "size_x": 6, @@ -2417,7 +2417,7 @@ }, { "col": 7, - "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b", + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", "panelIndex": 28, "row": 18, "size_x": 6, @@ -2426,7 +2426,7 @@ }, { "col": 5, - "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4", + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", "panelIndex": 29, "row": 4, "size_x": 2, @@ -2435,7 +2435,7 @@ }, { "col": 7, - "id": "3d65d450-a9c3-11e7-af20-67db8aecb295", + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", "panelIndex": 30, "row": 1, "size_x": 6, @@ -2444,7 +2444,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat System] Host overview", + "title": "[Metricbeat System] Host overview ECS", "uiStateJSON": { "P-29": { "vis": { @@ -2456,7 +2456,7 @@ }, "version": 1 }, - "id": "79ffd6e0-faa0-11e6-947f-177f697178b8", + "id": "79ffd6e0-faa0-11e6-947f-177f697178b8-ecs", "type": "dashboard", "version": 12 } diff --git a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json index 4dc8714925c9..267175eeb06e 100644 --- a/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json +++ b/metricbeat/module/system/_meta/kibana/7/dashboard/Metricbeat-system-overview.json @@ -17,20 +17,20 @@ } } }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container)" + "markdown": "[System Overview](#/dashboard/Metricbeat-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)" }, - "title": "System Navigation [Metricbeat System]", + "title": "System Navigation [Metricbeat System] ECS", "type": "markdown" } }, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "type": "visualization", "version": 3 }, @@ -52,7 +52,7 @@ } } }, - "title": "Number of hosts [Metricbeat System]", + "title": "Number of hosts [Metricbeat System] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -68,7 +68,7 @@ "id": "1", "params": { "customLabel": "Number of hosts", - "field": "beat.name" + "field": "host.name" }, "schema": "metric", "type": "cardinality" @@ -116,11 +116,11 @@ }, "type": "gauge" }, - "title": "Number of hosts [Metricbeat System]", + "title": "Number of hosts [Metricbeat System] ECS", "type": "metric" } }, - "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9", + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", "type": "visualization", "version": 2 }, @@ -140,7 +140,7 @@ } } }, - "title": "Top Hosts By Memory (Realtime) [Metricbeat System]", + "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -168,7 +168,7 @@ "value": 0.85 } ], - "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8?_a=(query:(query_string:(analyze_wildcard:!t,query:'beat.name:\"{{key}}\"')))", + "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(query_string:(analyze_wildcard:!t,query:'host.name:\"{{key}}\"')))", "filter": "", "id": "31e5afa0-1b1c-11e7-b09e-037021c4f8df", "index_pattern": "metricbeat-*", @@ -193,7 +193,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "beat.name", + "terms_field": "host.name", "terms_order_by": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", "terms_size": "10" } @@ -203,11 +203,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top Hosts By Memory (Realtime) [Metricbeat System]", + "title": "Top Hosts By Memory (Realtime) [Metricbeat System] ECS", "type": "metrics" } }, - "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b", + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -227,7 +227,7 @@ } } }, - "title": "Top Hosts By CPU (Realtime) [Metricbeat System]", + "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -255,7 +255,7 @@ "value": 0.85 } ], - "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8?_a=(query:(query_string:(analyze_wildcard:!t,query:'beat.name:\"{{key}}\"')))", + "drilldown_url": "../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(query_string:(analyze_wildcard:!t,query:'host.name:\"{{key}}\"')))", "filter": "", "id": "31e5afa0-1b1c-11e7-b09e-037021c4f8df", "index_pattern": "metricbeat-*", @@ -280,7 +280,7 @@ "seperate_axis": 0, "split_mode": "terms", "stacked": "none", - "terms_field": "beat.name", + "terms_field": "host.name", "terms_order_by": "31e5afa2-1b1c-11e7-b09e-037021c4f8df", "terms_size": "10" } @@ -290,11 +290,11 @@ "time_field": "@timestamp", "type": "top_n" }, - "title": "Top Hosts By CPU (Realtime) [Metricbeat System]", + "title": "Top Hosts By CPU (Realtime) [Metricbeat System] ECS", "type": "metrics" } }, - "id": "855899e0-1b1c-11e7-b09e-037021c4f8df", + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", "type": "visualization", "version": 2 }, @@ -316,7 +316,7 @@ } } }, - "title": "Hosts histogram by CPU usage [Metricbeat System]", + "title": "Hosts histogram by CPU usage [Metricbeat System] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -358,7 +358,7 @@ "id": "3", "params": { "customLabel": "Hosts", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "1", "size": 20 @@ -397,11 +397,11 @@ } ] }, - "title": "Hosts histogram by CPU usage [Metricbeat System]", + "title": "Hosts histogram by CPU usage [Metricbeat System] ECS", "type": "heatmap" } }, - "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9", + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", "type": "visualization", "version": 1 }, @@ -421,7 +421,7 @@ } } }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -527,11 +527,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Inbound Traffic [Metricbeat System]", + "title": "Inbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -551,7 +551,7 @@ } } }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -657,11 +657,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "Outbound Traffic [Metricbeat System]", + "title": "Outbound Traffic [Metricbeat System] ECS", "type": "metrics" } }, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "type": "visualization", "version": 2 }, @@ -681,7 +681,7 @@ } } }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -767,11 +767,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Disk used [Metricbeat System]", + "title": "Disk used [Metricbeat System] ECS", "type": "metrics" } }, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "type": "visualization", "version": 2 }, @@ -791,7 +791,7 @@ } } }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -855,11 +855,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "Memory Usage Gauge [Metricbeat System]", + "title": "Memory Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -879,7 +879,7 @@ } } }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -975,11 +975,11 @@ "time_field": "@timestamp", "type": "gauge" }, - "title": "CPU Usage Gauge [Metricbeat System]", + "title": "CPU Usage Gauge [Metricbeat System] ECS", "type": "metrics" } }, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "type": "visualization", "version": 2 }, @@ -1009,7 +1009,7 @@ "panelsJSON": [ { "col": 1, - "id": "System-Navigation", + "id": "System-Navigation-ecs", "panelIndex": 9, "row": 1, "size_x": 12, @@ -1018,7 +1018,7 @@ }, { "col": 1, - "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9", + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", "panelIndex": 11, "row": 2, "size_x": 2, @@ -1027,7 +1027,7 @@ }, { "col": 7, - "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b", + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 12, "row": 4, "size_x": 6, @@ -1036,7 +1036,7 @@ }, { "col": 1, - "id": "855899e0-1b1c-11e7-b09e-037021c4f8df", + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", "panelIndex": 13, "row": 4, "size_x": 6, @@ -1045,7 +1045,7 @@ }, { "col": 1, - "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9", + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", "panelIndex": 14, "row": 9, "size_x": 12, @@ -1054,7 +1054,7 @@ }, { "col": 9, - "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b", + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 16, "row": 2, "size_x": 2, @@ -1063,7 +1063,7 @@ }, { "col": 11, - "id": "1aae9140-1b93-11e7-8ada-3df93aab833e", + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", "panelIndex": 17, "row": 2, "size_x": 2, @@ -1072,7 +1072,7 @@ }, { "col": 7, - "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32", + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", "panelIndex": 18, "row": 2, "size_x": 2, @@ -1081,7 +1081,7 @@ }, { "col": 5, - "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 19, "row": 2, "size_x": 2, @@ -1090,7 +1090,7 @@ }, { "col": 3, - "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b", + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", "panelIndex": 20, "row": 2, "size_x": 2, @@ -1099,7 +1099,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat System] Overview", + "title": "[Metricbeat System] Overview ECS", "uiStateJSON": { "P-11": { "vis": { @@ -1149,7 +1149,7 @@ }, "version": 1 }, - "id": "Metricbeat-system-overview", + "id": "Metricbeat-system-overview-ecs", "type": "dashboard", "version": 2 } diff --git a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json index 17b1158e8285..8be3fc93f428 100644 --- a/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json +++ b/metricbeat/module/uwsgi/_meta/kibana/7/dashboard/Metricbeat-uwsgi-overview.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Overview [Metricbeat uWSGI]", + "title": "Overview [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -14,11 +14,11 @@ "expression": ".es(metric=avg:uwsgi.status.total.requests).derivative().label('Requests').title('Overview of requests per period'),\n.es(metric=avg:uwsgi.status.total.exceptions).derivative().label('Exceptions'),\n.es(metric=max:uwsgi.status.worker.avg_rt).label('Average response time').yaxis(2)", "interval": "15s" }, - "title": "Overview [Metricbeat uWSGI]", + "title": "Overview [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de", + "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -28,7 +28,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Memory usage [Metricbeat uWSGI]", + "title": "Memory usage [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -36,11 +36,11 @@ "expression": ".es(metric=max:uwsgi.status.worker.rss).label('Currently used (rss)').title('Memory usage'),\n.es(metric=max:uwsgi.status.worker.vsz).label('Assigned (vsz)').yaxis(2)", "interval": "15s" }, - "title": "Memory usage [Metricbeat uWSGI]", + "title": "Memory usage [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -50,7 +50,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Workers [Metricbeat uWSGI]", + "title": "Workers [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -58,11 +58,11 @@ "expression": ".es(split=uwsgi.status.core.id:16,metric=max:uwsgi.status.core.requests.total).derivative().bars().title('Requests handled by each thread (core) per period')", "interval": "15s" }, - "title": "Workers [Metricbeat uWSGI]", + "title": "Workers [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de", + "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -72,7 +72,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Errors [Metricbeat uWSGI]", + "title": "Errors [Metricbeat uWSGI] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -80,11 +80,11 @@ "expression": ".es(metric=max:uwsgi.status.total.read_errors).label('Read errors').title('Errors'),\n.es(metric=max:uwsgi.status.total.write_errors).label('Write errors'),\n.es(metric=max:uwsgi.status.worker.harakiri_count).label('Timeouted requests')", "interval": "15s" }, - "title": "Errors [Metricbeat uWSGI]", + "title": "Errors [Metricbeat uWSGI] ECS", "type": "timelion" } }, - "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de-ecs", "type": "visualization", "version": 1 }, @@ -102,7 +102,7 @@ "index": "metricbeat-*", "query": { "language": "lucene", - "query": "metricset.module: uwsgi" + "query": "event.module: uwsgi" }, "version": true } @@ -111,10 +111,10 @@ "@timestamp", "desc" ], - "title": "Metricbeat uWSGI status", + "title": "Metricbeat uWSGI status-ecs ECS", "version": 1 }, - "id": "Metricbeat uWSGI status", + "id": "Metricbeat uWSGI status-ecs ECS", "type": "search", "version": 1 }, @@ -139,7 +139,7 @@ "panelsJSON": [ { "col": 1, - "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de", + "id": "a5058e70-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 1, "row": 1, "size_x": 6, @@ -148,7 +148,7 @@ }, { "col": 7, - "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ac7194b0-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 2, "row": 1, "size_x": 6, @@ -157,7 +157,7 @@ }, { "col": 1, - "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de", + "id": "8c5f96e0-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 3, "row": 4, "size_x": 6, @@ -166,7 +166,7 @@ }, { "col": 7, - "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de", + "id": "ba4a80b0-f0ae-11e7-b9ff-9f96241065de-ecs", "panelIndex": 4, "row": 4, "size_x": 6, @@ -175,11 +175,11 @@ } ], "timeRestore": false, - "title": "[Metricbeat uWSGI] Overview", + "title": "[Metricbeat uWSGI] Overview ECS", "uiStateJSON": {}, "version": 1 }, - "id": "32fca290-f0af-11e7-b9ff-9f96241065de", + "id": "32fca290-f0af-11e7-b9ff-9f96241065de-ecs", "type": "dashboard", "version": 1 } diff --git a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json index 576b3702f512..c5d8f012d2f3 100644 --- a/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json +++ b/metricbeat/module/windows/_meta/kibana/7/dashboard/metricbeat-windows-service.json @@ -13,7 +13,7 @@ } } }, - "title": "Service States [Metricbeat Windows]", + "title": "Service States [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "params": { @@ -59,7 +59,7 @@ "id": "5", "params": { "customLabel": "Host", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "_term", "size": 5 @@ -171,11 +171,11 @@ }, "totalFunc": "sum" }, - "title": "Service States [Metricbeat Windows]", + "title": "Service States [Metricbeat Windows] ECS", "type": "table" } }, - "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b", + "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 1 }, @@ -191,8 +191,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Hosts [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Hosts [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "params": { @@ -221,7 +221,7 @@ "id": "2", "params": { "customLabel": "Host", - "field": "beat.name", + "field": "host.name", "order": "desc", "orderBy": "1", "size": 100 @@ -241,11 +241,11 @@ }, "totalFunc": "sum" }, - "title": "Hosts [Metricbeat Windows]", + "title": "Hosts [Metricbeat Windows] ECS", "type": "table" } }, - "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b", + "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 2 }, @@ -261,8 +261,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Startup States [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Startup States [Metricbeat Windows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -311,11 +311,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Startup States [Metricbeat Windows]", + "title": "Startup States [Metricbeat Windows] ECS", "type": "pie" } }, - "id": "830c45f0-c991-11e7-9835-2f31fe08873b", + "id": "830c45f0-c991-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 2 }, @@ -331,8 +331,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Unique Services [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Unique Services [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -395,11 +395,11 @@ }, "type": "gauge" }, - "title": "Unique Services [Metricbeat Windows]", + "title": "Unique Services [Metricbeat Windows] ECS", "type": "metric" } }, - "id": "35f5ad60-c996-11e7-9835-2f31fe08873b", + "id": "35f5ad60-c996-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 2 }, @@ -485,8 +485,8 @@ } } }, - "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", - "title": "Non-zero Service Exit Codes [Metricbeat Windows]", + "savedSearchId": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", + "title": "Non-zero Service Exit Codes [Metricbeat Windows] ECS", "uiStateJSON": { "vis": { "defaultColors": { @@ -549,18 +549,18 @@ }, "type": "gauge" }, - "title": "Non-zero Service Exit Codes [Metricbeat Windows]", + "title": "Non-zero Service Exit Codes [Metricbeat Windows] ECS", "type": "metric" } }, - "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b", + "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b-ecs", "type": "visualization", "version": 1 }, { "attributes": { "columns": [ - "beat.name", + "host.name", "windows.service.display_name", "windows.service.state", "windows.service.start_type", @@ -581,7 +581,7 @@ "alias": null, "disabled": false, "index": "metricbeat-*", - "key": "metricset.module", + "key": "event.module", "negate": false, "params": { "query": "windows", @@ -592,7 +592,7 @@ }, "query": { "match": { - "metricset.module": { + "event.module": { "query": "windows", "type": "phrase" } @@ -639,10 +639,10 @@ "@timestamp", "desc" ], - "title": "Services [Metricbeat Windows]", + "title": "Services [Metricbeat Windows] ECS", "version": 1 }, - "id": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b", + "id": "b6b7ccc0-c98d-11e7-9835-2f31fe08873b-ecs", "type": "search", "version": 2 }, @@ -667,7 +667,7 @@ "panelsJSON": [ { "col": 4, - "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b", + "id": "eb8277d0-c98c-11e7-9835-2f31fe08873b-ecs", "panelIndex": 1, "row": 4, "size_x": 9, @@ -676,7 +676,7 @@ }, { "col": 1, - "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b", + "id": "23a5fff0-c98e-11e7-9835-2f31fe08873b-ecs", "panelIndex": 2, "row": 4, "size_x": 3, @@ -685,7 +685,7 @@ }, { "col": 1, - "id": "830c45f0-c991-11e7-9835-2f31fe08873b", + "id": "830c45f0-c991-11e7-9835-2f31fe08873b-ecs", "panelIndex": 3, "row": 1, "size_x": 4, @@ -694,7 +694,7 @@ }, { "col": 5, - "id": "35f5ad60-c996-11e7-9835-2f31fe08873b", + "id": "35f5ad60-c996-11e7-9835-2f31fe08873b-ecs", "panelIndex": 4, "row": 1, "size_x": 4, @@ -703,7 +703,7 @@ }, { "col": 9, - "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b", + "id": "c36b2ba0-ca29-11e7-9835-2f31fe08873b-ecs", "panelIndex": 5, "row": 1, "size_x": 4, @@ -712,7 +712,7 @@ } ], "timeRestore": false, - "title": "[Metricbeat Windows] Services", + "title": "[Metricbeat Windows] Services ECS", "uiStateJSON": { "P-1": { "vis": { @@ -751,7 +751,7 @@ }, "version": 1 }, - "id": "d9eba730-c991-11e7-9835-2f31fe08873b", + "id": "d9eba730-c991-11e7-9835-2f31fe08873b-ecs", "type": "dashboard", "version": 6 } diff --git a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json index eae9c76f04ac..b310e8c1aaf2 100644 --- a/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json +++ b/metricbeat/module/zookeeper/_meta/kibana/7/dashboard/Metricbeat-zookeeper-overview.json @@ -12,7 +12,7 @@ } } }, - "title": "Approximate data size [Metricbeat Zookeeper]", + "title": "Approximate data size [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -53,11 +53,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Approximate data size [Metricbeat Zookeeper]", + "title": "Approximate data size [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4", + "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:29:19.163Z", "version": 2 @@ -74,7 +74,7 @@ } } }, - "title": "Latency [Metricbeat Zookeeper]", + "title": "Latency [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Latency [Metricbeat Zookeeper]", + "title": "Latency [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4", + "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:29:05.974Z", "version": 2 @@ -136,7 +136,7 @@ } } }, - "title": "Alive Connections [Metricbeat Zookeeper]", + "title": "Alive Connections [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -177,11 +177,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Alive Connections [Metricbeat Zookeeper]", + "title": "Alive Connections [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4", + "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:28:52.034Z", "version": 3 @@ -198,7 +198,7 @@ } } }, - "title": "Used file descriptors [Metricbeat Zookeeper]", + "title": "Used file descriptors [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -285,11 +285,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Used file descriptors [Metricbeat Zookeeper]", + "title": "Used file descriptors [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4", + "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:28:22.583Z", "version": 5 @@ -306,7 +306,7 @@ } } }, - "title": "Packets received / sent [Metricbeat Zookeeper]", + "title": "Packets received / sent [Metricbeat Zookeeper] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -386,11 +386,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Packets received / sent [Metricbeat Zookeeper]", + "title": "Packets received / sent [Metricbeat Zookeeper] ECS", "type": "metrics" } }, - "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4", + "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", "type": "visualization", "updated_at": "2019-01-30T13:26:42.583Z", "version": 3 @@ -423,7 +423,7 @@ "x": 0, "y": 15 }, - "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4", + "id": "8d3b7770-2319-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "1", "title": "Approximate data size", "type": "visualization", @@ -438,7 +438,7 @@ "x": 15, "y": 15 }, - "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4", + "id": "c0be43c0-2319-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "2", "title": "Latency", "type": "visualization", @@ -453,7 +453,7 @@ "x": 32, "y": 15 }, - "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4", + "id": "1c2f8930-231a-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "3", "title": "Alive Connections", "type": "visualization", @@ -468,7 +468,7 @@ "x": 23, "y": 0 }, - "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4", + "id": "ddb13c60-231b-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "4", "title": "Used file descriptors", "type": "visualization", @@ -483,7 +483,7 @@ "x": 0, "y": 0 }, - "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4", + "id": "d2f52b50-231c-11e9-bb66-8baac426dfd4-ecs", "panelIndex": "5", "title": "Packets received / sent", "type": "visualization", @@ -491,10 +491,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat Zookeeper] Overview", + "title": "[Metricbeat Zookeeper] Overview ECS", "version": 1 }, - "id": "467207a0-231e-11e9-bb66-8baac426dfd4", + "id": "467207a0-231e-11e9-bb66-8baac426dfd4-ecs", "type": "dashboard", "updated_at": "2019-01-30T13:34:01.235Z", "version": 6 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json index 44b3958925d8..1e05fc32df66 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-cassandra.json @@ -15,8 +15,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseKeyspace [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseKeyspace [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -61,11 +61,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra ResponseKeyspace", + "title": "Cassandra ResponseKeyspace ECS", "type": "pie" } }, - "id": "Cassandra-ResponseKeyspace", + "id": "Cassandra-ResponseKeyspace-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -85,8 +85,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -119,11 +119,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra ResponseType", + "title": "Cassandra ResponseType ECS", "type": "pie" } }, - "id": "Cassandra-ResponseType", + "id": "Cassandra-ResponseType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -143,8 +143,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseTime [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseTime [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -263,11 +263,11 @@ ], "yAxis": {} }, - "title": "Cassandra ResponseTime [Packetbeat]", + "title": "Cassandra ResponseTime [Packetbeat] ECS", "type": "line" } }, - "id": "Cassandra-ResponseTime", + "id": "Cassandra-ResponseTime-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -287,8 +287,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra RequestCount [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra RequestCount [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -332,11 +332,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCount", + "title": "Cassandra RequestCount ECS", "type": "line" } }, - "id": "Cassandra-RequestCount", + "id": "Cassandra-RequestCount-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -356,8 +356,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra Ops [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra Ops [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -402,11 +402,11 @@ "legendPosition": "right", "shareYAxis": true }, - "title": "Cassandra Ops", + "title": "Cassandra Ops ECS", "type": "pie" } }, - "id": "Cassandra-Ops", + "id": "Cassandra-Ops-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -426,8 +426,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra RequestCountStackByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra RequestCountStackByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -479,11 +479,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCountStackByType", + "title": "Cassandra RequestCountStackByType ECS", "type": "histogram" } }, - "id": "Cassandra-RequestCountStackByType", + "id": "Cassandra-RequestCountStackByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -503,8 +503,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseCountStackByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseCountStackByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -556,11 +556,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra ResponseCountStackByType", + "title": "Cassandra ResponseCountStackByType ECS", "type": "histogram" } }, - "id": "Cassandra-ResponseCountStackByType", + "id": "Cassandra-ResponseCountStackByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -580,8 +580,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra RequestCountByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra RequestCountByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -644,11 +644,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra RequestCountByType", + "title": "Cassandra RequestCountByType ECS", "type": "line" } }, - "id": "Cassandra-RequestCountByType", + "id": "Cassandra-RequestCountByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -668,8 +668,8 @@ } } }, - "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e", - "title": "Cassandra ResponseCountByType [Packetbeat]", + "savedSearchId": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", + "title": "Cassandra ResponseCountByType [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -727,11 +727,11 @@ "times": [], "yAxis": {} }, - "title": "Cassandra: ResponseCountByType", + "title": "Cassandra: ResponseCountByType ECS", "type": "line" } }, - "id": "Cassandra-ResponseCountByType", + "id": "Cassandra-ResponseCountByType-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -753,21 +753,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -869,10 +869,10 @@ "@timestamp", "desc" ], - "title": "Cassandra Query Search [Packetbeat]", + "title": "Cassandra Query Search [Packetbeat] ECS", "version": 1 }, - "id": "Cassandra-QueryView", + "id": "Cassandra-QueryView-ecs", "type": "search", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -927,10 +927,10 @@ "@timestamp", "desc" ], - "title": "Cassandra Search [Packetbeat]", + "title": "Cassandra Search [Packetbeat] ECS", "version": 1 }, - "id": "eaa83e60-190b-11e9-be0d-adde5066235e", + "id": "eaa83e60-190b-11e9-be0d-adde5066235e-ecs", "type": "search", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 @@ -961,7 +961,7 @@ "panelsJSON": [ { "col": 10, - "id": "Cassandra-ResponseKeyspace", + "id": "Cassandra-ResponseKeyspace-ecs", "panelIndex": 3, "row": 3, "size_x": 3, @@ -970,7 +970,7 @@ }, { "col": 7, - "id": "Cassandra-ResponseType", + "id": "Cassandra-ResponseType-ecs", "panelIndex": 4, "row": 3, "size_x": 3, @@ -979,7 +979,7 @@ }, { "col": 1, - "id": "Cassandra-ResponseTime", + "id": "Cassandra-ResponseTime-ecs", "panelIndex": 9, "row": 5, "size_x": 12, @@ -988,7 +988,7 @@ }, { "col": 4, - "id": "Cassandra-RequestCount", + "id": "Cassandra-RequestCount-ecs", "panelIndex": 10, "row": 1, "size_x": 9, @@ -997,7 +997,7 @@ }, { "col": 4, - "id": "Cassandra-Ops", + "id": "Cassandra-Ops-ecs", "panelIndex": 11, "row": 3, "size_x": 3, @@ -1006,7 +1006,7 @@ }, { "col": 1, - "id": "Cassandra-RequestCountStackByType", + "id": "Cassandra-RequestCountStackByType-ecs", "panelIndex": 15, "row": 7, "size_x": 12, @@ -1015,7 +1015,7 @@ }, { "col": 1, - "id": "Cassandra-ResponseCountStackByType", + "id": "Cassandra-ResponseCountStackByType-ecs", "panelIndex": 16, "row": 9, "size_x": 12, @@ -1024,7 +1024,7 @@ }, { "col": 1, - "id": "Cassandra-RequestCountByType", + "id": "Cassandra-RequestCountByType-ecs", "panelIndex": 17, "row": 11, "size_x": 6, @@ -1033,7 +1033,7 @@ }, { "col": 7, - "id": "Cassandra-ResponseCountByType", + "id": "Cassandra-ResponseCountByType-ecs", "panelIndex": 18, "row": 11, "size_x": 6, @@ -1042,7 +1042,7 @@ }, { "col": 1, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": 19, "row": 1, "size_x": 3, @@ -1057,7 +1057,7 @@ "cassandra.response.result.rows.meta.table", "cassandra.response.result.rows.num_rows" ], - "id": "Cassandra-QueryView", + "id": "Cassandra-QueryView-ecs", "panelIndex": 20, "row": 14, "size_x": 12, @@ -1070,7 +1070,7 @@ } ], "timeRestore": false, - "title": "[Packetbeat] Cassandra", + "title": "[Packetbeat] Cassandra ECS", "uiStateJSON": { "P-10": { "vis": { @@ -1090,7 +1090,7 @@ }, "version": 1 }, - "id": "Packetbeat-Cassandra", + "id": "Packetbeat-Cassandra-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:20.964Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json index b273b09b4c3f..07ec987ea889 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dhcpv4.json @@ -6,7 +6,7 @@ "kibanaSavedObjectMeta": { "searchSourceJSON": {} }, - "title": "Message Types over Time [Packetbeat DHCPv4]", + "title": "Message Types over Time [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -98,11 +98,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Message Types over Time [Packetbeat DHCPv4]", + "title": "Message Types over Time [Packetbeat DHCPv4] ECS", "type": "metrics" } }, - "id": "8460fcd0-8baa-11e8-9676-ef67484126fb", + "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -119,8 +119,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "NAK and Decline Count [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -161,11 +161,11 @@ }, "type": "metric" }, - "title": "NAK and Decline Count [Packetbeat DHCPv4]", + "title": "NAK and Decline Count [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "4ad9db20-8bab-11e8-9676-ef67484126fb", + "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -182,8 +182,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Message Types [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Message Types [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -243,11 +243,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Message Types [Packetbeat DHCPv4]", + "title": "Message Types [Packetbeat DHCPv4] ECS", "type": "pie" } }, - "id": "418dfbe0-8bac-11e8-9676-ef67484126fb", + "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -309,10 +309,10 @@ "@timestamp", "desc" ], - "title": "DHCPv4 [Packetbeat]", + "title": "DHCPv4 [Packetbeat] ECS", "version": 1 }, - "id": "b8992150-8ba8-11e8-9676-ef67484126fb", + "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "type": "search", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -329,8 +329,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Transaction Count [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Transaction Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -374,11 +374,11 @@ }, "type": "metric" }, - "title": "Transaction Count [Packetbeat DHCPv4]", + "title": "Transaction Count [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "d0120dc0-8bac-11e8-9676-ef67484126fb", + "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -395,8 +395,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Client Count [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Client Count [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -440,11 +440,11 @@ }, "type": "metric" }, - "title": "Client Count [Packetbeat DHCPv4]", + "title": "Client Count [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "11d33ea0-8bad-11e8-9676-ef67484126fb", + "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -461,8 +461,8 @@ } } }, - "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb", - "title": "Data Transfer [Packetbeat DHCPv4]", + "savedSearchId": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", + "title": "Data Transfer [Packetbeat DHCPv4] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -516,11 +516,11 @@ }, "type": "metric" }, - "title": "Data Transfer [Packetbeat DHCPv4]", + "title": "Data Transfer [Packetbeat DHCPv4] ECS", "type": "metric" } }, - "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb", + "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 @@ -555,7 +555,7 @@ "x": 0, "y": 7 }, - "id": "8460fcd0-8baa-11e8-9676-ef67484126fb", + "id": "8460fcd0-8baa-11e8-9676-ef67484126fb-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -569,7 +569,7 @@ "x": 0, "y": 0 }, - "id": "4ad9db20-8bab-11e8-9676-ef67484126fb", + "id": "4ad9db20-8bab-11e8-9676-ef67484126fb-ecs", "panelIndex": "2", "type": "visualization", "version": "6.3.0" @@ -583,7 +583,7 @@ "x": 37, "y": 0 }, - "id": "418dfbe0-8bac-11e8-9676-ef67484126fb", + "id": "418dfbe0-8bac-11e8-9676-ef67484126fb-ecs", "panelIndex": "3", "type": "visualization", "version": "6.3.0" @@ -597,7 +597,7 @@ "x": 0, "y": 16 }, - "id": "b8992150-8ba8-11e8-9676-ef67484126fb", + "id": "b8992150-8ba8-11e8-9676-ef67484126fb-ecs", "panelIndex": "5", "type": "search", "version": "6.3.0" @@ -611,7 +611,7 @@ "x": 8, "y": 0 }, - "id": "d0120dc0-8bac-11e8-9676-ef67484126fb", + "id": "d0120dc0-8bac-11e8-9676-ef67484126fb-ecs", "panelIndex": "6", "type": "visualization", "version": "6.3.0" @@ -625,7 +625,7 @@ "x": 16, "y": 0 }, - "id": "11d33ea0-8bad-11e8-9676-ef67484126fb", + "id": "11d33ea0-8bad-11e8-9676-ef67484126fb-ecs", "panelIndex": "7", "type": "visualization", "version": "6.3.0" @@ -639,17 +639,17 @@ "x": 24, "y": 0 }, - "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb", + "id": "f43a8f20-8bb5-11e8-9676-ef67484126fb-ecs", "panelIndex": "8", "type": "visualization", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Packetbeat] DHCPv4", + "title": "[Packetbeat] DHCPv4 ECS", "version": 1 }, - "id": "a7b35890-8baa-11e8-9676-ef67484126fb", + "id": "a7b35890-8baa-11e8-9676-ef67484126fb-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:22.006Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json index 1bd84d87367e..6e7b98a1d17e 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Query Summary [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Query Summary [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -86,11 +86,11 @@ }, "type": "metric" }, - "title": "DNS Query Summary [Packetbeat]", + "title": "DNS Query Summary [Packetbeat] ECS", "type": "metric" } }, - "id": "DNS-Query-Summary", + "id": "DNS-Query-Summary-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -108,8 +108,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Request Status Over Time [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Request Status Over Time [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -237,11 +237,11 @@ ], "yAxis": {} }, - "title": "DNS Request Status Over Time [Packetbeat]", + "title": "DNS Request Status Over Time [Packetbeat] ECS", "type": "area" } }, - "id": "DNS-Request-Status-Over-Time", + "id": "DNS-Request-Status-Over-Time-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -264,8 +264,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Question Types [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Question Types [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -308,11 +308,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "DNS Question Types [Packetbeat]", + "title": "DNS Question Types [Packetbeat] ECS", "type": "pie" } }, - "id": "DNS-Question-Types", + "id": "DNS-Question-Types-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -370,8 +370,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Top 10 Questions [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Top 10 Questions [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -421,11 +421,11 @@ }, "totalFunc": "sum" }, - "title": "DNS Top 10 Questions [Packetbeat]", + "title": "DNS Top 10 Questions [Packetbeat] ECS", "type": "table" } }, - "id": "DNS-Top-10-Questions", + "id": "DNS-Top-10-Questions-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -456,8 +456,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Response Codes [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Response Codes [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -507,11 +507,11 @@ }, "totalFunc": "sum" }, - "title": "DNS Response Codes [Packetbeat]", + "title": "DNS Response Codes [Packetbeat] ECS", "type": "table" } }, - "id": "DNS-Response-Codes", + "id": "DNS-Response-Codes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -528,8 +528,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -683,11 +683,11 @@ } ] }, - "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat]", + "title": "DNS Min/Max/Avg Response Time Histogram [Packetbeat] ECS", "type": "area" } }, - "id": "735d25c0-1459-11e9-9de0-f98d1808db8e", + "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -704,8 +704,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Client and Servers Pie Chart [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -765,11 +765,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "DNS Client and Servers Pie Chart [Packetbeat]", + "title": "DNS Client and Servers Pie Chart [Packetbeat] ECS", "type": "pie" } }, - "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e", + "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 @@ -840,10 +840,10 @@ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat]", + "title": "DNS Protocol [Packetbeat] ECS", "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", "version": 2 @@ -876,7 +876,7 @@ "x": 0, "y": 0 }, - "id": "DNS-Query-Summary", + "id": "DNS-Query-Summary-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -890,7 +890,7 @@ "x": 24, "y": 0 }, - "id": "DNS-Request-Status-Over-Time", + "id": "DNS-Request-Status-Over-Time-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -904,7 +904,7 @@ "x": 0, "y": 15 }, - "id": "DNS-Question-Types", + "id": "DNS-Question-Types-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -918,7 +918,7 @@ "x": 0, "y": 30 }, - "id": "DNS-Top-10-Questions", + "id": "DNS-Top-10-Questions-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -932,7 +932,7 @@ "x": 24, "y": 30 }, - "id": "DNS-Response-Codes", + "id": "DNS-Response-Codes-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -946,7 +946,7 @@ "x": 24, "y": 15 }, - "id": "735d25c0-1459-11e9-9de0-f98d1808db8e", + "id": "735d25c0-1459-11e9-9de0-f98d1808db8e-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -960,17 +960,17 @@ "x": 13, "y": 15 }, - "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e", + "id": "bacb6ed0-1459-11e9-9de0-f98d1808db8e-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] DNS Overview", + "title": "[Packetbeat] DNS Overview ECS", "version": 1 }, - "id": "65120940-1454-11e9-9de0-f98d1808db8e", + "id": "65120940-1454-11e9-9de0-f98d1808db8e-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:24.089Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json index 10fc0e2cf1a8..060b6869a00d 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-dns-tunneling.json @@ -8,8 +8,8 @@ "filter": [] } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "Unique FQDNs per eTLD+1", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "Unique FQDNs per eTLD+1 ECS", "uiStateJSON": { "vis": { "colors": { @@ -59,11 +59,11 @@ "times": [], "yAxis": {} }, - "title": "Unique FQDNs per eTLD+1", + "title": "Unique FQDNs per eTLD+1 ECS", "type": "histogram" } }, - "id": "Unique-FQDNs-per-eTLD 1", + "id": "Unique-FQDNs-per-eTLD 1-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -76,8 +76,8 @@ "filter": [] } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "Unique FQDNs per eTLD+1 Table", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "Unique FQDNs per eTLD+1 Table ECS", "uiStateJSON": { "vis": { "params": { @@ -136,11 +136,11 @@ }, "totalFunc": "sum" }, - "title": "Unique FQDNs per eTLD+1 Table", + "title": "Unique FQDNs per eTLD+1 Table ECS", "type": "table" } }, - "id": "Unique-FQDNs-per-eTLD 1-Table", + "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -157,8 +157,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "Bytes Transferred per Domain", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "Bytes Transferred per Domain ECS", "uiStateJSON": { "vis": { "colors": { @@ -294,11 +294,11 @@ ], "yAxis": {} }, - "title": "Bytes Transferred per Domain", + "title": "Bytes Transferred per Domain ECS", "type": "histogram" } }, - "id": "Bytes-Transferred-per-Domain", + "id": "Bytes-Transferred-per-Domain-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -321,7 +321,7 @@ } } }, - "title": "Top Domains by Data Volume", + "title": "Top Domains by Data Volume ECS", "uiStateJSON": { "vis": { "params": { @@ -384,11 +384,11 @@ }, "totalFunc": "sum" }, - "title": "Top Domains by Data Volume", + "title": "Top Domains by Data Volume ECS", "type": "table" } }, - "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d", + "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 @@ -459,10 +459,10 @@ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat]", + "title": "DNS Protocol [Packetbeat] ECS", "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", "version": 2 @@ -510,7 +510,7 @@ "x": 0, "y": 0 }, - "id": "Unique-FQDNs-per-eTLD 1", + "id": "Unique-FQDNs-per-eTLD 1-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -533,7 +533,7 @@ "x": 0, "y": 35 }, - "id": "Unique-FQDNs-per-eTLD 1-Table", + "id": "Unique-FQDNs-per-eTLD 1-Table-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -551,7 +551,7 @@ "x": 0, "y": 20 }, - "id": "Bytes-Transferred-per-Domain", + "id": "Bytes-Transferred-per-Domain-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -574,17 +574,17 @@ "x": 24, "y": 35 }, - "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d", + "id": "dc743240-1665-11e7-a6de-cbac1a3d0a7d-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] DNS Tunneling", + "title": "[Packetbeat] DNS Tunneling ECS", "version": 1 }, - "id": "DNS-Unique-Domains", + "id": "DNS-Unique-Domains-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:23.036Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json index 231114356807..94457a40ee11 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-flows.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Top Hosts Creating Traffic [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -138,11 +138,11 @@ ], "yAxis": {} }, - "title": "Top Hosts Creating Traffic [Packetbeat Flows]", + "title": "Top Hosts Creating Traffic [Packetbeat Flows] ECS", "type": "area" } }, - "id": "Top-hosts-creating-traffic", + "id": "Top-hosts-creating-traffic-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -164,21 +164,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -195,8 +195,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Connections over time [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Connections over time [Packetbeat Flows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -304,11 +304,11 @@ ], "yAxis": {} }, - "title": "Connections over time [Packetbeat Flows]", + "title": "Connections over time [Packetbeat Flows] ECS", "type": "area" } }, - "id": "Connections-over-time", + "id": "Connections-over-time-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -325,8 +325,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Top Hosts Receiving Traffic [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -451,11 +451,11 @@ ], "yAxis": {} }, - "title": "Top Hosts Receiving Traffic [Packetbeat Flows]", + "title": "Top Hosts Receiving Traffic [Packetbeat Flows] ECS", "type": "area" } }, - "id": "Top-hosts-receiving-traffic", + "id": "Top-hosts-receiving-traffic-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -472,8 +472,8 @@ } } }, - "savedSearchId": "Packetbeat-Flows-Search", - "title": "Network Traffic Between Hosts [Packetbeat Flows]", + "savedSearchId": "Packetbeat-Flows-Search-ecs", + "title": "Network Traffic Between Hosts [Packetbeat Flows] ECS", "uiStateJSON": { "vis": { "params": { @@ -553,11 +553,11 @@ }, "totalFunc": "sum" }, - "title": "Network Traffic Between Hosts [Packetbeat Flows]", + "title": "Network Traffic Between Hosts [Packetbeat Flows] ECS", "type": "table" } }, - "id": "Network-traffic-between-your-hosts", + "id": "Network-traffic-between-your-hosts-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -611,10 +611,10 @@ "@timestamp", "desc" ], - "title": "Flows Search [Packetbeat]", + "title": "Flows Search [Packetbeat] ECS", "version": 1 }, - "id": "Packetbeat-Flows-Search", + "id": "Packetbeat-Flows-Search-ecs", "type": "search", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 @@ -646,7 +646,7 @@ "x": 0, "y": 25 }, - "id": "Top-hosts-creating-traffic", + "id": "Top-hosts-creating-traffic-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -659,7 +659,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -672,7 +672,7 @@ "x": 12, "y": 0 }, - "id": "Connections-over-time", + "id": "Connections-over-time-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -685,7 +685,7 @@ "x": 24, "y": 25 }, - "id": "Top-hosts-receiving-traffic", + "id": "Top-hosts-receiving-traffic-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -708,17 +708,17 @@ "x": 0, "y": 60 }, - "id": "Network-traffic-between-your-hosts", + "id": "Network-traffic-between-your-hosts-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] Flows", + "title": "[Packetbeat] Flows ECS", "version": 1 }, - "id": "Packetbeat-Flows", + "id": "Packetbeat-Flows-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:25.168Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json index 0f0034d7c69b..ec5b2bd06358 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-http.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "HTTP Transactions [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "HTTP Transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ ], "yAxis": {} }, - "title": "HTTP Transactions [Packetbeat]", + "title": "HTTP Transactions [Packetbeat] ECS", "type": "histogram" } }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", "version": 3 @@ -180,7 +180,7 @@ } } }, - "title": "HTTP error codes [Packetbeat]", + "title": "HTTP error codes [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -286,11 +286,11 @@ ], "yAxis": {} }, - "title": "HTTP error codes [Packetbeat]", + "title": "HTTP error codes [Packetbeat] ECS", "type": "histogram" } }, - "id": "HTTP-error-codes", + "id": "HTTP-error-codes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -370,7 +370,7 @@ } } }, - "title": "HTTP error codes evolution [Packetbeat]", + "title": "HTTP error codes evolution [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -497,11 +497,11 @@ ], "yAxis": {} }, - "title": "HTTP error codes evolution [Packetbeat]", + "title": "HTTP error codes evolution [Packetbeat] ECS", "type": "line" } }, - "id": "HTTP-error-codes-evolution", + "id": "HTTP-error-codes-evolution-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -523,21 +523,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -554,8 +554,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "Total number of HTTP transactions [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "Total number of HTTP transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -598,11 +598,11 @@ }, "type": "metric" }, - "title": "Total number of HTTP transactions [Packetbeat]", + "title": "Total number of HTTP transactions [Packetbeat] ECS", "type": "metric" } }, - "id": "Total-number-of-HTTP-transactions", + "id": "Total-number-of-HTTP-transactions-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -619,8 +619,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "HTTP status codes for the top queries [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "HTTP status codes for the top queries [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -682,11 +682,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "HTTP status codes for the top queries [Packetbeat]", + "title": "HTTP status codes for the top queries [Packetbeat] ECS", "type": "pie" } }, - "id": "HTTP-codes-for-the-top-queries", + "id": "HTTP-codes-for-the-top-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -703,8 +703,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "Top 10 HTTP requests [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "Top 10 HTTP requests [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -753,11 +753,11 @@ }, "totalFunc": "sum" }, - "title": "Top 10 HTTP requests [Packetbeat]", + "title": "Top 10 HTTP requests [Packetbeat] ECS", "type": "table" } }, - "id": "Top-10-HTTP-requests", + "id": "Top-10-HTTP-requests-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 @@ -812,10 +812,10 @@ "@timestamp", "desc" ], - "title": "HTTP Transactions Search [Packetbeat]", + "title": "HTTP Transactions Search [Packetbeat] ECS", "version": 1 }, - "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "type": "search", "updated_at": "2019-01-19T00:21:43.886Z", "version": 3 @@ -852,7 +852,7 @@ "x": 12, "y": 0 }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -865,7 +865,7 @@ "x": 0, "y": 35 }, - "id": "HTTP-error-codes", + "id": "HTTP-error-codes-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -878,7 +878,7 @@ "x": 24, "y": 35 }, - "id": "HTTP-error-codes-evolution", + "id": "HTTP-error-codes-evolution-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -891,7 +891,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -911,7 +911,7 @@ "x": 0, "y": 20 }, - "id": "Total-number-of-HTTP-transactions", + "id": "Total-number-of-HTTP-transactions-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -924,7 +924,7 @@ "x": 12, "y": 20 }, - "id": "HTTP-codes-for-the-top-queries", + "id": "HTTP-codes-for-the-top-queries-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -947,17 +947,17 @@ "x": 0, "y": 50 }, - "id": "Top-10-HTTP-requests", + "id": "Top-10-HTTP-requests-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] HTTP", + "title": "[Packetbeat] HTTP ECS", "version": 1 }, - "id": "Packetbeat-HTTP", + "id": "Packetbeat-HTTP-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:26.207Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json index 71e509b05f4c..3059b71ff108 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mongodb.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -48,8 +48,8 @@ } } }, - "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", - "title": "MongoDB errors [Packetbeat]", + "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", + "title": "MongoDB errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -193,11 +193,11 @@ ], "yAxis": {} }, - "title": "MongoDB errors [Packetbeat]", + "title": "MongoDB errors [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-errors", + "id": "MongoDB-errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -214,8 +214,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "MongoDB Commands [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "MongoDB Commands [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -336,11 +336,11 @@ ], "yAxis": {} }, - "title": "MongoDB Commands [Packetbeat]", + "title": "MongoDB Commands [Packetbeat] ECS", "type": "area" } }, - "id": "MongoDB-commands", + "id": "MongoDB-commands-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -357,8 +357,8 @@ } } }, - "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", - "title": "MongoDB errors per collection [Packetbeat]", + "savedSearchId": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", + "title": "MongoDB errors per collection [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -485,11 +485,11 @@ ], "yAxis": {} }, - "title": "MongoDB errors per collection [Packetbeat]", + "title": "MongoDB errors per collection [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-errors-per-collection", + "id": "MongoDB-errors-per-collection-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "MongoDB in/out throughput [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "MongoDB in/out throughput [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -641,11 +641,11 @@ ], "yAxis": {} }, - "title": "MongoDB in/out throughput [Packetbeat]", + "title": "MongoDB in/out throughput [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-in-slash-out-throughput", + "id": "MongoDB-in-slash-out-throughput-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -662,8 +662,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "MongoDB response times by collection [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "MongoDB response times by collection [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -801,11 +801,11 @@ ], "yAxis": {} }, - "title": "MongoDB response times by collection [Packetbeat]", + "title": "MongoDB response times by collection [Packetbeat] ECS", "type": "line" } }, - "id": "MongoDB-response-times-by-collection", + "id": "MongoDB-response-times-by-collection-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -822,8 +822,8 @@ } } }, - "savedSearchId": "MongoDB-transactions", - "title": "Top slowest MongoDB queries [Packetbeat]", + "savedSearchId": "MongoDB-transactions-ecs", + "title": "Top slowest MongoDB queries [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -877,11 +877,11 @@ }, "totalFunc": "sum" }, - "title": "Top slowest MongoDB queries [Packetbeat]", + "title": "Top slowest MongoDB queries [Packetbeat] ECS", "type": "table" } }, - "id": "Top-slowest-MongoDB-queries", + "id": "Top-slowest-MongoDB-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -898,8 +898,8 @@ } } }, - "savedSearchId": "MongoDB-transactions-with-write-concern-0", - "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat]", + "savedSearchId": "MongoDB-transactions-with-write-concern-0-ecs", + "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1016,11 +1016,11 @@ ], "yAxis": {} }, - "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat]", + "title": "Number of MongoDB transactions with writeConcern w=0 [Packetbeat] ECS", "type": "line" } }, - "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0", + "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1101,10 +1101,10 @@ "@timestamp", "desc" ], - "title": "MongoDB errors [Packetbeat]", + "title": "MongoDB errors [Packetbeat] ECS", "version": 1 }, - "id": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3", + "id": "651fd6d0-88d0-11e7-ad9c-db80de0bf8d3-ecs", "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1181,10 +1181,10 @@ "@timestamp", "desc" ], - "title": "MongoDB Transaction Search [Packetbeat]", + "title": "MongoDB Transaction Search [Packetbeat] ECS", "version": 1 }, - "id": "MongoDB-transactions", + "id": "MongoDB-transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1261,10 +1261,10 @@ "@timestamp", "desc" ], - "title": "MongoDB transactions with write concern 0 [Packetbeat]", + "title": "MongoDB transactions with write concern 0 [Packetbeat] ECS", "version": 1 }, - "id": "MongoDB-transactions-with-write-concern-0", + "id": "MongoDB-transactions-with-write-concern-0-ecs", "type": "search", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 @@ -1296,7 +1296,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1309,7 +1309,7 @@ "x": 12, "y": 0 }, - "id": "MongoDB-errors", + "id": "MongoDB-errors-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1322,7 +1322,7 @@ "x": 32, "y": 0 }, - "id": "MongoDB-commands", + "id": "MongoDB-commands-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1335,7 +1335,7 @@ "x": 0, "y": 20 }, - "id": "MongoDB-errors-per-collection", + "id": "MongoDB-errors-per-collection-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1348,7 +1348,7 @@ "x": 16, "y": 20 }, - "id": "MongoDB-in-slash-out-throughput", + "id": "MongoDB-in-slash-out-throughput-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1361,7 +1361,7 @@ "x": 0, "y": 35 }, - "id": "MongoDB-response-times-by-collection", + "id": "MongoDB-response-times-by-collection-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1384,7 +1384,7 @@ "x": 32, "y": 35 }, - "id": "Top-slowest-MongoDB-queries", + "id": "Top-slowest-MongoDB-queries-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1397,17 +1397,17 @@ "x": 32, "y": 20 }, - "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0", + "id": "Number-of-MongoDB-transactions-with-writeConcern-w-equal-0-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] MongoDB", + "title": "[Packetbeat] MongoDB ECS", "version": 1 }, - "id": "Packetbeat-MongoDB-performance", + "id": "Packetbeat-MongoDB-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:27.239Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json index 6ac6876e0583..65a0672a8944 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-mysql.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "MySQL-errors", - "title": "MySQL Errors [Packetbeat]", + "savedSearchId": "MySQL-errors-ecs", + "title": "MySQL Errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -118,11 +118,11 @@ ], "yAxis": {} }, - "title": "MySQL Errors [Packetbeat]", + "title": "MySQL Errors [Packetbeat] ECS", "type": "area" } }, - "id": "MySQL-Errors", + "id": "MySQL-Errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -139,8 +139,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "MySQL Methods [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "MySQL Methods [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -261,11 +261,11 @@ ], "yAxis": {} }, - "title": "MySQL Methods [Packetbeat]", + "title": "MySQL Methods [Packetbeat] ECS", "type": "area" } }, - "id": "MySQL-Methods", + "id": "MySQL-Methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -287,21 +287,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -318,8 +318,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "MySQL throughput [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "MySQL throughput [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -438,11 +438,11 @@ } ] }, - "title": "MySQL throughput [Packetbeat]", + "title": "MySQL throughput [Packetbeat] ECS", "type": "line" } }, - "id": "MySQL-throughput", + "id": "MySQL-throughput-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -455,8 +455,8 @@ "filter": [] } }, - "savedSearchId": "MySQL-Transactions", - "title": "Most frequent MySQL queries", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "Most frequent MySQL queries ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -485,11 +485,11 @@ "showMeticsAtAllLevels": false, "showPartialRows": false }, - "title": "Most frequent MySQL queries", + "title": "Most frequent MySQL queries ECS", "type": "table" } }, - "id": "Most-frequent-MySQL-queries", + "id": "Most-frequent-MySQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "Slowest MySQL queries", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "Slowest MySQL queries ECS", "uiStateJSON": { "vis": { "params": { @@ -559,11 +559,11 @@ }, "totalFunc": "sum" }, - "title": "Slowest MySQL queries", + "title": "Slowest MySQL queries ECS", "type": "table" } }, - "id": "Slowest-MySQL-queries", + "id": "Slowest-MySQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -580,8 +580,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "Mysql response times percentiles [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "Mysql response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -686,11 +686,11 @@ } ] }, - "title": "Mysql response times percentiles [Packetbeat]", + "title": "Mysql response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "Mysql-response-times-percentiles", + "id": "Mysql-response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -707,8 +707,8 @@ } } }, - "savedSearchId": "MySQL-Transactions", - "title": "MySQL Reads vs Writes [Packetbeat]", + "savedSearchId": "MySQL-Transactions-ecs", + "title": "MySQL Reads vs Writes [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -840,11 +840,11 @@ ], "yAxis": {} }, - "title": "MySQL Reads vs Writes [Packetbeat]", + "title": "MySQL Reads vs Writes [Packetbeat] ECS", "type": "area" } }, - "id": "MySQL-Reads-vs-Writes", + "id": "MySQL-Reads-vs-Writes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -945,10 +945,10 @@ "@timestamp", "desc" ], - "title": "MySQL Errors Search [Packetbeat]", + "title": "MySQL Errors Search [Packetbeat] ECS", "version": 1 }, - "id": "MySQL-errors", + "id": "MySQL-errors-ecs", "type": "search", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -1023,10 +1023,10 @@ "@timestamp", "desc" ], - "title": "MySQL Transactions [Packetbeat]", + "title": "MySQL Transactions [Packetbeat] ECS", "version": 1 }, - "id": "MySQL-Transactions", + "id": "MySQL-Transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 @@ -1063,7 +1063,7 @@ "x": 12, "y": 0 }, - "id": "MySQL-Errors", + "id": "MySQL-Errors-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1076,7 +1076,7 @@ "x": 32, "y": 0 }, - "id": "MySQL-Methods", + "id": "MySQL-Methods-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1089,7 +1089,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1102,7 +1102,7 @@ "x": 24, "y": 35 }, - "id": "MySQL-throughput", + "id": "MySQL-throughput-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1125,7 +1125,7 @@ "x": 0, "y": 50 }, - "id": "Most-frequent-MySQL-queries", + "id": "Most-frequent-MySQL-queries-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1148,7 +1148,7 @@ "x": 24, "y": 50 }, - "id": "Slowest-MySQL-queries", + "id": "Slowest-MySQL-queries-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1161,7 +1161,7 @@ "x": 0, "y": 20 }, - "id": "Mysql-response-times-percentiles", + "id": "Mysql-response-times-percentiles-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1174,17 +1174,17 @@ "x": 0, "y": 35 }, - "id": "MySQL-Reads-vs-Writes", + "id": "MySQL-Reads-vs-Writes-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] MySQL performance", + "title": "[Packetbeat] MySQL performance ECS", "version": 1 }, - "id": "Packetbeat-MySQL-performance", + "id": "Packetbeat-MySQL-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:28.266Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json index 019ea1fff1d8..698cd6f84c20 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-nfs.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS clients pie chart [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS clients pie chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -56,11 +56,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "NFS clients pie chart [Packetbeat]", + "title": "NFS clients pie chart [Packetbeat] ECS", "type": "pie" } }, - "id": "NFS-clients-pie-chart", + "id": "NFS-clients-pie-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -73,8 +73,8 @@ "filter": [] } }, - "savedSearchId": "nfs", - "title": "NFS operations area chart", + "savedSearchId": "nfs-ecs", + "title": "NFS operations area chart ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -124,11 +124,11 @@ "times": [], "yAxis": {} }, - "title": "NFS operations area chart", + "title": "NFS operations area chart ECS", "type": "area" } }, - "id": "NFS-operations-area-chart", + "id": "NFS-operations-area-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -145,8 +145,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS top group pie chart [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS top group pie chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -189,11 +189,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "NFS top group pie chart [Packetbeat]", + "title": "NFS top group pie chart [Packetbeat] ECS", "type": "pie" } }, - "id": "NFS-top-group-pie-chart", + "id": "NFS-top-group-pie-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -210,8 +210,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS top users pie chart [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS top users pie chart [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -254,11 +254,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "NFS top users pie chart [Packetbeat]", + "title": "NFS top users pie chart [Packetbeat] ECS", "type": "pie" } }, - "id": "NFS-top-users-pie-chart", + "id": "NFS-top-users-pie-chart-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -275,8 +275,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS response times [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS response times [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -391,11 +391,11 @@ ], "yAxis": {} }, - "title": "NFS response times [Packetbeat]", + "title": "NFS response times [Packetbeat] ECS", "type": "line" } }, - "id": "NFS-response-times", + "id": "NFS-response-times-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -412,8 +412,8 @@ } } }, - "savedSearchId": "NFS-errors-search", - "title": "NFS errors [Packetbeat]", + "savedSearchId": "NFS-errors-search-ecs", + "title": "NFS errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -534,11 +534,11 @@ ], "yAxis": {} }, - "title": "NFS errors [Packetbeat]", + "title": "NFS errors [Packetbeat] ECS", "type": "area" } }, - "id": "NFS-errors", + "id": "NFS-errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -555,8 +555,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS operation table [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS operation table [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -616,11 +616,11 @@ }, "totalFunc": "sum" }, - "title": "NFS operation table [Packetbeat]", + "title": "NFS operation table [Packetbeat] ECS", "type": "table" } }, - "id": "NFS-operation-table", + "id": "NFS-operation-table-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -637,8 +637,8 @@ } } }, - "savedSearchId": "nfs", - "title": "NFS Request / Response Sizes [Packetbeat]", + "savedSearchId": "nfs-ecs", + "title": "NFS Request / Response Sizes [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -780,11 +780,11 @@ ], "yAxis": {} }, - "title": "NFS Request / Response Sizes [Packetbeat]", + "title": "NFS Request / Response Sizes [Packetbeat] ECS", "type": "line" } }, - "id": "NFS-bytes-in-slash-out", + "id": "NFS-bytes-in-slash-out-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -806,21 +806,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -846,16 +846,16 @@ "key": "event.dataset", "negate": false, "params": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" }, "type": "phrase", - "value": "nfs" + "value": "nfs-ecs" }, "query": { "match": { "event.dataset": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" } } @@ -893,10 +893,10 @@ "@timestamp", "desc" ], - "title": "NFS Search [Packetbeat]", + "title": "NFS Search [Packetbeat] ECS", "version": 1 }, - "id": "nfs", + "id": "nfs-ecs", "type": "search", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -974,16 +974,16 @@ "key": "event.dataset", "negate": false, "params": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" }, "type": "phrase", - "value": "nfs" + "value": "nfs-ecs" }, "query": { "match": { "event.dataset": { - "query": "nfs", + "query": "nfs-ecs", "type": "phrase" } } @@ -1021,10 +1021,10 @@ "@timestamp", "desc" ], - "title": "NFS Error Search [Packetbeat]", + "title": "NFS Error Search [Packetbeat] ECS", "version": 1 }, - "id": "NFS-errors-search", + "id": "NFS-errors-search-ecs", "type": "search", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 @@ -1061,7 +1061,7 @@ "x": 16, "y": 0 }, - "id": "NFS-clients-pie-chart", + "id": "NFS-clients-pie-chart-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1074,7 +1074,7 @@ "x": 0, "y": 55 }, - "id": "NFS-operations-area-chart", + "id": "NFS-operations-area-chart-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1098,7 +1098,7 @@ "x": 32, "y": 0 }, - "id": "NFS-top-group-pie-chart", + "id": "NFS-top-group-pie-chart-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1116,7 +1116,7 @@ "x": 32, "y": 10 }, - "id": "NFS-top-users-pie-chart", + "id": "NFS-top-users-pie-chart-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1134,7 +1134,7 @@ "x": 24, "y": 25 }, - "id": "NFS-response-times", + "id": "NFS-response-times-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1147,7 +1147,7 @@ "x": 24, "y": 40 }, - "id": "NFS-errors", + "id": "NFS-errors-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1170,7 +1170,7 @@ "x": 24, "y": 55 }, - "id": "NFS-operation-table", + "id": "NFS-operation-table-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1188,7 +1188,7 @@ "x": 0, "y": 25 }, - "id": "NFS-bytes-in-slash-out", + "id": "NFS-bytes-in-slash-out-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1201,17 +1201,17 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "10", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] NFS", + "title": "[Packetbeat] NFS ECS", "version": 1 }, - "id": "Packetbeat-NFS", + "id": "Packetbeat-NFS-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:29.316Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json index 0a9fa49a58a0..592341242bee 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", - "title": "HTTP Transactions [Packetbeat]", + "savedSearchId": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", + "title": "HTTP Transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ ], "yAxis": {} }, - "title": "HTTP Transactions [Packetbeat]", + "title": "HTTP Transactions [Packetbeat] ECS", "type": "histogram" } }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:21:31.922Z", "version": 3 @@ -164,7 +164,7 @@ } } }, - "title": "Transaction Types [Packetbeat]", + "title": "Transaction Types [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -282,11 +282,11 @@ ], "yAxis": {} }, - "title": "Transaction Types [Packetbeat]", + "title": "Transaction Types [Packetbeat] ECS", "type": "histogram" } }, - "id": "DB-transactions", + "id": "DB-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:20:54.634Z", "version": 3 @@ -303,8 +303,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Response times percentiles [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -421,11 +421,11 @@ ], "yAxis": {} }, - "title": "Response times percentiles [Packetbeat]", + "title": "Response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "Response-times-percentiles", + "id": "Response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-19T00:01:49.340Z", "version": 2 @@ -438,8 +438,8 @@ "filter": [] } }, - "savedSearchId": "Transactions-errors", - "title": "Errors count over time", + "savedSearchId": "Transactions-errors-ecs", + "title": "Errors count over time ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -487,11 +487,11 @@ "times": [], "yAxis": {} }, - "title": "New Visualization", + "title": "New Visualization ECS", "type": "histogram" } }, - "id": "Errors-count-over-time", + "id": "Errors-count-over-time-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:30.350Z", "version": 1 @@ -508,8 +508,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Errors vs successful transactions [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Errors vs successful transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -627,11 +627,11 @@ ], "yAxis": {} }, - "title": "Errors vs successful transactions [Packetbeat]", + "title": "Errors vs successful transactions [Packetbeat] ECS", "type": "histogram" } }, - "id": "Errors-vs-successful-transactions", + "id": "Errors-vs-successful-transactions-ecs", "type": "visualization", "updated_at": "2019-01-19T00:02:24.071Z", "version": 2 @@ -648,8 +648,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Latency Histogram [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Latency Histogram [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -750,11 +750,11 @@ ], "yAxis": {} }, - "title": "Latency Histogram [Packetbeat]", + "title": "Latency Histogram [Packetbeat] ECS", "type": "area" } }, - "id": "Latency-histogram", + "id": "Latency-histogram-ecs", "type": "visualization", "updated_at": "2019-01-19T00:03:54.084Z", "version": 2 @@ -777,7 +777,7 @@ } } }, - "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat]", + "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat] ECS", "uiStateJSON": { "mapCenter": [ 0, @@ -860,11 +860,11 @@ "url": "https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer" } }, - "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat]", + "title": "Client IP Locations (requires GeoIP enrichment) [Packetbeat] ECS", "type": "tile_map" } }, - "id": "Client-locations", + "id": "Client-locations-ecs", "type": "visualization", "updated_at": "2019-01-18T23:52:42.404Z", "version": 2 @@ -881,8 +881,8 @@ } } }, - "savedSearchId": "Packetbeat-Search", - "title": "Response times repartition [Packetbeat]", + "savedSearchId": "Packetbeat-Search-ecs", + "title": "Response times repartition [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -995,11 +995,11 @@ ], "yAxis": {} }, - "title": "Response times repartition [Packetbeat]", + "title": "Response times repartition [Packetbeat] ECS", "type": "histogram" } }, - "id": "Response-times-repartition", + "id": "Response-times-repartition-ecs", "type": "visualization", "updated_at": "2019-01-19T00:00:32.530Z", "version": 2 @@ -1021,21 +1021,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -1052,8 +1052,8 @@ } } }, - "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", - "title": "DNS Transactions [Packetbeat]", + "savedSearchId": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", + "title": "DNS Transactions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1195,11 +1195,11 @@ } ] }, - "title": "DNS Transactions [Packetbeat]", + "title": "DNS Transactions [Packetbeat] ECS", "type": "area" } }, - "id": "e3f09730-1b80-11e9-83df-75eebb35951e", + "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", "type": "visualization", "updated_at": "2019-01-19T00:29:49.161Z", "version": 3 @@ -1216,8 +1216,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Sessions [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Sessions [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -1335,11 +1335,11 @@ } ] }, - "title": "TLS Sessions", + "title": "TLS Sessions ECS", "type": "histogram" } }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1394,10 +1394,10 @@ "@timestamp", "desc" ], - "title": "HTTP Transactions Search [Packetbeat]", + "title": "HTTP Transactions Search [Packetbeat] ECS", "version": 1 }, - "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3", + "id": "71908f00-88ca-11e7-ad9c-db80de0bf8d3-ecs", "type": "search", "updated_at": "2019-01-19T00:21:43.886Z", "version": 3 @@ -1473,10 +1473,10 @@ "@timestamp", "desc" ], - "title": "Packetbeat Search", + "title": "Packetbeat Search ECS", "version": 1 }, - "id": "Packetbeat-Search", + "id": "Packetbeat-Search-ecs", "type": "search", "updated_at": "2019-01-19T00:01:10.720Z", "version": 2 @@ -1578,10 +1578,10 @@ "@timestamp", "desc" ], - "title": "Transactions Errors Search [Packetbeat]", + "title": "Transactions Errors Search [Packetbeat] ECS", "version": 1 }, - "id": "Transactions-errors", + "id": "Transactions-errors-ecs", "type": "search", "updated_at": "2019-01-19T00:05:18.965Z", "version": 3 @@ -1652,10 +1652,10 @@ "@timestamp", "desc" ], - "title": "DNS Protocol [Packetbeat]", + "title": "DNS Protocol [Packetbeat] ECS", "version": 1 }, - "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17", + "id": "d19e8485-7df5-47ce-8009-9dc3c42bcf17-ecs", "type": "search", "updated_at": "2019-01-18T23:49:24.089Z", "version": 2 @@ -1706,10 +1706,10 @@ "@timestamp", "desc" ], - "title": "TLS Sessions [Packetbeat]", + "title": "TLS Sessions [Packetbeat] ECS", "version": 1 }, - "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1741,7 +1741,7 @@ "x": 12, "y": 20 }, - "id": "Web-transactions", + "id": "Web-transactions-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1754,7 +1754,7 @@ "x": 36, "y": 20 }, - "id": "DB-transactions", + "id": "DB-transactions-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1767,7 +1767,7 @@ "x": 0, "y": 45 }, - "id": "Response-times-percentiles", + "id": "Response-times-percentiles-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1780,7 +1780,7 @@ "x": 0, "y": 60 }, - "id": "Errors-count-over-time", + "id": "Errors-count-over-time-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1793,7 +1793,7 @@ "x": 24, "y": 45 }, - "id": "Errors-vs-successful-transactions", + "id": "Errors-vs-successful-transactions-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1806,7 +1806,7 @@ "x": 24, "y": 60 }, - "id": "Latency-histogram", + "id": "Latency-histogram-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1843,7 +1843,7 @@ "x": 12, "y": 0 }, - "id": "Client-locations", + "id": "Client-locations-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1856,7 +1856,7 @@ "x": 0, "y": 30 }, - "id": "Response-times-repartition", + "id": "Response-times-repartition-ecs", "panelIndex": "10", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1869,7 +1869,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "11", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1883,7 +1883,7 @@ "x": 0, "y": 20 }, - "id": "e3f09730-1b80-11e9-83df-75eebb35951e", + "id": "e3f09730-1b80-11e9-83df-75eebb35951e-ecs", "panelIndex": "12", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1897,17 +1897,17 @@ "x": 24, "y": 20 }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "panelIndex": "13", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] Overview", + "title": "[Packetbeat] Overview ECS", "version": 1 }, - "id": "Packetbeat-Dashboard", + "id": "Packetbeat-Dashboard-ecs", "type": "dashboard", "updated_at": "2019-01-19T00:31:53.357Z", "version": 5 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json index c0d6cf2db8eb..d33eae639882 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-pgsql.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -48,8 +48,8 @@ } } }, - "savedSearchId": "PgSQL-errors", - "title": "PgSQL Errors [Packetbeat]", + "savedSearchId": "PgSQL-errors-ecs", + "title": "PgSQL Errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -154,11 +154,11 @@ ], "yAxis": {} }, - "title": "PgSQL Errors [Packetbeat]", + "title": "PgSQL Errors [Packetbeat] ECS", "type": "area" } }, - "id": "PgSQL-Errors", + "id": "PgSQL-Errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -175,8 +175,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL Methods [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL Methods [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -297,11 +297,11 @@ ], "yAxis": {} }, - "title": "PgSQL Methods [Packetbeat]", + "title": "PgSQL Methods [Packetbeat] ECS", "type": "area" } }, - "id": "PgSQL-Methods", + "id": "PgSQL-Methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -318,8 +318,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL response times percentiles [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -424,11 +424,11 @@ } ] }, - "title": "PgSQL response times percentiles [Packetbeat]", + "title": "PgSQL response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "PgSQL-response-times-percentiles", + "id": "PgSQL-response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -445,8 +445,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL Throughput [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL Throughput [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -565,11 +565,11 @@ } ] }, - "title": "PgSQL Throughput [Packetbeat]", + "title": "PgSQL Throughput [Packetbeat] ECS", "type": "line" } }, - "id": "PgSQL-throughput", + "id": "PgSQL-throughput-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -586,8 +586,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "PgSQL Reads vs Writes [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "PgSQL Reads vs Writes [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -719,11 +719,11 @@ ], "yAxis": {} }, - "title": "PgSQL Reads vs Writes [Packetbeat]", + "title": "PgSQL Reads vs Writes [Packetbeat] ECS", "type": "area" } }, - "id": "PgSQL-Reads-vs-Writes", + "id": "PgSQL-Reads-vs-Writes-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -740,8 +740,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "Most frequent PgSQL queries [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "Most frequent PgSQL queries [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -790,11 +790,11 @@ }, "totalFunc": "sum" }, - "title": "Most frequent PgSQL queries [Packetbeat]", + "title": "Most frequent PgSQL queries [Packetbeat] ECS", "type": "table" } }, - "id": "Most-frequent-PgSQL-queries", + "id": "Most-frequent-PgSQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -811,8 +811,8 @@ } } }, - "savedSearchId": "PgSQL-transactions", - "title": "Slowest PgSQL Queries [Packetbeat]", + "savedSearchId": "PgSQL-transactions-ecs", + "title": "Slowest PgSQL Queries [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -864,11 +864,11 @@ }, "totalFunc": "sum" }, - "title": "Slowest PgSQL Queries [Packetbeat]", + "title": "Slowest PgSQL Queries [Packetbeat] ECS", "type": "table" } }, - "id": "Slowest-PgSQL-queries", + "id": "Slowest-PgSQL-queries-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -964,10 +964,10 @@ "@timestamp", "desc" ], - "title": "PgSQL Errors Search [Packetbeat]", + "title": "PgSQL Errors Search [Packetbeat] ECS", "version": 1 }, - "id": "PgSQL-errors", + "id": "PgSQL-errors-ecs", "type": "search", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -1042,10 +1042,10 @@ "@timestamp", "desc" ], - "title": "PgSQL Transactions [Packetbeat]", + "title": "PgSQL Transactions [Packetbeat] ECS", "version": 1 }, - "id": "PgSQL-transactions", + "id": "PgSQL-transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 @@ -1082,7 +1082,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1095,7 +1095,7 @@ "x": 12, "y": 0 }, - "id": "PgSQL-Errors", + "id": "PgSQL-Errors-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1108,7 +1108,7 @@ "x": 32, "y": 0 }, - "id": "PgSQL-Methods", + "id": "PgSQL-Methods-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1121,7 +1121,7 @@ "x": 0, "y": 20 }, - "id": "PgSQL-response-times-percentiles", + "id": "PgSQL-response-times-percentiles-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1134,7 +1134,7 @@ "x": 24, "y": 35 }, - "id": "PgSQL-throughput", + "id": "PgSQL-throughput-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1147,7 +1147,7 @@ "x": 0, "y": 35 }, - "id": "PgSQL-Reads-vs-Writes", + "id": "PgSQL-Reads-vs-Writes-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1170,7 +1170,7 @@ "x": 0, "y": 50 }, - "id": "Most-frequent-PgSQL-queries", + "id": "Most-frequent-PgSQL-queries-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0-SNAPSHOT" @@ -1193,17 +1193,17 @@ "x": 24, "y": 50 }, - "id": "Slowest-PgSQL-queries", + "id": "Slowest-PgSQL-queries-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Packetbeat] PgSQL performance", + "title": "[Packetbeat] PgSQL performance ECS", "version": 1 }, - "id": "Packetbeat-PgSQL-performance", + "id": "Packetbeat-PgSQL-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:31.386Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json index 01f0017cb752..92761197e562 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-thrift.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -44,8 +44,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-transactions", - "title": "Thrift requests per minute [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Thrift requests per minute [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -82,11 +82,11 @@ "times": [], "yAxis": {} }, - "title": "Thrift requests per minute", + "title": "Thrift requests per minute ECS", "type": "histogram" } }, - "id": "Thrift-requests-per-minute", + "id": "Thrift-requests-per-minute-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -99,8 +99,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-errors", - "title": "Thrift RPC Errors [Packetbeat]", + "savedSearchId": "Thrift-errors-ecs", + "title": "Thrift RPC Errors [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -139,11 +139,11 @@ "times": [], "yAxis": {} }, - "title": "Thrift RPC Errors", + "title": "Thrift RPC Errors ECS", "type": "area" } }, - "id": "Thrift-RPC-Errors", + "id": "Thrift-RPC-Errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -160,8 +160,8 @@ } } }, - "savedSearchId": "Thrift-transactions", - "title": "Slowest Thrift RPC methods [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Slowest Thrift RPC methods [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -212,11 +212,11 @@ }, "totalFunc": "sum" }, - "title": "Slowest Thrift RPC methods [Packetbeat]", + "title": "Slowest Thrift RPC methods [Packetbeat] ECS", "type": "table" } }, - "id": "Slowest-Thrift-RPC-methods", + "id": "Slowest-Thrift-RPC-methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -233,8 +233,8 @@ } } }, - "savedSearchId": "Thrift-transactions", - "title": "Thrift response times percentiles [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Thrift response times percentiles [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -339,11 +339,11 @@ } ] }, - "title": "Thrift response times percentiles [Packetbeat]", + "title": "Thrift response times percentiles [Packetbeat] ECS", "type": "line" } }, - "id": "Thrift-response-times-percentiles", + "id": "Thrift-response-times-percentiles-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -356,8 +356,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-transactions", - "title": "Top Thrift-RPC methods [Packetbeat]", + "savedSearchId": "Thrift-transactions-ecs", + "title": "Top Thrift-RPC methods [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -393,11 +393,11 @@ "times": [], "yAxis": {} }, - "title": "Top Thrift-RPC methods", + "title": "Top Thrift-RPC methods ECS", "type": "histogram" } }, - "id": "Top-Thrift-RPC-methods", + "id": "Top-Thrift-RPC-methods-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -410,8 +410,8 @@ "filter": [] } }, - "savedSearchId": "Thrift-errors", - "title": "Top Thrift-RPC calls with errors [Packetbeat]", + "savedSearchId": "Thrift-errors-ecs", + "title": "Top Thrift-RPC calls with errors [Packetbeat] ECS", "version": 1, "visState": { "aggs": [ @@ -444,7 +444,7 @@ "type": "histogram" } }, - "id": "Top-Thrift-RPC-calls-with-errors", + "id": "Top-Thrift-RPC-calls-with-errors-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -519,10 +519,10 @@ "@timestamp", "desc" ], - "title": "Thrift Transactions Search [Packetbeat]", + "title": "Thrift Transactions Search [Packetbeat] ECS", "version": 1 }, - "id": "Thrift-transactions", + "id": "Thrift-transactions-ecs", "type": "search", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -623,10 +623,10 @@ "@timestamp", "desc" ], - "title": "Thrift Errors [Packetbeat]", + "title": "Thrift Errors [Packetbeat] ECS", "version": 1 }, - "id": "Thrift-errors", + "id": "Thrift-errors-ecs", "type": "search", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 @@ -657,7 +657,7 @@ "panelsJSON": [ { "col": 1, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": 1, "row": 1, "size_x": 3, @@ -666,7 +666,7 @@ }, { "col": 4, - "id": "Thrift-requests-per-minute", + "id": "Thrift-requests-per-minute-ecs", "panelIndex": 2, "row": 1, "size_x": 5, @@ -675,7 +675,7 @@ }, { "col": 9, - "id": "Thrift-RPC-Errors", + "id": "Thrift-RPC-Errors-ecs", "panelIndex": 3, "row": 1, "size_x": 4, @@ -684,7 +684,7 @@ }, { "col": 1, - "id": "Slowest-Thrift-RPC-methods", + "id": "Slowest-Thrift-RPC-methods-ecs", "panelIndex": 4, "row": 5, "size_x": 6, @@ -693,7 +693,7 @@ }, { "col": 7, - "id": "Thrift-response-times-percentiles", + "id": "Thrift-response-times-percentiles-ecs", "panelIndex": 5, "row": 5, "size_x": 6, @@ -702,7 +702,7 @@ }, { "col": 1, - "id": "Top-Thrift-RPC-methods", + "id": "Top-Thrift-RPC-methods-ecs", "panelIndex": 6, "row": 8, "size_x": 6, @@ -711,7 +711,7 @@ }, { "col": 7, - "id": "Top-Thrift-RPC-calls-with-errors", + "id": "Top-Thrift-RPC-calls-with-errors-ecs", "panelIndex": 7, "row": 8, "size_x": 6, @@ -720,7 +720,7 @@ } ], "timeRestore": false, - "title": "[Packetbeat] Thrift performance", + "title": "[Packetbeat] Thrift performance ECS", "uiStateJSON": { "P-4": { "vis": { @@ -735,7 +735,7 @@ }, "version": 1 }, - "id": "Packetbeat-Thrift-performance", + "id": "Packetbeat-Thrift-performance-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:32.418Z", "version": 1 diff --git a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json index 1d29a4761a42..a3563dd1f131 100644 --- a/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json +++ b/packetbeat/_meta/kibana/7/dashboard/Packetbeat-tls.json @@ -17,21 +17,21 @@ } } }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 10, - "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard)\n\n[Network Flows](#/dashboard/Packetbeat-Flows)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e) | [Tunneling](#/dashboard/DNS-Unique-Domains)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb)\n\n[TLS Overview](#/dashboard/tls-sessions)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance) | [Cassandra](#/dashboard/Packetbeat-Cassandra)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS)", + "markdown": "### Packetbeat:\n\n[Overview](#/dashboard/Packetbeat-Dashboard-ecs)\n\n[Network Flows](#/dashboard/Packetbeat-Flows-ecs)\n\n[DNS Overview](#/dashboard/65120940-1454-11e9-9de0-f98d1808db8e-ecs) | [Tunneling](#/dashboard/DNS-Unique-Domains-ecs)\n\n[DHCPv4 Transactions](#/dashboard/a7b35890-8baa-11e8-9676-ef67484126fb-ecs)\n\n[TLS Overview](#/dashboard/tls-sessions-ecs)\n\n[HTTP transactions](#/dashboard/Packetbeat-HTTP-ecs)\n\nDatabases: [MySQL](#/dashboard/Packetbeat-MySQL-performance-ecs) | [PostgreSQL](#/dashboard/Packetbeat-PgSQL-performance-ecs) | [MongoDB](#/dashboard/Packetbeat-MongoDB-performance-ecs) | [Cassandra](#/dashboard/Packetbeat-Cassandra-ecs)\n\nRPC: [Thrift](#/dashboard/Packetbeat-Thrift-performance-ecs)\n\nStorage: [NFS](#/dashboard/Packetbeat-NFS-ecs)", "openLinksInNewTab": false }, - "title": "Navigation [Packetbeat]", + "title": "Navigation [Packetbeat] ECS", "type": "markdown" } }, - "id": "Navigation", + "id": "Navigation-ecs", "type": "visualization", "updated_at": "2019-01-19T00:18:59.372Z", "version": 11 @@ -48,8 +48,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Sessions [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Sessions [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -167,11 +167,11 @@ } ] }, - "title": "TLS Sessions", + "title": "TLS Sessions ECS", "type": "histogram" } }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -209,7 +209,7 @@ } } }, - "title": "TLS Alerts [Packetbeat]", + "title": "TLS Alerts [Packetbeat] ECS", "uiStateJSON": { "vis": { "colors": { @@ -250,11 +250,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "TLS Alerts", + "title": "TLS Alerts ECS", "type": "pie" } }, - "id": "c14377a0-d353-11e7-9914-4982455b3063", + "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -295,7 +295,7 @@ } } }, - "title": "Total Number of TLS Sessions [Packetbeat]", + "title": "Total Number of TLS Sessions [Packetbeat] ECS", "uiStateJSON": { "P-5": { "vis": { @@ -354,11 +354,11 @@ }, "type": "metric" }, - "title": "Total Number of TLS Sessions", + "title": "Total Number of TLS Sessions ECS", "type": "metric" } }, - "id": "061de380-d361-11e7-9914-4982455b3063", + "id": "061de380-d361-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -375,8 +375,8 @@ } } }, - "savedSearchId": "94908e80-d2d8-11e7-9914-4982455b3063", - "title": "TLS Server Name Indication [Packetbeat]", + "savedSearchId": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", + "title": "TLS Server Name Indication [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -409,11 +409,11 @@ "orientation": "single", "scale": "linear" }, - "title": "TLS Server Name Indication", + "title": "TLS Server Name Indication ECS", "type": "tagcloud" } }, - "id": "a28d09d0-d361-11e7-9914-4982455b3063", + "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -430,8 +430,8 @@ } } }, - "savedSearchId": "bf3d23b0-d37c-11e7-9914-4982455b3063", - "title": "TLS Versions [Packetbeat]", + "savedSearchId": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", + "title": "TLS Versions [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -464,11 +464,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "TLS Versions", + "title": "TLS Versions ECS", "type": "pie" } }, - "id": "0af0b790-d37d-11e7-9914-4982455b3063", + "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -485,8 +485,8 @@ } } }, - "savedSearchId": "8f0ff590-d37d-11e7-9914-4982455b3063", - "title": "TLS Server Public Key Size [Packetbeat]", + "savedSearchId": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", + "title": "TLS Server Public Key Size [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -519,11 +519,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Server Public Key Size", + "title": "Server Public Key Size ECS", "type": "pie" } }, - "id": "ae6e33c0-d37d-11e7-9914-4982455b3063", + "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -540,8 +540,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Session Resume [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Session Resume [Packetbeat] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -585,11 +585,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "TLS Session Resume [Packetbeat]", + "title": "TLS Session Resume [Packetbeat] ECS", "type": "pie" } }, - "id": "2c467370-d392-11e7-8fa0-232aa9259081", + "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -606,8 +606,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Server Certificates [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Server Certificates [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -668,11 +668,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Server Certificates", + "title": "TLS Server Certificates ECS", "type": "table" } }, - "id": "0958a910-d396-11e7-8fa0-232aa9259081", + "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -689,8 +689,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Client Certificates [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Client Certificates [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -750,11 +750,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Client Certificates", + "title": "TLS Client Certificates ECS", "type": "table" } }, - "id": "86743f90-d396-11e7-8fa0-232aa9259081", + "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -771,8 +771,8 @@ } } }, - "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", - "title": "TLS Cipher [Packetbeat]", + "savedSearchId": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", + "title": "TLS Cipher [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -818,11 +818,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Cipher", + "title": "TLS Cipher ECS", "type": "table" } }, - "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961", + "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -839,8 +839,8 @@ } } }, - "savedSearchId": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b", - "title": "TLS Fingerprint [Packetbeat]", + "savedSearchId": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b-ecs", + "title": "TLS Fingerprint [Packetbeat] ECS", "uiStateJSON": { "vis": { "params": { @@ -886,11 +886,11 @@ }, "totalFunc": "sum" }, - "title": "TLS Fingerprint", + "title": "TLS Fingerprint ECS", "type": "table" } }, - "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b", + "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -932,8 +932,8 @@ } } }, - "savedSearchId": "8e2af860-d520-11e7-9fff-7b1ebf397ba9", - "title": "TLS Handshake Latency [Packetbeat]", + "savedSearchId": "8e2af860-d520-11e7-9fff-7b1ebf397ba9-ecs", + "title": "TLS Handshake Latency [Packetbeat] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -1032,11 +1032,11 @@ } ] }, - "title": "TLS Handshake Latency", + "title": "TLS Handshake Latency ECS", "type": "area" } }, - "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9", + "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", "type": "visualization", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1087,10 +1087,10 @@ "@timestamp", "desc" ], - "title": "TLS Sessions [Packetbeat]", + "title": "TLS Sessions [Packetbeat] ECS", "version": 1 }, - "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063", + "id": "ffc3c0b0-d2d7-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1141,10 +1141,10 @@ "@timestamp", "desc" ], - "title": "TLS Server Name Indication [Packetbeat]", + "title": "TLS Server Name Indication [Packetbeat] ECS", "version": 1 }, - "id": "94908e80-d2d8-11e7-9914-4982455b3063", + "id": "94908e80-d2d8-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1195,10 +1195,10 @@ "@timestamp", "desc" ], - "title": "TLS Version [Packetbeat]", + "title": "TLS Version [Packetbeat] ECS", "version": 1 }, - "id": "bf3d23b0-d37c-11e7-9914-4982455b3063", + "id": "bf3d23b0-d37c-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1249,10 +1249,10 @@ "@timestamp", "desc" ], - "title": "Server Public Key Size", + "title": "Server Public Key Size ECS", "version": 1 }, - "id": "8f0ff590-d37d-11e7-9914-4982455b3063", + "id": "8f0ff590-d37d-11e7-9914-4982455b3063-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1298,10 +1298,10 @@ "@timestamp", "desc" ], - "title": "TLS Fingerprint [Packetbeat]", + "title": "TLS Fingerprint [Packetbeat] ECS", "version": 1 }, - "id": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b", + "id": "6b1b1360-d49d-11e7-996f-bd7c1ca4591b-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 @@ -1364,17 +1364,17 @@ "@timestamp", "desc" ], - "title": "TLS Handshake Latency [Packetbeat]", + "title": "TLS Handshake Latency [Packetbeat] ECS", "version": 1 }, - "id": "8e2af860-d520-11e7-9fff-7b1ebf397ba9", + "id": "8e2af860-d520-11e7-9fff-7b1ebf397ba9-ecs", "type": "search", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 }, { "attributes": { - "description": "TLS Sessions", + "description": "TLS Sessions ECS", "hits": 0, "kibanaSavedObjectMeta": { "searchSourceJSON": { @@ -1405,7 +1405,7 @@ "x": 0, "y": 0 }, - "id": "Navigation", + "id": "Navigation-ecs", "panelIndex": "4", "type": "visualization", "version": "6.2.4" @@ -1418,7 +1418,7 @@ "x": 3, "y": 0 }, - "id": "059fe5e0-d2dd-11e7-9914-4982455b3063", + "id": "059fe5e0-d2dd-11e7-9914-4982455b3063-ecs", "panelIndex": "8", "type": "visualization", "version": "6.2.4" @@ -1431,7 +1431,7 @@ "x": 3, "y": 7 }, - "id": "c14377a0-d353-11e7-9914-4982455b3063", + "id": "c14377a0-d353-11e7-9914-4982455b3063-ecs", "panelIndex": "9", "type": "visualization", "version": "6.2.4" @@ -1444,7 +1444,7 @@ "x": 0, "y": 4 }, - "id": "061de380-d361-11e7-9914-4982455b3063", + "id": "061de380-d361-11e7-9914-4982455b3063-ecs", "panelIndex": "10", "type": "visualization", "version": "6.2.4" @@ -1457,7 +1457,7 @@ "x": 0, "y": 10 }, - "id": "a28d09d0-d361-11e7-9914-4982455b3063", + "id": "a28d09d0-d361-11e7-9914-4982455b3063-ecs", "panelIndex": "11", "type": "visualization", "version": "6.2.4" @@ -1470,7 +1470,7 @@ "x": 6, "y": 7 }, - "id": "0af0b790-d37d-11e7-9914-4982455b3063", + "id": "0af0b790-d37d-11e7-9914-4982455b3063-ecs", "panelIndex": "12", "type": "visualization", "version": "6.2.4" @@ -1483,7 +1483,7 @@ "x": 9, "y": 7 }, - "id": "ae6e33c0-d37d-11e7-9914-4982455b3063", + "id": "ae6e33c0-d37d-11e7-9914-4982455b3063-ecs", "panelIndex": "13", "type": "visualization", "version": "6.2.4" @@ -1496,7 +1496,7 @@ "x": 0, "y": 7 }, - "id": "2c467370-d392-11e7-8fa0-232aa9259081", + "id": "2c467370-d392-11e7-8fa0-232aa9259081-ecs", "panelIndex": "14", "type": "visualization", "version": "6.2.4" @@ -1509,7 +1509,7 @@ "x": 0, "y": 13 }, - "id": "0958a910-d396-11e7-8fa0-232aa9259081", + "id": "0958a910-d396-11e7-8fa0-232aa9259081-ecs", "panelIndex": "15", "type": "visualization", "version": "6.2.4" @@ -1522,7 +1522,7 @@ "x": 0, "y": 16 }, - "id": "86743f90-d396-11e7-8fa0-232aa9259081", + "id": "86743f90-d396-11e7-8fa0-232aa9259081-ecs", "panelIndex": "16", "type": "visualization", "version": "6.2.4" @@ -1535,7 +1535,7 @@ "x": 6, "y": 13 }, - "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961", + "id": "463d2bf0-d3a8-11e7-9081-ab2af08e9961-ecs", "panelIndex": "17", "type": "visualization", "version": "6.2.4" @@ -1548,7 +1548,7 @@ "x": 6, "y": 16 }, - "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b", + "id": "ad2a8b50-d49d-11e7-996f-bd7c1ca4591b-ecs", "panelIndex": "18", "type": "visualization", "version": "6.2.4" @@ -1561,14 +1561,14 @@ "x": 3, "y": 4 }, - "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9", + "id": "d2e15950-d560-11e7-9fff-7b1ebf397ba9-ecs", "panelIndex": "19", "type": "visualization", "version": "6.2.4" } ], "timeRestore": false, - "title": "[Packetbeat] TLS Sessions", + "title": "[Packetbeat] TLS Sessions ECS", "uiStateJSON": { "P-15": { "vis": { @@ -1630,7 +1630,7 @@ }, "version": 1 }, - "id": "tls-sessions", + "id": "tls-sessions-ecs", "type": "dashboard", "updated_at": "2019-01-18T23:49:33.441Z", "version": 1 diff --git a/script/kibana-migration.py b/script/kibana-migration.py index 704ef67807bc..bd7a8cd39ed2 100644 --- a/script/kibana-migration.py +++ b/script/kibana-migration.py @@ -6,7 +6,7 @@ def migration(): print "Start Kibana files migration" print "Migrate all fields to the ECS fields" - migration_fields = read_migration_fields("filebeat") + migration_fields = read_migration_fields() rename_entries(migration_fields) print "Postfix all ids with -ecs" @@ -37,14 +37,12 @@ def get_replaceable_ids(): return ids -def read_migration_fields(beat): +def read_migration_fields(): migration_fields = {} migration_yml = "../dev-tools/ecs-migration.yml" with open(migration_yml, 'r') as f: migration = yaml.safe_load(f) for k in migration: - if "beat" in k and k["beat"] not beat: - continue if "to" in k and "from" in k: if "rename" in k and k["rename"] is False: continue diff --git a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json index 82ccb0386409..8e0d457e4818 100644 --- a/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json +++ b/winlogbeat/_meta/kibana/7/dashboard/Winlogbeat-overview.json @@ -91,36 +91,36 @@ } ], "timeRestore": false, - "title": "Winlogbeat Dashboard", + "title": "Winlogbeat Dashboard ECS", "version": 1 }, - "id": "Winlogbeat-Dashboard", + "id": "Winlogbeat-Dashboard-ecs", "migrationVersion": { "dashboard": "7.0.0" }, "references": [ { - "id": "Number-of-Events-Over-Time-By-Event-Log", + "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", "name": "panel_0", "type": "visualization" }, { - "id": "Number-of-Events", + "id": "Number-of-Events-ecs", "name": "panel_1", "type": "visualization" }, { - "id": "Top-Event-IDs", + "id": "Top-Event-IDs-ecs", "name": "panel_2", "type": "visualization" }, { - "id": "Event-Levels", + "id": "Event-Levels-ecs", "name": "panel_3", "type": "visualization" }, { - "id": "Sources", + "id": "Sources-ecs", "name": "panel_4", "type": "visualization" } @@ -142,7 +142,7 @@ } } }, - "title": "Number of Events Over Time By Channel", + "title": "Number of Events Over Time By Channel ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -313,11 +313,11 @@ ], "yAxis": {} }, - "title": "Number of Events Over Time By Channel", + "title": "Number of Events Over Time By Channel ECS", "type": "histogram" } }, - "id": "Number-of-Events-Over-Time-By-Event-Log", + "id": "Number-of-Events-Over-Time-By-Event-Log-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -347,7 +347,7 @@ } } }, - "title": "Number of Events", + "title": "Number of Events ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -366,7 +366,7 @@ "type": "metric" } }, - "id": "Number-of-Events", + "id": "Number-of-Events-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -399,7 +399,7 @@ } } }, - "title": "Top Event IDs", + "title": "Top Event IDs ECS", "uiStateJSON": { "vis": { "params": { @@ -476,11 +476,11 @@ }, "totalFunc": "sum" }, - "title": "Top Event IDs", + "title": "Top Event IDs ECS", "type": "table" } }, - "id": "Top-Event-IDs", + "id": "Top-Event-IDs-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -513,7 +513,7 @@ } } }, - "title": "Event Levels", + "title": "Event Levels ECS", "uiStateJSON": { "vis": { "params": { @@ -590,11 +590,11 @@ }, "totalFunc": "sum" }, - "title": "Event Levels", + "title": "Event Levels ECS", "type": "table" } }, - "id": "Event-Levels", + "id": "Event-Levels-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -627,7 +627,7 @@ } } }, - "title": "Sources (Provider Names)", + "title": "Sources (Provider Names) ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -670,11 +670,11 @@ "shareYAxis": true, "type": "pie" }, - "title": "Sources (Provider Names)", + "title": "Sources (Provider Names) ECS", "type": "pie" } }, - "id": "Sources", + "id": "Sources-ecs", "migrationVersion": { "visualization": "7.0.0" }, diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json index edd1f575b1f7..a8934c0cc6c2 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-host-dashboard.json @@ -40,7 +40,7 @@ } } }, - "title": "Host Count [Auditbeat System]", + "title": "Host Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -84,11 +84,11 @@ }, "type": "metric" }, - "title": "Host Count [Auditbeat System]", + "title": "Host Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-02-03T20:37:18.796Z", "version": 22 @@ -133,7 +133,7 @@ } } }, - "title": "OS Distribution [Auditbeat System]", + "title": "OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -194,11 +194,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "OS Distribution [Auditbeat System]", + "title": "OS Distribution [Auditbeat System] ECS", "type": "pie" } }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-01-21T11:37:35.796Z", "version": 24 @@ -243,7 +243,7 @@ } } }, - "title": "Average Uptime [Auditbeat System]", + "title": "Average Uptime [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -287,11 +287,11 @@ }, "type": "metric" }, - "title": "Average Uptime [Auditbeat System]", + "title": "Average Uptime [Auditbeat System] ECS", "type": "metric" } }, - "id": "4d0485f0-18da-11e9-9094-c50574723088", + "id": "4d0485f0-18da-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-01-21T11:57:55.023Z", "version": 23 @@ -336,7 +336,7 @@ } } }, - "title": "Host Documents [Auditbeat System]", + "title": "Host Documents [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -435,11 +435,11 @@ } ] }, - "title": "Host Documents [Auditbeat System]", + "title": "Host Documents [Auditbeat System] ECS", "type": "histogram" } }, - "id": "eea92ad0-18d7-11e9-9094-c50574723088", + "id": "eea92ad0-18d7-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-02-04T09:26:47.877Z", "version": 22 @@ -484,7 +484,7 @@ } } }, - "title": "Host List [Auditbeat System]", + "title": "Host List [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -597,11 +597,11 @@ }, "totalFunc": "sum" }, - "title": "Host List [Auditbeat System]", + "title": "Host List [Auditbeat System] ECS", "type": "table" } }, - "id": "91962a30-1901-11e9-9094-c50574723088", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-01-21T11:58:22.519Z", "version": 25 @@ -658,10 +658,10 @@ "@timestamp", "desc" ], - "title": "Host Events [Auditbeat System]", + "title": "Host Events [Auditbeat System] ECS", "version": 1 }, - "id": "abe78cd0-18ca-11e9-9094-c50574723088", + "id": "abe78cd0-18ca-11e9-9094-c50574723088-ecs", "type": "search", "updated_at": "2019-02-04T09:31:20.533Z", "version": 6 @@ -678,21 +678,21 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", "version": 3 @@ -725,7 +725,7 @@ "x": 0, "y": 4 }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0" @@ -739,7 +739,7 @@ "x": 31, "y": 4 }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0" @@ -753,7 +753,7 @@ "x": 15, "y": 4 }, - "id": "4d0485f0-18da-11e9-9094-c50574723088", + "id": "4d0485f0-18da-11e9-9094-c50574723088-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0" @@ -767,7 +767,7 @@ "x": 0, "y": 14 }, - "id": "eea92ad0-18d7-11e9-9094-c50574723088", + "id": "eea92ad0-18d7-11e9-9094-c50574723088-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0" @@ -781,7 +781,7 @@ "x": 0, "y": 21 }, - "id": "91962a30-1901-11e9-9094-c50574723088", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0" @@ -795,7 +795,7 @@ "x": 0, "y": 33 }, - "id": "abe78cd0-18ca-11e9-9094-c50574723088", + "id": "abe78cd0-18ca-11e9-9094-c50574723088-ecs", "panelIndex": "7", "type": "search", "version": "7.0.0" @@ -809,17 +809,17 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Host Dashboard", + "title": "[Auditbeat System] Host Dashboard ECS", "version": 1 }, - "id": "dfe62590-18da-11e9-9094-c50574723088", + "id": "dfe62590-18da-11e9-9094-c50574723088-ecs", "type": "dashboard", "updated_at": "2019-02-04T11:25:58.146Z", "version": 28 diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json index 4125daa9159a..f663f846bc5b 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-login-dashboard.json @@ -40,7 +40,7 @@ } } }, - "title": "Login Count [Auditbeat System]", + "title": "Login Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -83,11 +83,11 @@ }, "type": "metric" }, - "title": "Login Count [Auditbeat System]", + "title": "Login Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:44:50.914Z", "version": 1 @@ -132,7 +132,7 @@ } } }, - "title": "Login Actions [Auditbeat System]", + "title": "Login Actions [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -174,11 +174,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Login Actions [Auditbeat System]", + "title": "Login Actions [Auditbeat System] ECS", "type": "pie" } }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:04:51.914Z", "version": 1 @@ -249,7 +249,7 @@ } } }, - "title": "Login Success Table [Auditbeat System]", + "title": "Login Success Table [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -301,11 +301,11 @@ }, "totalFunc": "sum" }, - "title": "Login Success Table [Auditbeat System]", + "title": "Login Success Table [Auditbeat System] ECS", "type": "table" } }, - "id": "5eb5f250-285e-11e9-805f-43bf57dfa519", + "id": "5eb5f250-285e-11e9-805f-43bf57dfa519-ecs", "type": "visualization", "updated_at": "2019-02-04T09:22:44.444Z", "version": 2 @@ -376,7 +376,7 @@ } } }, - "title": "Login Failures Table [Auditbeat System]", + "title": "Login Failures Table [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -428,11 +428,11 @@ }, "totalFunc": "sum" }, - "title": "Login Failures Table [Auditbeat System]", + "title": "Login Failures Table [Auditbeat System] ECS", "type": "table" } }, - "id": "a1951650-285e-11e9-805f-43bf57dfa519", + "id": "a1951650-285e-11e9-805f-43bf57dfa519-ecs", "type": "visualization", "updated_at": "2019-02-04T09:24:11.445Z", "version": 1 @@ -477,7 +477,7 @@ } } }, - "title": "Login Event Histogram [Auditbeat System]", + "title": "Login Event Histogram [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -574,11 +574,11 @@ } ] }, - "title": "Login Event Histogram [Auditbeat System]", + "title": "Login Event Histogram [Auditbeat System] ECS", "type": "histogram" } }, - "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519", + "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519-ecs", "type": "visualization", "updated_at": "2019-02-04T09:26:04.254Z", "version": 1 @@ -636,10 +636,10 @@ "@timestamp", "desc" ], - "title": "Login Events [Auditbeat System]", + "title": "Login Events [Auditbeat System] ECS", "version": 1 }, - "id": "2e04c720-285f-11e9-805f-43bf57dfa519", + "id": "2e04c720-285f-11e9-805f-43bf57dfa519-ecs", "type": "search", "updated_at": "2019-02-04T09:28:07.058Z", "version": 1 @@ -684,7 +684,7 @@ } } }, - "title": "Login OS Distribution [Auditbeat System]", + "title": "Login OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -745,11 +745,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Login OS Distribution [Auditbeat System]", + "title": "Login OS Distribution [Auditbeat System] ECS", "type": "pie" } }, - "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519", + "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519-ecs", "type": "visualization", "updated_at": "2019-02-04T09:40:30.122Z", "version": 1 @@ -766,21 +766,21 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", "version": 3 @@ -813,7 +813,7 @@ "x": 0, "y": 4 }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0" @@ -827,7 +827,7 @@ "x": 8, "y": 4 }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0" @@ -841,7 +841,7 @@ "x": 28, "y": 4 }, - "id": "5eb5f250-285e-11e9-805f-43bf57dfa519", + "id": "5eb5f250-285e-11e9-805f-43bf57dfa519-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0" @@ -855,7 +855,7 @@ "x": 38, "y": 4 }, - "id": "a1951650-285e-11e9-805f-43bf57dfa519", + "id": "a1951650-285e-11e9-805f-43bf57dfa519-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0" @@ -869,7 +869,7 @@ "x": 0, "y": 14 }, - "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519", + "id": "e4d25fe0-285e-11e9-805f-43bf57dfa519-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0" @@ -883,7 +883,7 @@ "x": 0, "y": 23 }, - "id": "2e04c720-285f-11e9-805f-43bf57dfa519", + "id": "2e04c720-285f-11e9-805f-43bf57dfa519-ecs", "panelIndex": "7", "type": "search", "version": "7.0.0" @@ -897,7 +897,7 @@ "x": 18, "y": 4 }, - "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519", + "id": "e8eb58a0-2860-11e9-805f-43bf57dfa519-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0" @@ -911,17 +911,17 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Login Dashboard", + "title": "[Auditbeat System] Login Dashboard ECS", "version": 1 }, - "id": "2a17f200-285e-11e9-805f-43bf57dfa519", + "id": "2a17f200-285e-11e9-805f-43bf57dfa519-ecs", "type": "dashboard", "updated_at": "2019-02-04T11:38:50.007Z", "version": 6 diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json index 3d43f14b2bdb..24c0db47fe6d 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-overview-dashboard.json @@ -40,7 +40,7 @@ } } }, - "title": "Host Count [Auditbeat System]", + "title": "Host Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -84,11 +84,11 @@ }, "type": "metric" }, - "title": "Host Count [Auditbeat System]", + "title": "Host Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-02-03T20:37:18.796Z", "version": 22 @@ -133,7 +133,7 @@ } } }, - "title": "Process Count [Auditbeat System]", + "title": "Process Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -177,11 +177,11 @@ }, "type": "metric" }, - "title": "Process Count [Auditbeat System]", + "title": "Process Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:24:39.030Z", "version": 1 @@ -226,7 +226,7 @@ } } }, - "title": "Socket Count [Auditbeat System]", + "title": "Socket Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -270,11 +270,11 @@ }, "type": "metric" }, - "title": "Socket Count [Auditbeat System]", + "title": "Socket Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:29:47.881Z", "version": 1 @@ -319,7 +319,7 @@ } } }, - "title": "User Count [Auditbeat System]", + "title": "User Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -363,11 +363,11 @@ }, "type": "metric" }, - "title": "User Count [Auditbeat System]", + "title": "User Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:35:48.640Z", "version": 2 @@ -412,7 +412,7 @@ } } }, - "title": "Package Count [Auditbeat System]", + "title": "Package Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -456,11 +456,11 @@ }, "type": "metric" }, - "title": "Package Count [Auditbeat System]", + "title": "Package Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:40:37.585Z", "version": 1 @@ -505,7 +505,7 @@ } } }, - "title": "Login Count [Auditbeat System]", + "title": "Login Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -548,11 +548,11 @@ }, "type": "metric" }, - "title": "Login Count [Auditbeat System]", + "title": "Login Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:44:50.914Z", "version": 1 @@ -597,7 +597,7 @@ } } }, - "title": "OS Distribution [Auditbeat System]", + "title": "OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -658,11 +658,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "OS Distribution [Auditbeat System]", + "title": "OS Distribution [Auditbeat System] ECS", "type": "pie" } }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-01-21T11:37:35.796Z", "version": 24 @@ -707,7 +707,7 @@ } } }, - "title": "Login Actions [Auditbeat System]", + "title": "Login Actions [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -749,11 +749,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Login Actions [Auditbeat System]", + "title": "Login Actions [Auditbeat System] ECS", "type": "pie" } }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:04:51.914Z", "version": 1 @@ -824,7 +824,7 @@ } } }, - "title": "User Changes [Auditbeat System]", + "title": "User Changes [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -867,11 +867,11 @@ }, "type": "metric" }, - "title": "User Changes [Auditbeat System]", + "title": "User Changes [Auditbeat System] ECS", "type": "metric" } }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:38:11.314Z", "version": 1 @@ -942,7 +942,7 @@ } } }, - "title": "Process Starts [Auditbeat System]", + "title": "Process Starts [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -985,11 +985,11 @@ }, "type": "metric" }, - "title": "Process Starts [Auditbeat System]", + "title": "Process Starts [Auditbeat System] ECS", "type": "metric" } }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:45:42.195Z", "version": 1 @@ -1060,7 +1060,7 @@ } } }, - "title": "Process Stops [Auditbeat System]", + "title": "Process Stops [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1103,11 +1103,11 @@ }, "type": "metric" }, - "title": "Process Stops [Auditbeat System]", + "title": "Process Stops [Auditbeat System] ECS", "type": "metric" } }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:50:28.750Z", "version": 1 @@ -1178,7 +1178,7 @@ } } }, - "title": "Sockets Opened [Auditbeat System]", + "title": "Sockets Opened [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1221,11 +1221,11 @@ }, "type": "metric" }, - "title": "Sockets Opened [Auditbeat System]", + "title": "Sockets Opened [Auditbeat System] ECS", "type": "metric" } }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:47:58.605Z", "version": 2 @@ -1296,7 +1296,7 @@ } } }, - "title": "Sockets Closed [Auditbeat System]", + "title": "Sockets Closed [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1339,11 +1339,11 @@ }, "type": "metric" }, - "title": "Sockets Closed [Auditbeat System]", + "title": "Sockets Closed [Auditbeat System] ECS", "type": "metric" } }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:48:58.668Z", "version": 1 @@ -1414,7 +1414,7 @@ } } }, - "title": "Package Changes [Auditbeat System]", + "title": "Package Changes [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1457,11 +1457,11 @@ }, "type": "metric" }, - "title": "Package Changes [Auditbeat System]", + "title": "Package Changes [Auditbeat System] ECS", "type": "metric" } }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", "type": "visualization", "updated_at": "2019-02-04T10:44:06.826Z", "version": 2 @@ -1532,7 +1532,7 @@ } } }, - "title": "System Event Histogram [Auditbeat System]", + "title": "System Event Histogram [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -1629,11 +1629,11 @@ } ] }, - "title": "System Event Histogram [Auditbeat System]", + "title": "System Event Histogram [Auditbeat System] ECS", "type": "histogram" } }, - "id": "54135e50-27ff-11e9-805f-43bf57dfa519", + "id": "54135e50-27ff-11e9-805f-43bf57dfa519-ecs", "type": "visualization", "updated_at": "2019-02-03T22:01:59.221Z", "version": 1 @@ -1678,7 +1678,7 @@ } } }, - "title": "Host List [Auditbeat System]", + "title": "Host List [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -1791,11 +1791,11 @@ }, "totalFunc": "sum" }, - "title": "Host List [Auditbeat System]", + "title": "Host List [Auditbeat System] ECS", "type": "table" } }, - "id": "91962a30-1901-11e9-9094-c50574723088", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", "type": "visualization", "updated_at": "2019-01-21T11:58:22.519Z", "version": 25 @@ -1879,10 +1879,10 @@ "@timestamp", "desc" ], - "title": "System Events [Auditbeat System]", + "title": "System Events [Auditbeat System] ECS", "version": 1 }, - "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519", + "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519-ecs", "type": "search", "updated_at": "2019-02-03T22:17:10.090Z", "version": 2 @@ -1899,21 +1899,21 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", "version": 3 @@ -2103,7 +2103,7 @@ "x": 0, "y": 4 }, - "id": "cf8aa0a0-18ca-11e9-9094-c50574723088", + "id": "cf8aa0a0-18ca-11e9-9094-c50574723088-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0" @@ -2117,7 +2117,7 @@ "x": 24, "y": 4 }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0" @@ -2131,7 +2131,7 @@ "x": 32, "y": 4 }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0" @@ -2145,7 +2145,7 @@ "x": 16, "y": 4 }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0" @@ -2159,7 +2159,7 @@ "x": 40, "y": 4 }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0" @@ -2173,7 +2173,7 @@ "x": 8, "y": 4 }, - "id": "8d63c420-27f4-11e9-89af-fd12d59dac90", + "id": "8d63c420-27f4-11e9-89af-fd12d59dac90-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0" @@ -2187,7 +2187,7 @@ "x": 0, "y": 12 }, - "id": "9dd991a0-18cb-11e9-9094-c50574723088", + "id": "9dd991a0-18cb-11e9-9094-c50574723088-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0" @@ -2201,7 +2201,7 @@ "x": 8, "y": 12 }, - "id": "593df9b0-27f7-11e9-89af-fd12d59dac90", + "id": "593df9b0-27f7-11e9-89af-fd12d59dac90-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0" @@ -2215,7 +2215,7 @@ "x": 16, "y": 12 }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", "panelIndex": "10", "type": "visualization", "version": "7.0.0" @@ -2229,7 +2229,7 @@ "x": 24, "y": 12 }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "11", "type": "visualization", "version": "7.0.0" @@ -2243,7 +2243,7 @@ "x": 24, "y": 19 }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "12", "type": "visualization", "version": "7.0.0" @@ -2257,7 +2257,7 @@ "x": 32, "y": 12 }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "13", "type": "visualization", "version": "7.0.0" @@ -2271,7 +2271,7 @@ "x": 32, "y": 19 }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "14", "type": "visualization", "version": "7.0.0" @@ -2285,7 +2285,7 @@ "x": 40, "y": 12 }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", "panelIndex": "15", "type": "visualization", "version": "7.0.0" @@ -2299,7 +2299,7 @@ "x": 0, "y": 26 }, - "id": "54135e50-27ff-11e9-805f-43bf57dfa519", + "id": "54135e50-27ff-11e9-805f-43bf57dfa519-ecs", "panelIndex": "16", "type": "visualization", "version": "7.0.0" @@ -2313,7 +2313,7 @@ "x": 0, "y": 34 }, - "id": "91962a30-1901-11e9-9094-c50574723088", + "id": "91962a30-1901-11e9-9094-c50574723088-ecs", "panelIndex": "17", "type": "visualization", "version": "7.0.0" @@ -2327,7 +2327,7 @@ "x": 24, "y": 34 }, - "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519", + "id": "d08ebd30-27ff-11e9-805f-43bf57dfa519-ecs", "panelIndex": "18", "type": "search", "version": "7.0.0" @@ -2341,17 +2341,17 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "19", "type": "visualization", "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] System Overview", + "title": "[Auditbeat System] System Overview ECS", "version": 1 }, - "id": "2be46cb0-27f2-11e9-89af-fd12d59dac90", + "id": "2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs", "type": "dashboard", "updated_at": "2019-02-04T09:32:32.325Z", "version": 9 diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json index 46dcaf1f714c..4d6ba67e0f90 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-package-dashboard.json @@ -12,21 +12,21 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", "version": 3 @@ -71,7 +71,7 @@ } } }, - "title": "Package Count [Auditbeat System]", + "title": "Package Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ }, "type": "metric" }, - "title": "Package Count [Auditbeat System]", + "title": "Package Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:40:37.585Z", "version": 1 @@ -190,7 +190,7 @@ } } }, - "title": "Package Changes [Auditbeat System]", + "title": "Package Changes [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -233,11 +233,11 @@ }, "type": "metric" }, - "title": "Package Changes [Auditbeat System]", + "title": "Package Changes [Auditbeat System] ECS", "type": "metric" } }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", "type": "visualization", "updated_at": "2019-02-04T10:44:06.826Z", "version": 2 @@ -282,7 +282,7 @@ } } }, - "title": "Package OS Distribution [Auditbeat System]", + "title": "Package OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -343,11 +343,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Package OS Distribution [Auditbeat System]", + "title": "Package OS Distribution [Auditbeat System] ECS", "type": "pie" } }, - "id": "6ed51940-2868-11e9-9d21-0be348776e6c", + "id": "6ed51940-2868-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:34:21.268Z", "version": 1 @@ -418,7 +418,7 @@ } } }, - "title": "Package Change Actions [Auditbeat System]", + "title": "Package Change Actions [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -460,11 +460,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Package Change Actions [Auditbeat System]", + "title": "Package Change Actions [Auditbeat System] ECS", "type": "pie" } }, - "id": "fe23f530-2868-11e9-9d21-0be348776e6c", + "id": "fe23f530-2868-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:38:21.699Z", "version": 1 @@ -509,7 +509,7 @@ } } }, - "title": "Package Document Histogram [Auditbeat System]", + "title": "Package Document Histogram [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -606,11 +606,11 @@ } ] }, - "title": "Package Document Histogram [Auditbeat System]", + "title": "Package Document Histogram [Auditbeat System] ECS", "type": "histogram" } }, - "id": "4e7701d0-2869-11e9-9d21-0be348776e6c", + "id": "4e7701d0-2869-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:40:36.461Z", "version": 1 @@ -667,10 +667,10 @@ "@timestamp", "desc" ], - "title": "Package Documents [Auditbeat System]", + "title": "Package Documents [Auditbeat System] ECS", "version": 1 }, - "id": "391ef230-2868-11e9-9d21-0be348776e6c", + "id": "391ef230-2868-11e9-9d21-0be348776e6c-ecs", "type": "search", "updated_at": "2019-02-04T10:32:51.155Z", "version": 1 @@ -715,7 +715,7 @@ } } }, - "title": "Package Names [Auditbeat System]", + "title": "Package Names [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -764,11 +764,11 @@ }, "totalFunc": "sum" }, - "title": "Package Names [Auditbeat System]", + "title": "Package Names [Auditbeat System] ECS", "type": "table" } }, - "id": "8dc55df0-2869-11e9-9d21-0be348776e6c", + "id": "8dc55df0-2869-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:45:22.440Z", "version": 2 @@ -801,7 +801,7 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0" @@ -815,7 +815,7 @@ "x": 0, "y": 4 }, - "id": "f664fb20-27f3-11e9-89af-fd12d59dac90", + "id": "f664fb20-27f3-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0" @@ -829,7 +829,7 @@ "x": 6, "y": 4 }, - "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519", + "id": "bdf9c530-27fe-11e9-805f-43bf57dfa519-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0" @@ -843,7 +843,7 @@ "x": 24, "y": 4 }, - "id": "6ed51940-2868-11e9-9d21-0be348776e6c", + "id": "6ed51940-2868-11e9-9d21-0be348776e6c-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0" @@ -857,7 +857,7 @@ "x": 11, "y": 4 }, - "id": "fe23f530-2868-11e9-9d21-0be348776e6c", + "id": "fe23f530-2868-11e9-9d21-0be348776e6c-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0" @@ -871,7 +871,7 @@ "x": 0, "y": 15 }, - "id": "4e7701d0-2869-11e9-9d21-0be348776e6c", + "id": "4e7701d0-2869-11e9-9d21-0be348776e6c-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0" @@ -885,7 +885,7 @@ "x": 0, "y": 23 }, - "id": "391ef230-2868-11e9-9d21-0be348776e6c", + "id": "391ef230-2868-11e9-9d21-0be348776e6c-ecs", "panelIndex": "7", "type": "search", "version": "7.0.0" @@ -899,17 +899,17 @@ "x": 37, "y": 4 }, - "id": "8dc55df0-2869-11e9-9d21-0be348776e6c", + "id": "8dc55df0-2869-11e9-9d21-0be348776e6c-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Package Dashboard", + "title": "[Auditbeat System] Package Dashboard ECS", "version": 1 }, - "id": "137c52f0-286a-11e9-9d21-0be348776e6c", + "id": "137c52f0-286a-11e9-9d21-0be348776e6c-ecs", "type": "dashboard", "updated_at": "2019-02-04T11:03:23.945Z", "version": 2 diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json index 6ffee4042df1..d66cc3f5f2b2 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-process-dashboard.json @@ -40,7 +40,7 @@ } } }, - "title": "Process Count [Auditbeat System]", + "title": "Process Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -84,11 +84,11 @@ }, "type": "metric" }, - "title": "Process Count [Auditbeat System]", + "title": "Process Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:24:39.030Z", "version": 1 @@ -159,7 +159,7 @@ } } }, - "title": "Process Starts [Auditbeat System]", + "title": "Process Starts [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -202,11 +202,11 @@ }, "type": "metric" }, - "title": "Process Starts [Auditbeat System]", + "title": "Process Starts [Auditbeat System] ECS", "type": "metric" } }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:45:42.195Z", "version": 1 @@ -277,7 +277,7 @@ } } }, - "title": "Process Stops [Auditbeat System]", + "title": "Process Stops [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -320,11 +320,11 @@ }, "type": "metric" }, - "title": "Process Stops [Auditbeat System]", + "title": "Process Stops [Auditbeat System] ECS", "type": "metric" } }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:50:28.750Z", "version": 1 @@ -383,10 +383,10 @@ "@timestamp", "desc" ], - "title": "Process Events [Auditbeat System]", + "title": "Process Events [Auditbeat System] ECS", "version": 1 }, - "id": "0f9611b0-2862-11e9-97cb-474beda9f119", + "id": "0f9611b0-2862-11e9-97cb-474beda9f119-ecs", "type": "search", "updated_at": "2019-02-04T09:48:44.490Z", "version": 1 @@ -431,7 +431,7 @@ } } }, - "title": "Process OS Distribution [Auditbeat System]", + "title": "Process OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -492,11 +492,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Process OS Distribution [Auditbeat System]", + "title": "Process OS Distribution [Auditbeat System] ECS", "type": "pie" } }, - "id": "91708fd0-2862-11e9-97cb-474beda9f119", + "id": "91708fd0-2862-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T09:52:22.349Z", "version": 1 @@ -541,7 +541,7 @@ } } }, - "title": "Process Event Histogram [Auditbeat System]", + "title": "Process Event Histogram [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -638,11 +638,11 @@ } ] }, - "title": "Process Event Histogram [Auditbeat System]", + "title": "Process Event Histogram [Auditbeat System] ECS", "type": "histogram" } }, - "id": "b1e2af00-2862-11e9-97cb-474beda9f119", + "id": "b1e2af00-2862-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T09:53:16.784Z", "version": 1 @@ -687,7 +687,7 @@ } } }, - "title": "Process Names [Auditbeat System]", + "title": "Process Names [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -737,11 +737,11 @@ }, "totalFunc": "sum" }, - "title": "Process Names [Auditbeat System]", + "title": "Process Names [Auditbeat System] ECS", "type": "table" } }, - "id": "f1d365a0-2862-11e9-97cb-474beda9f119", + "id": "f1d365a0-2862-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T09:56:33.249Z", "version": 2 @@ -786,7 +786,7 @@ } } }, - "title": "Process Users [Auditbeat System]", + "title": "Process Users [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -836,11 +836,11 @@ }, "totalFunc": "sum" }, - "title": "Process Users [Auditbeat System]", + "title": "Process Users [Auditbeat System] ECS", "type": "table" } }, - "id": "30936470-2863-11e9-97cb-474beda9f119", + "id": "30936470-2863-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T09:56:49.335Z", "version": 1 @@ -857,21 +857,21 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", "version": 3 @@ -904,7 +904,7 @@ "x": 0, "y": 4 }, - "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90", + "id": "bb0d1870-27f1-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0" @@ -918,7 +918,7 @@ "x": 11, "y": 4 }, - "id": "0db90830-27fd-11e9-89af-fd12d59dac90", + "id": "0db90830-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0" @@ -932,7 +932,7 @@ "x": 22, "y": 4 }, - "id": "b885dae0-27fd-11e9-89af-fd12d59dac90", + "id": "b885dae0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0" @@ -946,7 +946,7 @@ "x": 0, "y": 38 }, - "id": "0f9611b0-2862-11e9-97cb-474beda9f119", + "id": "0f9611b0-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "4", "type": "search", "version": "7.0.0" @@ -960,7 +960,7 @@ "x": 33, "y": 4 }, - "id": "91708fd0-2862-11e9-97cb-474beda9f119", + "id": "91708fd0-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0" @@ -974,7 +974,7 @@ "x": 0, "y": 29 }, - "id": "b1e2af00-2862-11e9-97cb-474beda9f119", + "id": "b1e2af00-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "6", "type": "visualization", "version": "7.0.0" @@ -988,7 +988,7 @@ "x": 0, "y": 14 }, - "id": "f1d365a0-2862-11e9-97cb-474beda9f119", + "id": "f1d365a0-2862-11e9-97cb-474beda9f119-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0" @@ -1002,7 +1002,7 @@ "x": 24, "y": 14 }, - "id": "30936470-2863-11e9-97cb-474beda9f119", + "id": "30936470-2863-11e9-97cb-474beda9f119-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0" @@ -1016,17 +1016,17 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Process Dashboard", + "title": "[Auditbeat System] Process Dashboard ECS", "version": 1 }, - "id": "4c68f110-2863-11e9-97cb-474beda9f119", + "id": "4c68f110-2863-11e9-97cb-474beda9f119-ecs", "type": "dashboard", "updated_at": "2019-02-04T10:13:58.155Z", "version": 2 diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json index 2ecb25fd7000..5e5453ac6e0d 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-socket-dashboard.json @@ -12,21 +12,21 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", "version": 3 @@ -71,7 +71,7 @@ } } }, - "title": "Socket Count [Auditbeat System]", + "title": "Socket Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -115,11 +115,11 @@ }, "type": "metric" }, - "title": "Socket Count [Auditbeat System]", + "title": "Socket Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:29:47.881Z", "version": 1 @@ -190,7 +190,7 @@ } } }, - "title": "Sockets Opened [Auditbeat System]", + "title": "Sockets Opened [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -233,11 +233,11 @@ }, "type": "metric" }, - "title": "Sockets Opened [Auditbeat System]", + "title": "Sockets Opened [Auditbeat System] ECS", "type": "metric" } }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:47:58.605Z", "version": 2 @@ -308,7 +308,7 @@ } } }, - "title": "Sockets Closed [Auditbeat System]", + "title": "Sockets Closed [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -351,11 +351,11 @@ }, "type": "metric" }, - "title": "Sockets Closed [Auditbeat System]", + "title": "Sockets Closed [Auditbeat System] ECS", "type": "metric" } }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:48:58.668Z", "version": 1 @@ -400,7 +400,7 @@ } } }, - "title": "Socket Types [Auditbeat System]", + "title": "Socket Types [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -442,11 +442,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Socket Types [Auditbeat System]", + "title": "Socket Types [Auditbeat System] ECS", "type": "pie" } }, - "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c", + "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:23:30.893Z", "version": 1 @@ -504,10 +504,10 @@ "@timestamp", "desc" ], - "title": "Socket Documents [Auditbeat System]", + "title": "Socket Documents [Auditbeat System] ECS", "version": 1 }, - "id": "3bfed610-2867-11e9-9d21-0be348776e6c", + "id": "3bfed610-2867-11e9-9d21-0be348776e6c-ecs", "type": "search", "updated_at": "2019-02-04T10:25:46.481Z", "version": 1 @@ -552,7 +552,7 @@ } } }, - "title": "Socket Document Histogram [Auditbeat System]", + "title": "Socket Document Histogram [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -649,11 +649,11 @@ } ] }, - "title": "Socket Document Histogram [Auditbeat System]", + "title": "Socket Document Histogram [Auditbeat System] ECS", "type": "histogram" } }, - "id": "536fa900-2867-11e9-9d21-0be348776e6c", + "id": "536fa900-2867-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:26:25.808Z", "version": 1 @@ -698,7 +698,7 @@ } } }, - "title": "Socket Users [Auditbeat System]", + "title": "Socket Users [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -747,11 +747,11 @@ }, "totalFunc": "sum" }, - "title": "Socket Users [Auditbeat System]", + "title": "Socket Users [Auditbeat System] ECS", "type": "table" } }, - "id": "78391460-2867-11e9-9d21-0be348776e6c", + "id": "78391460-2867-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:27:27.526Z", "version": 1 @@ -796,7 +796,7 @@ } } }, - "title": "Destination Ports [Auditbeat System]", + "title": "Destination Ports [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -845,11 +845,11 @@ }, "totalFunc": "sum" }, - "title": "Destination Ports [Auditbeat System]", + "title": "Destination Ports [Auditbeat System] ECS", "type": "table" } }, - "id": "1771daa0-286b-11e9-9d21-0be348776e6c", + "id": "1771daa0-286b-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:56:23.379Z", "version": 3 @@ -894,7 +894,7 @@ } } }, - "title": "Socket Source IPs [Auditbeat System]", + "title": "Socket Source IPs [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -943,11 +943,11 @@ }, "totalFunc": "sum" }, - "title": "Socket Source IPs [Auditbeat System]", + "title": "Socket Source IPs [Auditbeat System] ECS", "type": "table" } }, - "id": "b899a700-286b-11e9-9d21-0be348776e6c", + "id": "b899a700-286b-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:57:53.520Z", "version": 1 @@ -992,7 +992,7 @@ } } }, - "title": "Socket Destination IPs [Auditbeat System]", + "title": "Socket Destination IPs [Auditbeat System] ECS", "uiStateJSON": { "vis": { "params": { @@ -1041,11 +1041,11 @@ }, "totalFunc": "sum" }, - "title": "Socket Destination IPs [Auditbeat System]", + "title": "Socket Destination IPs [Auditbeat System] ECS", "type": "table" } }, - "id": "d32c0540-286b-11e9-9d21-0be348776e6c", + "id": "d32c0540-286b-11e9-9d21-0be348776e6c-ecs", "type": "visualization", "updated_at": "2019-02-04T10:58:38.100Z", "version": 1 @@ -1078,7 +1078,7 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0" @@ -1092,7 +1092,7 @@ "x": 0, "y": 4 }, - "id": "7323dd90-27f2-11e9-89af-fd12d59dac90", + "id": "7323dd90-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0" @@ -1106,7 +1106,7 @@ "x": 5, "y": 4 }, - "id": "295905e0-27fd-11e9-89af-fd12d59dac90", + "id": "295905e0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0" @@ -1120,7 +1120,7 @@ "x": 10, "y": 4 }, - "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90", + "id": "82d46ec0-27fd-11e9-89af-fd12d59dac90-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0" @@ -1134,7 +1134,7 @@ "x": 15, "y": 4 }, - "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c", + "id": "eb2dbfd0-2866-11e9-9d21-0be348776e6c-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0" @@ -1148,7 +1148,7 @@ "x": 0, "y": 23 }, - "id": "3bfed610-2867-11e9-9d21-0be348776e6c", + "id": "3bfed610-2867-11e9-9d21-0be348776e6c-ecs", "panelIndex": "6", "type": "search", "version": "7.0.0" @@ -1162,7 +1162,7 @@ "x": 0, "y": 15 }, - "id": "536fa900-2867-11e9-9d21-0be348776e6c", + "id": "536fa900-2867-11e9-9d21-0be348776e6c-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0" @@ -1176,7 +1176,7 @@ "x": 42, "y": 4 }, - "id": "78391460-2867-11e9-9d21-0be348776e6c", + "id": "78391460-2867-11e9-9d21-0be348776e6c-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0" @@ -1190,7 +1190,7 @@ "x": 36, "y": 4 }, - "id": "1771daa0-286b-11e9-9d21-0be348776e6c", + "id": "1771daa0-286b-11e9-9d21-0be348776e6c-ecs", "panelIndex": "9", "type": "visualization", "version": "7.0.0" @@ -1204,7 +1204,7 @@ "x": 24, "y": 4 }, - "id": "b899a700-286b-11e9-9d21-0be348776e6c", + "id": "b899a700-286b-11e9-9d21-0be348776e6c-ecs", "panelIndex": "10", "type": "visualization", "version": "7.0.0" @@ -1218,17 +1218,17 @@ "x": 30, "y": 4 }, - "id": "d32c0540-286b-11e9-9d21-0be348776e6c", + "id": "d32c0540-286b-11e9-9d21-0be348776e6c-ecs", "panelIndex": "11", "type": "visualization", "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] Socket Dashboard", + "title": "[Auditbeat System] Socket Dashboard ECS", "version": 1 }, - "id": "957a3ef0-2867-11e9-9d21-0be348776e6c", + "id": "957a3ef0-2867-11e9-9d21-0be348776e6c-ecs", "type": "dashboard", "updated_at": "2019-02-04T11:01:23.746Z", "version": 3 diff --git a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json index 47efcb20e9f3..b1da37ad0334 100644 --- a/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json +++ b/x-pack/auditbeat/module/system/_meta/kibana/7/dashboard/auditbeat-system-user-dashboard.json @@ -40,7 +40,7 @@ } } }, - "title": "User Count [Auditbeat System]", + "title": "User Count [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -84,11 +84,11 @@ }, "type": "metric" }, - "title": "User Count [Auditbeat System]", + "title": "User Count [Auditbeat System] ECS", "type": "metric" } }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T20:35:48.640Z", "version": 2 @@ -159,7 +159,7 @@ } } }, - "title": "User Changes [Auditbeat System]", + "title": "User Changes [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -202,11 +202,11 @@ }, "type": "metric" }, - "title": "User Changes [Auditbeat System]", + "title": "User Changes [Auditbeat System] ECS", "type": "metric" } }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-03T21:38:11.314Z", "version": 1 @@ -277,7 +277,7 @@ } } }, - "title": "User Change Actions [Auditbeat System]", + "title": "User Change Actions [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -319,11 +319,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "User Change Actions [Auditbeat System]", + "title": "User Change Actions [Auditbeat System] ECS", "type": "pie" } }, - "id": "dc514de0-2863-11e9-97cb-474beda9f119", + "id": "dc514de0-2863-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T10:01:37.470Z", "version": 1 @@ -368,7 +368,7 @@ } } }, - "title": "Password Types [Auditbeat System]", + "title": "Password Types [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -410,11 +410,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Password Types [Auditbeat System]", + "title": "Password Types [Auditbeat System] ECS", "type": "pie" } }, - "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119", + "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T10:02:57.420Z", "version": 1 @@ -459,7 +459,7 @@ } } }, - "title": "User Documents Histogram [Auditbeat System]", + "title": "User Documents Histogram [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -556,11 +556,11 @@ } ] }, - "title": "User Documents Histogram [Auditbeat System]", + "title": "User Documents Histogram [Auditbeat System] ECS", "type": "histogram" } }, - "id": "30f4eff0-2864-11e9-97cb-474beda9f119", + "id": "30f4eff0-2864-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T10:03:59.471Z", "version": 1 @@ -618,10 +618,10 @@ "@timestamp", "desc" ], - "title": "User Documents [Auditbeat System]", + "title": "User Documents [Auditbeat System] ECS", "version": 1 }, - "id": "658a3db0-2864-11e9-97cb-474beda9f119", + "id": "658a3db0-2864-11e9-97cb-474beda9f119-ecs", "type": "search", "updated_at": "2019-02-04T10:05:27.691Z", "version": 1 @@ -666,7 +666,7 @@ } } }, - "title": "User OS Distribution [Auditbeat System]", + "title": "User OS Distribution [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -727,11 +727,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "User OS Distribution [Auditbeat System]", + "title": "User OS Distribution [Auditbeat System] ECS", "type": "pie" } }, - "id": "7f480de0-2864-11e9-97cb-474beda9f119", + "id": "7f480de0-2864-11e9-97cb-474beda9f119-ecs", "type": "visualization", "updated_at": "2019-02-04T10:06:10.878Z", "version": 1 @@ -748,21 +748,21 @@ } } }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "uiStateJSON": {}, "version": 1, "visState": { "aggs": [], "params": { "fontSize": 12, - "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c)", + "markdown": "**Dashboards**: [System Overview](#/dashboard/2be46cb0-27f2-11e9-89af-fd12d59dac90-ecs) | [Hosts](#/dashboard/dfe62590-18da-11e9-9094-c50574723088-ecs) | [Logins](#/dashboard/2a17f200-285e-11e9-805f-43bf57dfa519-ecs) | [Users](#/dashboard/ae96a660-2864-11e9-97cb-474beda9f119-ecs) | [Processes](#/dashboard/4c68f110-2863-11e9-97cb-474beda9f119-ecs) | [Sockets](#/dashboard/957a3ef0-2867-11e9-9d21-0be348776e6c-ecs) | [Packages](#/dashboard/137c52f0-286a-11e9-9d21-0be348776e6c-ecs)", "openLinksInNewTab": false }, - "title": "Dashboard Links [Auditbeat System]", + "title": "Dashboard Links [Auditbeat System] ECS", "type": "markdown" } }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "type": "visualization", "updated_at": "2019-02-04T11:37:25.234Z", "version": 3 @@ -795,7 +795,7 @@ "x": 0, "y": 4 }, - "id": "e9225120-27f2-11e9-89af-fd12d59dac90", + "id": "e9225120-27f2-11e9-89af-fd12d59dac90-ecs", "panelIndex": "1", "type": "visualization", "version": "7.0.0" @@ -809,7 +809,7 @@ "x": 8, "y": 4 }, - "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90", + "id": "00fa0d20-27fc-11e9-89af-fd12d59dac90-ecs", "panelIndex": "2", "type": "visualization", "version": "7.0.0" @@ -823,7 +823,7 @@ "x": 26, "y": 4 }, - "id": "dc514de0-2863-11e9-97cb-474beda9f119", + "id": "dc514de0-2863-11e9-97cb-474beda9f119-ecs", "panelIndex": "3", "type": "visualization", "version": "7.0.0" @@ -837,7 +837,7 @@ "x": 37, "y": 4 }, - "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119", + "id": "0bf8b4c0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "4", "type": "visualization", "version": "7.0.0" @@ -851,7 +851,7 @@ "x": 0, "y": 14 }, - "id": "30f4eff0-2864-11e9-97cb-474beda9f119", + "id": "30f4eff0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "5", "type": "visualization", "version": "7.0.0" @@ -865,7 +865,7 @@ "x": 0, "y": 23 }, - "id": "658a3db0-2864-11e9-97cb-474beda9f119", + "id": "658a3db0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "6", "type": "search", "version": "7.0.0" @@ -879,7 +879,7 @@ "x": 16, "y": 4 }, - "id": "7f480de0-2864-11e9-97cb-474beda9f119", + "id": "7f480de0-2864-11e9-97cb-474beda9f119-ecs", "panelIndex": "7", "type": "visualization", "version": "7.0.0" @@ -893,17 +893,17 @@ "x": 0, "y": 0 }, - "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90", + "id": "4ccc5b50-27f6-11e9-89af-fd12d59dac90-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0" } ], "timeRestore": false, - "title": "[Auditbeat System] User Dashboard", + "title": "[Auditbeat System] User Dashboard ECS", "version": 1 }, - "id": "ae96a660-2864-11e9-97cb-474beda9f119", + "id": "ae96a660-2864-11e9-97cb-474beda9f119-ecs", "type": "dashboard", "updated_at": "2019-02-04T11:02:23.820Z", "version": 3 diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json index e10f783d7645..066c8f162211 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Events Timeline [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Events Timeline [Filebeat Iptables] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -111,11 +111,11 @@ } ] }, - "title": "Events Timeline [Filebeat Iptables]", + "title": "Events Timeline [Filebeat Iptables] ECS", "type": "area" } }, - "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb", + "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", "type": "visualization", "updated_at": "2019-01-23T20:56:04.891Z", "version": 1 @@ -132,8 +132,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Top Source Countries [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Top Source Countries [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -183,11 +183,11 @@ }, "totalFunc": "sum" }, - "title": "Top Source Countries [Filebeat Iptables]", + "title": "Top Source Countries [Filebeat Iptables] ECS", "type": "table" } }, - "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3", + "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -204,8 +204,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Source Map [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Source Map [Filebeat Iptables] ECS", "uiStateJSON": { "mapCenter": [ 45.02695045318546, @@ -269,11 +269,11 @@ } } }, - "title": "Source Map [Filebeat Iptables]", + "title": "Source Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3", + "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -290,8 +290,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Destination Map [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Destination Map [Filebeat Iptables] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -349,11 +349,11 @@ } } }, - "title": "Destination Map [Filebeat Iptables]", + "title": "Destination Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3", + "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -370,8 +370,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Network Type Breakdown [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Network Type Breakdown [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -417,11 +417,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Type Breakdown [Filebeat Iptables]", + "title": "Network Type Breakdown [Filebeat Iptables] ECS", "type": "pie" } }, - "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3", + "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -438,8 +438,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Network Transport Breakdown [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Network Transport Breakdown [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -485,11 +485,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Transport Breakdown [Filebeat Iptables]", + "title": "Network Transport Breakdown [Filebeat Iptables] ECS", "type": "pie" } }, - "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3", + "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -506,8 +506,8 @@ } } }, - "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", - "title": "Top Destination Ports [Filebeat Iptables]", + "savedSearchId": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", + "title": "Top Destination Ports [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -557,11 +557,11 @@ }, "totalFunc": "sum" }, - "title": "Top Destination Ports [Filebeat Iptables]", + "title": "Top Destination Ports [Filebeat Iptables] ECS", "type": "table" } }, - "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3", + "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", "type": "visualization", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -589,10 +589,10 @@ "@timestamp", "desc" ], - "title": "Events Search [Filebeat Iptables]", + "title": "Events Search [Filebeat Iptables] ECS", "version": 1 }, - "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", "type": "search", "updated_at": "2019-01-23T20:51:02.293Z", "version": 1 @@ -629,7 +629,7 @@ "x": 0, "y": 0 }, - "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb", + "id": "4c913eb0-1f51-11e9-93ed-f7e068f4aebb-ecs", "panelIndex": "1", "type": "visualization", "version": "6.6.0" @@ -643,7 +643,7 @@ "x": 37, "y": 0 }, - "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3", + "id": "2599f5e0-1e98-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "2", "type": "visualization", "version": "6.6.0" @@ -663,7 +663,7 @@ "x": 0, "y": 15 }, - "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3", + "id": "c4394ec0-1efd-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "3", "type": "visualization", "version": "6.6.0" @@ -683,7 +683,7 @@ "x": 24, "y": 15 }, - "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3", + "id": "d8cea010-1efd-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "4", "type": "visualization", "version": "6.6.0" @@ -697,7 +697,7 @@ "x": 0, "y": 30 }, - "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3", + "id": "b57b7370-1f1d-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "5", "type": "visualization", "version": "6.6.0" @@ -711,7 +711,7 @@ "x": 19, "y": 30 }, - "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3", + "id": "35fe0910-1f26-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "6", "type": "visualization", "version": "6.6.0" @@ -725,7 +725,7 @@ "x": 37, "y": 30 }, - "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3", + "id": "683402b0-1f29-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "7", "type": "visualization", "version": "6.6.0" @@ -739,17 +739,17 @@ "x": 0, "y": 45 }, - "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3", + "id": "b3f1b010-1f26-11e9-8ec4-cf5d91a864b3-ecs", "panelIndex": "8", "type": "search", "version": "6.6.0" } ], "timeRestore": false, - "title": "[Filebeat Iptables] Overview", + "title": "[Filebeat Iptables] Overview ECS", "version": 1 }, - "id": "ceefb9e0-1f51-11e9-93ed-f7e068f4aebb", + "id": "ceefb9e0-1f51-11e9-93ed-f7e068f4aebb-ecs", "type": "dashboard", "updated_at": "2019-01-23T20:59:43.614Z", "version": 1 diff --git a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json index 000a1bdcd931..94b0e96fab8f 100644 --- a/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json +++ b/x-pack/filebeat/module/iptables/_meta/kibana/7/dashboard/Filebeat-Iptables-Ubiquiti-Firewall-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables]", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "colors": { @@ -138,11 +138,11 @@ } ] }, - "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables]", + "title": "Ubiquiti Firewall Event Timeline [Filebeat Iptables] ECS", "type": "histogram" } }, - "id": "758b3620-1fda-11e9-ae2a-939083c6a64e", + "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:37:11.788Z", "version": 2 @@ -159,8 +159,8 @@ } } }, - "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables]", + "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -210,11 +210,11 @@ }, "totalFunc": "sum" }, - "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables]", + "title": "Ubiquiti Firewall Top Blocked IPs [Filebeat Iptables] ECS", "type": "table" } }, - "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e", + "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:06:20.635Z", "version": 2 @@ -231,8 +231,8 @@ } } }, - "savedSearchId": "7862cab0-1fdb-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables]", + "savedSearchId": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -290,11 +290,11 @@ } } }, - "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables]", + "title": "Ubiquiti Firewall Allowed Traffic Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e", + "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T15:04:34.005Z", "version": 1 @@ -311,8 +311,8 @@ } } }, - "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables]", + "savedSearchId": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables] ECS", "uiStateJSON": { "mapCenter": [ 19.228176737766262, @@ -376,11 +376,11 @@ } } }, - "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables]", + "title": "Ubiquiti Firewall Blocked Traffic Map [Filebeat Iptables] ECS", "type": "tile_map" } }, - "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e", + "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T15:50:31.689Z", "version": 2 @@ -397,8 +397,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables]", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "colors": { @@ -484,11 +484,11 @@ "legendPosition": "top", "type": "pie" }, - "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables]", + "title": "Ubiquiti Firewall Traffic Breakdown [Filebeat Iptables] ECS", "type": "pie" } }, - "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e", + "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:27:50.397Z", "version": 1 @@ -516,10 +516,10 @@ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Events [Filebeat Iptables]", + "title": "Ubiquiti Firewall Events [Filebeat Iptables] ECS", "version": 1 }, - "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", "type": "search", "updated_at": "2019-01-24T12:37:10.858Z", "version": 1 @@ -536,8 +536,8 @@ } } }, - "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", - "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables]", + "savedSearchId": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", + "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables] ECS", "uiStateJSON": { "vis": { "params": { @@ -605,11 +605,11 @@ }, "totalFunc": "sum" }, - "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables]", + "title": "Ubiquiti Firewall Traffic by Port [Filebeat Iptables] ECS", "type": "table" } }, - "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e", + "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", "type": "visualization", "updated_at": "2019-01-24T16:35:45.413Z", "version": 1 @@ -637,10 +637,10 @@ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Blocked Events [Filebeat Iptables]", + "title": "Ubiquiti Firewall Blocked Events [Filebeat Iptables] ECS", "version": 1 }, - "id": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e", + "id": "9f7d97c0-1fe9-11e9-ae2a-939083c6a64e-ecs", "type": "search", "updated_at": "2019-01-24T15:35:33.942Z", "version": 2 @@ -668,10 +668,10 @@ "@timestamp", "desc" ], - "title": "Ubiquiti Firewall Allowed Events [Filebeat Iptables]", + "title": "Ubiquiti Firewall Allowed Events [Filebeat Iptables] ECS", "version": 1 }, - "id": "7862cab0-1fdb-11e9-ae2a-939083c6a64e", + "id": "7862cab0-1fdb-11e9-ae2a-939083c6a64e-ecs", "type": "search", "updated_at": "2019-01-24T15:04:12.010Z", "version": 3 @@ -712,7 +712,7 @@ "x": 0, "y": 0 }, - "id": "758b3620-1fda-11e9-ae2a-939083c6a64e", + "id": "758b3620-1fda-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "1", "title": "Event Timeline", "type": "visualization", @@ -727,7 +727,7 @@ "x": 33, "y": 0 }, - "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e", + "id": "1ba82fd0-1ff0-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "2", "title": "Top Blocked by source IP", "type": "visualization", @@ -748,7 +748,7 @@ "x": 0, "y": 15 }, - "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e", + "id": "5bd53050-1fe9-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "3", "title": "Allowed Traffic Map", "type": "visualization", @@ -769,7 +769,7 @@ "x": 24, "y": 15 }, - "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e", + "id": "8853aa20-1fef-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "4", "title": "Blocked Traffic Map", "type": "visualization", @@ -797,7 +797,7 @@ "x": 0, "y": 30 }, - "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e", + "id": "fdea1ad0-1ff4-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "5", "title": "Traffic Breakdown by Protocol", "type": "visualization", @@ -812,7 +812,7 @@ "x": 0, "y": 48 }, - "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e", + "id": "c4e80aa0-1fd4-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "6", "title": "Event View", "type": "search", @@ -827,7 +827,7 @@ "x": 24, "y": 30 }, - "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e", + "id": "190bcb50-1ff6-11e9-ae2a-939083c6a64e-ecs", "panelIndex": "7", "title": "Traffic Breakdown by Port", "type": "visualization", @@ -835,10 +835,10 @@ } ], "timeRestore": false, - "title": "[Filebeat Iptables] Ubiquiti Firewall Overview", + "title": "[Filebeat Iptables] Ubiquiti Firewall Overview ECS", "version": 1 }, - "id": "d39f0980-1ff3-11e9-ae2a-939083c6a64e", + "id": "d39f0980-1ff3-11e9-ae2a-939083c6a64e-ecs", "type": "dashboard", "updated_at": "2019-01-24T16:38:35.174Z", "version": 4 diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json index e8d82f4dc4a8..be3bc3db964b 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Alert-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Top Alerting Hosts [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Top Alerting Hosts [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -123,11 +123,11 @@ } ] }, - "title": "Top Alerting Hosts [Suricata]", + "title": "Top Alerting Hosts [Suricata] ECS", "type": "histogram" } }, - "id": "494fa290-86d2-11e8-b59d-21efb914e65c", + "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -144,8 +144,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Top Alert Signatures [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Top Alert Signatures [Suricata] ECS", "uiStateJSON": { "vis": { "params": { @@ -212,11 +212,11 @@ }, "totalFunc": "sum" }, - "title": "Top Alert Signatures [Suricata]", + "title": "Top Alert Signatures [Suricata] ECS", "type": "table" } }, - "id": "16033310-86d3-11e8-b59d-21efb914e65c", + "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -304,10 +304,10 @@ "@timestamp", "desc" ], - "title": "Alerts [Suricata]", + "title": "Alerts [Suricata] ECS", "version": 1 }, - "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "type": "search", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -324,8 +324,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alert - Source Location [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alert - Source Location [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -395,11 +395,11 @@ ] } }, - "title": "Alert - Source Location [Suricata]", + "title": "Alert - Source Location [Suricata] ECS", "type": "tile_map" } }, - "id": "85fed080-86d7-11e8-b59d-21efb914e65c", + "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -416,8 +416,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alert - Destination Location [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alert - Destination Location [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -487,11 +487,11 @@ ] } }, - "title": "Alert - Destination Location [Suricata]", + "title": "Alert - Destination Location [Suricata] ECS", "type": "tile_map" } }, - "id": "a09ca070-86d7-11e8-b59d-21efb914e65c", + "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -508,8 +508,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alerts - Top Destination Countries [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alerts - Top Destination Countries [Suricata] ECS", "uiStateJSON": { "vis": { "params": { @@ -559,11 +559,11 @@ }, "totalFunc": "sum" }, - "title": "Alerts - Top Destination Countries [Suricata]", + "title": "Alerts - Top Destination Countries [Suricata] ECS", "type": "table" } }, - "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c", + "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -580,8 +580,8 @@ } } }, - "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", - "title": "Alerts - Top Source Countries [Suricata]", + "savedSearchId": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", + "title": "Alerts - Top Source Countries [Suricata] ECS", "uiStateJSON": { "vis": { "params": { @@ -631,11 +631,11 @@ }, "totalFunc": "sum" }, - "title": "Alerts - Top Source Countries [Suricata]", + "title": "Alerts - Top Source Countries [Suricata] ECS", "type": "table" } }, - "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c", + "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 @@ -670,7 +670,7 @@ "x": 0, "y": 0 }, - "id": "494fa290-86d2-11e8-b59d-21efb914e65c", + "id": "494fa290-86d2-11e8-b59d-21efb914e65c-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -684,7 +684,7 @@ "x": 23, "y": 0 }, - "id": "16033310-86d3-11e8-b59d-21efb914e65c", + "id": "16033310-86d3-11e8-b59d-21efb914e65c-ecs", "panelIndex": "2", "type": "visualization", "version": "6.3.0" @@ -698,7 +698,7 @@ "x": 0, "y": 37 }, - "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c", + "id": "1c2bcec0-86d1-11e8-b59d-21efb914e65c-ecs", "panelIndex": "3", "type": "search", "version": "6.3.0" @@ -718,7 +718,7 @@ "x": 0, "y": 22 }, - "id": "85fed080-86d7-11e8-b59d-21efb914e65c", + "id": "85fed080-86d7-11e8-b59d-21efb914e65c-ecs", "panelIndex": "4", "type": "visualization", "version": "6.3.0" @@ -738,7 +738,7 @@ "x": 23, "y": 22 }, - "id": "a09ca070-86d7-11e8-b59d-21efb914e65c", + "id": "a09ca070-86d7-11e8-b59d-21efb914e65c-ecs", "panelIndex": "5", "type": "visualization", "version": "6.3.0" @@ -752,7 +752,7 @@ "x": 11, "y": 10 }, - "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c", + "id": "2ccdc1a0-86d8-11e8-b59d-21efb914e65c-ecs", "panelIndex": "7", "type": "visualization", "version": "6.3.0" @@ -766,17 +766,17 @@ "x": 0, "y": 10 }, - "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c", + "id": "c7b8b8f0-86d8-11e8-b59d-21efb914e65c-ecs", "panelIndex": "8", "type": "visualization", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Suricata] Alert Overview", + "title": "[Suricata] Alert Overview ECS", "version": 1 }, - "id": "05268ee0-86d1-11e8-b59d-21efb914e65c", + "id": "05268ee0-86d1-11e8-b59d-21efb914e65c-ecs", "type": "dashboard", "updated_at": "2018-11-07T22:56:23.933Z", "version": 1 diff --git a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json index 6170c3a1a8db..d80d29f4aebf 100644 --- a/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json +++ b/x-pack/filebeat/module/suricata/_meta/kibana/7/dashboard/Filebeat-Suricata-Overview.json @@ -12,8 +12,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Activity Types over Time [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Activity Types over Time [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -123,11 +123,11 @@ } ] }, - "title": "Activity Types over Time [Suricata]", + "title": "Activity Types over Time [Suricata] ECS", "type": "histogram" } }, - "id": "c7d46c60-86da-11e8-b59d-21efb914e65c", + "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -144,8 +144,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Event Types [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Event Types [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -187,11 +187,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Event Types [Suricata]", + "title": "Event Types [Suricata] ECS", "type": "pie" } }, - "id": "0a0aa630-86db-11e8-b59d-21efb914e65c", + "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -208,8 +208,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Application Protocols [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Application Protocols [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -251,11 +251,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Top Application Protocols [Suricata]", + "title": "Top Application Protocols [Suricata] ECS", "type": "pie" } }, - "id": "728f64c0-86db-11e8-b59d-21efb914e65c", + "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -272,8 +272,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Hosts Generating Events [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Hosts Generating Events [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -383,11 +383,11 @@ } ] }, - "title": "Top Hosts Generating Events [Suricata]", + "title": "Top Hosts Generating Events [Suricata] ECS", "type": "histogram" } }, - "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c", + "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -477,10 +477,10 @@ "@timestamp", "desc" ], - "title": "Events [Suricata]", + "title": "Events [Suricata] ECS", "version": 1 }, - "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "type": "search", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -497,8 +497,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Connection Source Countries [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Connection Source Countries [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -535,11 +535,11 @@ "scale": "linear", "showLabel": true }, - "title": "Top Connection Source Countries [Suricata]", + "title": "Top Connection Source Countries [Suricata] ECS", "type": "tagcloud" } }, - "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c", + "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -556,8 +556,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Connection Destination Countries [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Connection Destination Countries [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -594,11 +594,11 @@ "scale": "linear", "showLabel": true }, - "title": "Top Connection Destination Countries [Suricata]", + "title": "Top Connection Destination Countries [Suricata] ECS", "type": "tagcloud" } }, - "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c", + "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -615,8 +615,8 @@ } } }, - "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c", - "title": "Top Network Protocols [Suricata]", + "savedSearchId": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", + "title": "Top Network Protocols [Suricata] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -658,11 +658,11 @@ "legendPosition": "bottom", "type": "pie" }, - "title": "Top Network Protocols [Suricata]", + "title": "Top Network Protocols [Suricata] ECS", "type": "pie" } }, - "id": "0a363820-86dd-11e8-b59d-21efb914e65c", + "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", "type": "visualization", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -749,10 +749,10 @@ "@timestamp", "desc" ], - "title": "Host Stats [Suricata]", + "title": "Host Stats [Suricata] ECS", "version": 1 }, - "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c", + "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", "type": "search", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 @@ -787,7 +787,7 @@ "x": 0, "y": 0 }, - "id": "c7d46c60-86da-11e8-b59d-21efb914e65c", + "id": "c7d46c60-86da-11e8-b59d-21efb914e65c-ecs", "panelIndex": "1", "type": "visualization", "version": "6.3.0" @@ -801,7 +801,7 @@ "x": 0, "y": 20 }, - "id": "0a0aa630-86db-11e8-b59d-21efb914e65c", + "id": "0a0aa630-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "2", "type": "visualization", "version": "6.3.0" @@ -815,7 +815,7 @@ "x": 19, "y": 20 }, - "id": "728f64c0-86db-11e8-b59d-21efb914e65c", + "id": "728f64c0-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "3", "type": "visualization", "version": "6.3.0" @@ -829,7 +829,7 @@ "x": 0, "y": 10 }, - "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c", + "id": "9d5b5b50-86db-11e8-b59d-21efb914e65c-ecs", "panelIndex": "4", "type": "visualization", "version": "6.3.0" @@ -843,7 +843,7 @@ "x": 0, "y": 34 }, - "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c", + "id": "13dd22f0-86cc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "5", "type": "search", "version": "6.3.0" @@ -857,7 +857,7 @@ "x": 30, "y": 20 }, - "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c", + "id": "5f99eb50-86dc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "6", "type": "visualization", "version": "6.3.0" @@ -871,7 +871,7 @@ "x": 39, "y": 20 }, - "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c", + "id": "8e7f88d0-86dc-11e8-b59d-21efb914e65c-ecs", "panelIndex": "7", "type": "visualization", "version": "6.3.0" @@ -885,7 +885,7 @@ "x": 9, "y": 20 }, - "id": "0a363820-86dd-11e8-b59d-21efb914e65c", + "id": "0a363820-86dd-11e8-b59d-21efb914e65c-ecs", "panelIndex": "8", "type": "visualization", "version": "6.3.0" @@ -899,17 +899,17 @@ "x": 0, "y": 53 }, - "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c", + "id": "d57a2db0-86ca-11e8-b59d-21efb914e65c-ecs", "panelIndex": "9", "type": "search", "version": "6.3.0" } ], "timeRestore": false, - "title": "[Suricata] Events Overview", + "title": "[Suricata] Events Overview ECS", "version": 1 }, - "id": "78289c40-86da-11e8-b59d-21efb914e65c", + "id": "78289c40-86da-11e8-b59d-21efb914e65c-ecs", "type": "dashboard", "updated_at": "2018-11-07T22:56:24.962Z", "version": 1 diff --git a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json index 598b17a56fd3..5fd7816eb982 100644 --- a/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json +++ b/x-pack/filebeat/module/zeek/_meta/kibana/7/dashboard/Filebeat-Zeek-Overview.json @@ -13,7 +13,7 @@ } } }, - "title": "Destination Geo [SIEM Zeek]", + "title": "Destination Geo [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -72,11 +72,11 @@ } } }, - "title": "Destination Geo [SIEM Zeek]", + "title": "Destination Geo [SIEM Zeek] ECS", "type": "tile_map" } }, - "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8", + "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:27:37.758Z", "version": 1 @@ -94,7 +94,7 @@ } } }, - "title": "Network Transport [SIEM Zeek]", + "title": "Network Transport [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -136,11 +136,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Transport [SIEM Zeek]", + "title": "Network Transport [SIEM Zeek] ECS", "type": "pie" } }, - "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8", + "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:30:28.271Z", "version": 1 @@ -158,7 +158,7 @@ } } }, - "title": "Network Application [SIEM Zeek]", + "title": "Network Application [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -200,11 +200,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Application [SIEM Zeek]", + "title": "Network Application [SIEM Zeek] ECS", "type": "pie" } }, - "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8", + "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:31:43.959Z", "version": 1 @@ -222,7 +222,7 @@ } } }, - "title": "Network Traffic Direction [SIEM Zeek]", + "title": "Network Traffic Direction [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -264,11 +264,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Network Traffic Direction [SIEM Zeek]", + "title": "Network Traffic Direction [SIEM Zeek] ECS", "type": "pie" } }, - "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8", + "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:32:46.436Z", "version": 1 @@ -286,7 +286,7 @@ } } }, - "title": "Top DNS Domains [SIEM Zeek]", + "title": "Top DNS Domains [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -328,11 +328,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top DNS Domains [SIEM Zeek]", + "title": "Top DNS Domains [SIEM Zeek] ECS", "type": "pie" } }, - "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8", + "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:51:30.288Z", "version": 1 @@ -350,7 +350,7 @@ } } }, - "title": "Top URL Domain [SIEM Zeek]", + "title": "Top URL Domain [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -392,11 +392,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top URL Domain [SIEM Zeek]", + "title": "Top URL Domain [SIEM Zeek] ECS", "type": "pie" } }, - "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8", + "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:53:10.300Z", "version": 1 @@ -414,7 +414,7 @@ } } }, - "title": "Top SSL Server [SIEM Zeek]", + "title": "Top SSL Server [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -456,11 +456,11 @@ "legendPosition": "right", "type": "pie" }, - "title": "Top SSL Server [SIEM Zeek]", + "title": "Top SSL Server [SIEM Zeek] ECS", "type": "pie" } }, - "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8", + "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", "type": "visualization", "updated_at": "2019-01-17T07:54:11.067Z", "version": 1 @@ -477,7 +477,7 @@ } } }, - "title": "Time Series Count [SIEM Zeek]", + "title": "Time Series Count [SIEM Zeek] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -534,11 +534,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Time Series Count [SIEM Zeek]", + "title": "Time Series Count [SIEM Zeek] ECS", "type": "metrics" } }, - "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25", + "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", "type": "visualization", "updated_at": "2019-01-17T07:56:26.486Z", "version": 74 @@ -577,7 +577,7 @@ "x": 0, "y": 0 }, - "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8", + "id": "5d95a3e0-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "1", "type": "visualization", "version": "6.5.4" @@ -595,7 +595,7 @@ "x": 0, "y": 18 }, - "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8", + "id": "c337dbf0-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "2", "type": "visualization", "version": "6.5.4" @@ -613,7 +613,7 @@ "x": 16, "y": 18 }, - "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8", + "id": "f054ee70-1a29-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "3", "type": "visualization", "version": "6.5.4" @@ -631,7 +631,7 @@ "x": 33, "y": 18 }, - "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8", + "id": "15922a40-1a2a-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "4", "type": "visualization", "version": "6.5.4" @@ -645,7 +645,7 @@ "x": 0, "y": 28 }, - "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8", + "id": "b3705f00-1a2c-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "5", "type": "visualization", "version": "6.5.4" @@ -659,7 +659,7 @@ "x": 16, "y": 28 }, - "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8", + "id": "ef0cfdc0-1a2c-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "6", "type": "visualization", "version": "6.5.4" @@ -673,7 +673,7 @@ "x": 33, "y": 28 }, - "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8", + "id": "13454cb0-1a2d-11e9-84b1-a12c578fa9e8-ecs", "panelIndex": "7", "type": "visualization", "version": "6.5.4" @@ -687,17 +687,17 @@ "x": 0, "y": 39 }, - "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25", + "id": "fad258c0-1078-11e9-b27a-69e6e8b80a25-ecs", "panelIndex": "8", "type": "visualization", "version": "6.5.4" } ], "timeRestore": false, - "title": "Zeek Overview Dashboard [SIEM]", + "title": "Zeek Overview Dashboard [SIEM] ECS", "version": 1 }, - "id": "87b0c430-1a2d-11e9-84b1-a12c578fa9e8", + "id": "87b0c430-1a2d-11e9-84b1-a12c578fa9e8-ecs", "type": "dashboard", "updated_at": "2019-01-17T07:57:50.613Z", "version": 2 diff --git a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json index 28396b84e0dc..960ee7cdebd4 100644 --- a/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json +++ b/x-pack/metricbeat/module/aws/_meta/kibana/7/dashboard/Metricbeat-aws-ec2-overview.json @@ -12,7 +12,7 @@ } } }, - "title": "AWS EC2 DiskIO Write Bytes", + "title": "AWS EC2 DiskIO Write Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -44,7 +44,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 DiskIO Write Bytes", + "label": "AWS EC2 DiskIO Write Bytes ECS", "line_width": 1, "metrics": [ { @@ -70,11 +70,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 DiskIO Write Bytes", + "title": "AWS EC2 DiskIO Write Bytes ECS", "type": "metrics" } }, - "id": "fed59380-f7f8-11e8-af03-c999c9dea608", + "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:15:43.416Z", "version": 1 @@ -91,7 +91,7 @@ } } }, - "title": "AWS EC2 Status Check Failed", + "title": "AWS EC2 Status Check Failed ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -151,11 +151,11 @@ "time_field": "@timestamp", "type": "metric" }, - "title": "AWS EC2 Status Check Failed", + "title": "AWS EC2 Status Check Failed ECS", "type": "metrics" } }, - "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608", + "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:13:01.875Z", "version": 1 @@ -172,7 +172,7 @@ } } }, - "title": "AWS EC2 Network In Bytes", + "title": "AWS EC2 Network In Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -204,7 +204,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 Network In Bytes", + "label": "AWS EC2 Network In Bytes ECS", "line_width": 1, "metrics": [ { @@ -230,11 +230,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 Network In Bytes", + "title": "AWS EC2 Network In Bytes ECS", "type": "metrics" } }, - "id": "15818fd0-f7f9-11e8-af03-c999c9dea608", + "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:16:21.453Z", "version": 1 @@ -251,7 +251,7 @@ } } }, - "title": "AWS EC2 Network Out Bytes", + "title": "AWS EC2 Network Out Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -283,7 +283,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 Network Out Bytes", + "label": "AWS EC2 Network Out Bytes ECS", "line_width": 1, "metrics": [ { @@ -309,11 +309,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 Network Out Bytes", + "title": "AWS EC2 Network Out Bytes ECS", "type": "metrics" } }, - "id": "233b3400-f7f9-11e8-af03-c999c9dea608", + "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:16:44.480Z", "version": 1 @@ -330,7 +330,7 @@ } } }, - "title": "AWS EC2 DiskIO Read Bytes", + "title": "AWS EC2 DiskIO Read Bytes ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -362,7 +362,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 DiskIO Read Bytes", + "label": "AWS EC2 DiskIO Read Bytes ECS", "line_width": 1, "metrics": [ { @@ -388,11 +388,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 DiskIO Read Bytes", + "title": "AWS EC2 DiskIO Read Bytes ECS", "type": "metrics" } }, - "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608", + "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:15:21.644Z", "version": 1 @@ -409,7 +409,7 @@ } } }, - "title": "AWS EC2 CPU Utilization", + "title": "AWS EC2 CPU Utilization ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -441,7 +441,7 @@ "filter": "", "formatter": "number", "id": "61ca57f1-469d-11e7-af02-69e470af7417", - "label": "AWS EC2 CPU Utilization", + "label": "AWS EC2 CPU Utilization ECS", "line_width": 1, "metrics": [ { @@ -467,11 +467,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "AWS EC2 CPU Utilization", + "title": "AWS EC2 CPU Utilization ECS", "type": "metrics" } }, - "id": "be8828d0-f7f6-11e8-af03-c999c9dea608", + "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", "type": "visualization", "updated_at": "2018-12-04T19:14:42.745Z", "version": 4 @@ -504,7 +504,7 @@ "x": 24, "y": 15 }, - "id": "fed59380-f7f8-11e8-af03-c999c9dea608", + "id": "fed59380-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "3", "type": "visualization", "version": "6.5.0" @@ -518,7 +518,7 @@ "x": 36, "y": 0 }, - "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608", + "id": "9e8c6030-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "5", "type": "visualization", "version": "6.5.0" @@ -532,7 +532,7 @@ "x": 0, "y": 30 }, - "id": "15818fd0-f7f9-11e8-af03-c999c9dea608", + "id": "15818fd0-f7f9-11e8-af03-c999c9dea608-ecs", "panelIndex": "11", "type": "visualization", "version": "6.5.0" @@ -546,7 +546,7 @@ "x": 24, "y": 30 }, - "id": "233b3400-f7f9-11e8-af03-c999c9dea608", + "id": "233b3400-f7f9-11e8-af03-c999c9dea608-ecs", "panelIndex": "12", "type": "visualization", "version": "6.5.0" @@ -560,7 +560,7 @@ "x": 0, "y": 15 }, - "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608", + "id": "f1db6ec0-f7f8-11e8-af03-c999c9dea608-ecs", "panelIndex": "15", "type": "visualization", "version": "6.5.0" @@ -574,17 +574,17 @@ "x": 0, "y": 0 }, - "id": "be8828d0-f7f6-11e8-af03-c999c9dea608", + "id": "be8828d0-f7f6-11e8-af03-c999c9dea608-ecs", "panelIndex": "17", "type": "visualization", "version": "6.5.0" } ], "timeRestore": false, - "title": "[Metricbeat AWS] EC2 Overview", + "title": "[Metricbeat AWS] EC2 Overview ECS", "version": 1 }, - "id": "c5846400-f7fb-11e8-af03-c999c9dea608", + "id": "c5846400-f7fb-11e8-af03-c999c9dea608-ecs", "type": "dashboard", "updated_at": "2018-12-04T19:35:35.744Z", "version": 1 diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json index b7aa409efc69..b65a2604be40 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-performance.json @@ -13,7 +13,7 @@ } } }, - "title": "User Connections [Metricbeat MSSQL]", + "title": "User Connections [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -119,11 +119,11 @@ } ] }, - "title": "User Connections [Metricbeat MSSQL]", + "title": "User Connections [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "7784db10-18ba-11e9-9836-f37dedd3b411", + "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:43.827Z", "version": 8 @@ -141,7 +141,7 @@ } } }, - "title": "Transactions [Metricbeat MSSQL]", + "title": "Transactions [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -247,11 +247,11 @@ } ] }, - "title": "Transactions [Metricbeat MSSQL]", + "title": "Transactions [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "910f3f30-18ba-11e9-9836-f37dedd3b411", + "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:34.757Z", "version": 8 @@ -269,7 +269,7 @@ } } }, - "title": "Lock Waits/sec [Metricbeat MSSQL]", + "title": "Lock Waits/sec [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -375,11 +375,11 @@ } ] }, - "title": "Lock Waits/sec [Metricbeat MSSQL]", + "title": "Lock Waits/sec [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411", + "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:24.139Z", "version": 7 @@ -397,7 +397,7 @@ } } }, - "title": "Batch Requests/sec [Metricbeat MSSQL]", + "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -508,11 +508,11 @@ } ] }, - "title": "Batch Requests/sec [Metricbeat MSSQL]", + "title": "Batch Requests/sec [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "b29a2160-18ba-11e9-9836-f37dedd3b411", + "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", "type": "visualization", "updated_at": "2019-01-22T13:03:10.853Z", "version": 9 @@ -530,7 +530,7 @@ } } }, - "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL]", + "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL] ECS", "uiStateJSON": { "vis": { "legendOpen": false @@ -639,11 +639,11 @@ } ] }, - "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL]", + "title": "Buffer Cache Hit Ratio [Metricbeat MSSQL] ECS", "type": "line" } }, - "id": "2e795230-1b2a-11e9-8b36-136038bb307a", + "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", "type": "visualization", "updated_at": "2019-01-22T13:04:16.184Z", "version": 8 @@ -680,7 +680,7 @@ "x": 0, "y": 0 }, - "id": "7784db10-18ba-11e9-9836-f37dedd3b411", + "id": "7784db10-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "1", "title": "User Connections", "type": "visualization", @@ -699,7 +699,7 @@ "x": 16, "y": 15 }, - "id": "910f3f30-18ba-11e9-9836-f37dedd3b411", + "id": "910f3f30-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "2", "title": "Transactions", "type": "visualization", @@ -718,7 +718,7 @@ "x": 32, "y": 0 }, - "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411", + "id": "5bd5c230-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "3", "title": "Lock Waits/sec", "type": "visualization", @@ -737,7 +737,7 @@ "x": 16, "y": 0 }, - "id": "b29a2160-18ba-11e9-9836-f37dedd3b411", + "id": "b29a2160-18ba-11e9-9836-f37dedd3b411-ecs", "panelIndex": "4", "title": "Batch Requests/sec", "type": "visualization", @@ -752,7 +752,7 @@ "x": 0, "y": 15 }, - "id": "2e795230-1b2a-11e9-8b36-136038bb307a", + "id": "2e795230-1b2a-11e9-8b36-136038bb307a-ecs", "panelIndex": "5", "title": "Buffer Cache Hit Ratio", "type": "visualization", @@ -760,10 +760,10 @@ } ], "timeRestore": false, - "title": "[Metricbeat MSSQL] Performance", + "title": "[Metricbeat MSSQL] Performance ECS", "version": 1 }, - "id": "a2ead240-18bb-11e9-9836-f37dedd3b411", + "id": "a2ead240-18bb-11e9-9836-f37dedd3b411-ecs", "type": "dashboard", "updated_at": "2019-01-22T12:55:59.857Z", "version": 11 diff --git a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json index 8573af8504e3..d99542201283 100644 --- a/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json +++ b/x-pack/metricbeat/module/mssql/_meta/kibana/7/dashboard/Metricbeat-mssql-transaction_log.json @@ -12,7 +12,7 @@ } } }, - "title": "Recovery size of transaction log [Metricbeat MSSQL]", + "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -59,11 +59,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Recovery size of transaction log [Metricbeat MSSQL]", + "title": "Recovery size of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -83,7 +83,7 @@ } } }, - "title": "Transaction log size since last checkpoint [Metricbeat MSSQL]", + "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -124,11 +124,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Transaction log size since last checkpoint [Metricbeat MSSQL]", + "title": "Transaction log size since last checkpoint [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b", + "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -148,7 +148,7 @@ } } }, - "title": "Percentage of used space of transaction log [Metricbeat MSSQL]", + "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -189,11 +189,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Percentage of used space of transaction log [Metricbeat MSSQL]", + "title": "Percentage of used space of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -213,7 +213,7 @@ } } }, - "title": "Log space size since last backup [Metricbeat MSSQL]", + "title": "Log space size since last backup [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -254,11 +254,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Log space size since last backup [Metricbeat MSSQL]", + "title": "Log space size since last backup [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b", + "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -278,7 +278,7 @@ } } }, - "title": "Active size of transaction log [Metricbeat MSSQL]", + "title": "Active size of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -319,11 +319,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Active size of transaction log [Metricbeat MSSQL]", + "title": "Active size of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -343,7 +343,7 @@ } } }, - "title": "Used space of transaction log [Metricbeat MSSQL]", + "title": "Used space of transaction log [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -384,11 +384,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Used space of transaction log [Metricbeat MSSQL]", + "title": "Used space of transaction log [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -408,7 +408,7 @@ } } }, - "title": "Total log space usage [Metricbeat MSSQL]", + "title": "Total log space usage [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -449,11 +449,11 @@ "time_field": "@timestamp", "type": "timeseries" }, - "title": "Total log space usage [Metricbeat MSSQL]", + "title": "Total log space usage [Metricbeat MSSQL] ECS", "type": "metrics" } }, - "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b", + "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -473,7 +473,7 @@ } } }, - "title": "Database selector [Metricbeat MSSQL]", + "title": "Database selector [Metricbeat MSSQL] ECS", "uiStateJSON": {}, "version": 1, "visState": { @@ -500,11 +500,11 @@ "updateFiltersOnChange": false, "useTimeFilter": false }, - "title": "Database selector [Metricbeat MSSQL]", + "title": "Database selector [Metricbeat MSSQL] ECS", "type": "input_control_vis" } }, - "id": "82bf9480-260b-11e9-a46a-471d2a76b305", + "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", "migrationVersion": { "visualization": "7.0.0" }, @@ -540,7 +540,7 @@ "x": 0, "y": 12 }, - "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "e9654a40-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "1", "title": "Recovery size of transaction log", "type": "visualization", @@ -555,7 +555,7 @@ "x": 24, "y": 24 }, - "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b", + "id": "1757d530-1fb3-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "2", "title": "Transaction log size since last checkpoint", "type": "visualization", @@ -570,7 +570,7 @@ "x": 30, "y": 0 }, - "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "a55bb000-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "3", "title": "Percentage of used space of transaction log", "type": "visualization", @@ -585,7 +585,7 @@ "x": 0, "y": 37 }, - "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b", + "id": "edb7a0c0-1f2b-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "4", "title": "Log space size since last backup", "type": "visualization", @@ -600,7 +600,7 @@ "x": 0, "y": 24 }, - "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "c9ead180-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "5", "title": "Active size of transaction log", "type": "visualization", @@ -615,7 +615,7 @@ "x": 24, "y": 12 }, - "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b", + "id": "68fa61b0-1fb2-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "6", "title": "Used space of transaction log", "type": "visualization", @@ -630,7 +630,7 @@ "x": 12, "y": 0 }, - "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b", + "id": "6710ff20-1f2c-11e9-8a4d-eb34d2834f6b-ecs", "panelIndex": "7", "title": "Total log space usage", "type": "visualization", @@ -645,17 +645,17 @@ "x": 0, "y": 0 }, - "id": "82bf9480-260b-11e9-a46a-471d2a76b305", + "id": "82bf9480-260b-11e9-a46a-471d2a76b305-ecs", "panelIndex": "8", "type": "visualization", "version": "7.0.0-SNAPSHOT" } ], "timeRestore": false, - "title": "[Metricbeat MSSQL] Transaction log", + "title": "[Metricbeat MSSQL] Transaction log ECS", "version": 1 }, - "id": "18d66970-1fb4-11e9-8a4d-eb34d2834f6b", + "id": "18d66970-1fb4-11e9-8a4d-eb34d2834f6b-ecs", "type": "dashboard", "updated_at": "2019-02-01T10:39:36.585Z", "version": 3