Skip to content

Commit

Permalink
create visualization of events decoded summary
Browse files Browse the repository at this point in the history
  • Loading branch information
@chantal-kelm
chantal-kelm committed Jul 21, 2023
1 parent 9fa4d40 commit cce97bd
Showing 1 changed file with 250 additions and 6 deletions.
256 changes: 250 additions & 6 deletions plugins/main/server/integration-files/visualizations/cluster/statistics.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -676,14 +676,258 @@ export default [
_source: {
title: 'Wazuh App Statistics Overview events decoded',
visState: JSON.stringify({
title: 'Wazuh App Statistics Overview events decode',
type: 'timelion',
title: 'Wazuh App Statistics Overview events decoded',
type: 'line',
aggs: [
{
id: '1',
enabled: false,
type: 'count',
params: {
customLabel: 'Count',
},
schema: 'metric',
},
{
id: '2',
enabled: true,
type: 'date_histogram',
params: {
field: 'timestamp',
timeRange: {
from: 'now-30m',
to: 'now',
},
useNormalizedOpenSearchInterval: true,
scaleMetricValues: false,
interval: 'auto',
drop_partials: false,
min_doc_count: 1,
extended_bounds: {},
},
schema: 'segment',
},
{
id: '3',
enabled: true,
type: 'avg',
params: {
field: 'analysisd.syscheck_events_decoded',
customLabel: ' Syscheck Events Decoded',
},
schema: 'metric',
},
{
id: '4',
enabled: true,
type: 'avg',
params: {
field: 'analysisd.syscollector_events_decoded',
customLabel: 'Syscollector Events Decoded',
},
schema: 'metric',
},
{
id: '5',
enabled: true,
type: 'avg',
params: {
field: 'analysisd.rootcheck_events_decoded',
customLabel: 'Rootcheck Events Decoded',
},
schema: 'metric',
},
{
id: '6',
enabled: true,
type: 'avg',
params: {
field: 'analysisd.sca_events_decoded',
customLabel: 'SCA Events Decoded',
},
schema: 'metric',
},
{
id: '7',
enabled: true,
type: 'avg',
params: {
field: 'analysisd.other_events_decoded',
customLabel: 'Other Events Decoded',
},
schema: 'metric',
},
{
id: '8',
enabled: true,
type: 'avg',
params: {
field: 'analysisd.hostinfo_events_decoded',
customLabel: 'Host Info Events Decoded',
},
schema: 'metric',
},
],
params: {
expression:
".es(index=wazuh-statistics-*, timefield=timestamp,metric=avg:analysisd.syscheck_events_decoded, q='*').label('Syscheck Events Decoded').bars(stack=true), .es(index=wazuh-statistics-*, timefield=timestamp,metric=avg:analysisd.syscheck, q='*').label('Syscollector Events Decoded').bars(stack=true), .es(index=wazuh-statistics-*, timefield=timestamp,metric=avg:analysisd.rootcheck_events_decoded, q='*').label('Rootcheck Events Decoded').bars(stack=true), .es(index=wazuh-statistics-*, timefield=timestamp,metric=avg:analysisd.sca_events_decoded, q='*').label('SCA Events Decoded').bars(stack=true), .es(index=wazuh-statistics-*, timefield=timestamp,metric=avg:analysisd.other_events_decoded, q='*').label('Other Events Decoded').bars(stack=true), .es(index=wazuh-statistics-*, timefield=timestamp,metric=avg:analysisd.hostinfo_events_decoded, q='*').label('Host Info Events Decoded').bars(stack=true)",
interval: '5m',
type: 'line',
grid: {
categoryLines: true,
},
categoryAxes: [
{
id: 'CategoryAxis-1',
type: 'category',
position: 'bottom',
show: true,
style: {},
scale: {
type: 'linear',
},
labels: {
show: true,
filter: true,
truncate: 100,
},
title: {},
},
],
valueAxes: [
{
id: 'ValueAxis-1',
name: 'LeftAxis-1',
type: 'value',
position: 'left',
show: true,
style: {},
scale: {
type: 'linear',
mode: 'normal',
},
labels: {
show: true,
rotate: 0,
filter: false,
truncate: 100,
},
title: {
text: 'Count',
},
},
],
seriesParams: [
{
show: true,
type: 'line',
mode: 'normal',
data: {
label: 'Count',
id: '1',
},
valueAxis: 'ValueAxis-1',
drawLinesBetweenPoints: true,
lineWidth: 2,
interpolate: 'linear',
showCircles: true,
},
{
show: true,
type: 'line',
mode: 'normal',
data: {
id: '3',
label: ' Syscheck Events Decoded',
},
valueAxis: 'ValueAxis-1',
drawLinesBetweenPoints: true,
lineWidth: 2,
interpolate: 'linear',
showCircles: true,
},
{
show: true,
type: 'line',
mode: 'normal',
data: {
id: '4',
label: 'Syscollector Events Decoded',
},
valueAxis: 'ValueAxis-1',
drawLinesBetweenPoints: true,
lineWidth: 2,
interpolate: 'linear',
showCircles: true,
},
{
show: true,
type: 'line',
mode: 'normal',
data: {
id: '5',
label: 'Rootcheck Events Decoded',
},
valueAxis: 'ValueAxis-1',
drawLinesBetweenPoints: true,
lineWidth: 2,
interpolate: 'linear',
showCircles: true,
},
{
show: true,
type: 'line',
mode: 'normal',
data: {
id: '6',
label: 'SCA Events Decoded',
},
valueAxis: 'ValueAxis-1',
drawLinesBetweenPoints: true,
lineWidth: 2,
interpolate: 'linear',
showCircles: true,
},
{
show: true,
type: 'line',
mode: 'normal',
data: {
id: '7',
label: 'Other Events Decoded',
},
valueAxis: 'ValueAxis-1',
drawLinesBetweenPoints: true,
lineWidth: 2,
interpolate: 'linear',
showCircles: true,
},
{
show: true,
type: 'line',
mode: 'normal',
data: {
id: '8',
label: 'Host Info Events Decoded',
},
valueAxis: 'ValueAxis-1',
drawLinesBetweenPoints: true,
lineWidth: 2,
interpolate: 'linear',
showCircles: true,
},
],
addTooltip: true,
addLegend: true,
legendPosition: 'right',
times: [],
addTimeMarker: false,
labels: {},
thresholdLine: {
show: false,
value: 10,
width: 1,
style: 'full',
color: '#E7664C',
},
},
aggs: [],
}),
uiStateJSON: '{}',
description: '',
Expand Down

0 comments on commit cce97bd

Please sign in to comment.