diff --git a/dashboard2.json b/dashboard2.json new file mode 100644 index 0000000..7343f08 --- /dev/null +++ b/dashboard2.json @@ -0,0 +1,703 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 45, + "links": [], + "panels": [ + { + "fieldConfig": { + "defaults": {}, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 5, + "x": 0, + "y": 0 + }, + "id": 5, + "options": { + "code": { + "language": "plaintext", + "showLineNumbers": false, + "showMiniMap": false + }, + "content": "", + "mode": "html" + }, + "pluginVersion": "12.2.0", + "title": "", + "type": "text" + }, + { + "datasource": { + "type": "influxdb", + "uid": "bdp80jf4cy328f" + }, + "description": "Ports 0 are omitted as they are most likely link layer protocols, like ARP.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "mode": "gradient", + "type": "gauge", + "valueDisplayMode": "color" + }, + "filterable": false, + "footer": { + "reducers": [] + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": 0 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "port" + }, + "properties": [ + { + "id": "custom.cellOptions", + "value": { + "type": "color-text" + } + } + ] + } + ] + }, + "gridPos": { + "h": 14, + "w": 5, + "x": 5, + "y": 0 + }, + "id": 4, + "options": { + "cellHeight": "sm", + "enablePagination": false, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "count" + } + ] + }, + "pluginVersion": "12.2.0", + "targets": [ + { + "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstPort\")\n |> filter(fn: (r) => r._value != 0) // 👈 omit port 0\n |> map(fn: (r) => ({ r with port: string(v: r._value) }))\n |> window(every: inf)\n |> group(columns: [\"port\"])\n |> count()\n |> group()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 13)\n |> rename(columns: {_value: \"count\"})", + "refId": "A" + } + ], + "title": "Top Ports", + "type": "table" + }, + { + "datasource": { + "type": "influxdb", + "uid": "bdp80jf4cy328f" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "mode": "gradient", + "type": "gauge", + "valueDisplayMode": "color" + }, + "filterable": false, + "footer": { + "reducers": [] + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "yellow", + "value": 2500 + }, + { + "color": "orange", + "value": 5000 + }, + { + "color": "red", + "value": 10000 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "ip" + }, + "properties": [ + { + "id": "custom.cellOptions", + "value": { + "type": "color-text" + } + }, + { + "id": "custom.wrapText", + "value": false + } + ] + } + ] + }, + "gridPos": { + "h": 8, + "w": 7, + "x": 10, + "y": 0 + }, + "id": 6, + "options": { + "cellHeight": "sm", + "enablePagination": false, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "count" + } + ] + }, + "pluginVersion": "12.2.0", + "targets": [ + { + "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstAddr\")\n |> map(fn: (r) => ({ r with ip: r._value }))\n |> group(columns: [\"ip\"])\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()\n", + "refId": "A" + } + ], + "title": "Top destinations", + "type": "table" + }, + { + "datasource": { + "type": "influxdb", + "uid": "bdp80jf4cy328f" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "mode": "gradient", + "type": "gauge", + "valueDisplayMode": "color" + }, + "filterable": false, + "footer": { + "reducers": [] + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "yellow", + "value": 2500 + }, + { + "color": "orange", + "value": 5000 + }, + { + "color": "red", + "value": 10000 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "ip" + }, + "properties": [ + { + "id": "custom.cellOptions", + "value": { + "type": "color-text" + } + }, + { + "id": "custom.wrapText", + "value": false + } + ] + } + ] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 17, + "y": 0 + }, + "id": 3, + "options": { + "cellHeight": "sm", + "enablePagination": false, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "count" + } + ] + }, + "pluginVersion": "12.2.0", + "targets": [ + { + "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"srcAddr\")\n |> map(fn: (r) => ({ r with ip: r._value }))\n |> group(columns: [\"ip\"])\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()\n", + "refId": "A" + } + ], + "title": "Top talkers", + "type": "table" + }, + { + "datasource": { + "type": "influxdb", + "uid": "bdp80jf4cy328f" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "fillOpacity": 80, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineWidth": 1, + "scaleDistribution": { + "type": "linear" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 13, + "x": 10, + "y": 8 + }, + "id": 7, + "options": { + "barRadius": 0, + "barWidth": 0.97, + "fullHighlight": false, + "groupWidth": 0.7, + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": false + }, + "orientation": "auto", + "showValue": "auto", + "stacking": "none", + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + }, + "xField": "proto", + "xTickLabelRotation": 0, + "xTickLabelSpacing": 0 + }, + "pluginVersion": "12.2.0", + "targets": [ + { + "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"outPakt\") // bytes (IN_OCTETS)\n |> toFloat()\n |> sum()\n |> map(fn: (r) => ({ r with _value: r._value * 8.0 })) // convert to bits\n |> rename(columns: {_value: \"total_bits\"})\n |> group()\n", + "refId": "A" + } + ], + "title": "New panel", + "type": "barchart" + }, + { + "datasource": { + "type": "influxdb", + "uid": "bdp80jf4cy328f" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-purple", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 15, + "x": 0, + "y": 14 + }, + "id": 2, + "options": { + "basemap": { + "config": {}, + "name": "Layer 0", + "type": "default" + }, + "controls": { + "mouseWheelZoom": true, + "showAttribution": true, + "showDebug": false, + "showMeasure": false, + "showScale": false, + "showZoom": true + }, + "layers": [ + { + "config": { + "showLegend": false, + "style": { + "color": { + "field": "location", + "fixed": "dark-green" + }, + "opacity": 0.4, + "rotation": { + "fixed": 0, + "max": 360, + "min": -360, + "mode": "mod" + }, + "size": { + "field": "value", + "fixed": 10, + "max": 50, + "min": 7 + }, + "symbol": { + "fixed": "img/icons/marker/circle.svg", + "mode": "fixed" + }, + "symbolAlign": { + "horizontal": "center", + "vertical": "center" + }, + "text": { + "field": "value", + "fixed": "", + "mode": "field" + }, + "textConfig": { + "fontSize": 9, + "offsetX": 0, + "offsetY": 0, + "textAlign": "center", + "textBaseline": "middle" + } + } + }, + "filterData": { + "id": "byRefId", + "options": "A" + }, + "location": { + "gazetteer": "public/gazetteer/countries.json", + "lookup": "location", + "mode": "lookup" + }, + "name": "L1", + "tooltip": true, + "type": "markers" + } + ], + "tooltip": { + "mode": "details" + }, + "view": { + "allLayers": true, + "id": "zero", + "lat": 0, + "lon": 0, + "noRepeat": false, + "zoom": 1 + } + }, + "pluginVersion": "12.2.0", + "targets": [ + { + "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstCntr\")\n |> map(fn: (r) => ({ r with location: r._value })) // materialize _value to location\n |> group(columns: [\"location\"])\n |> count()\n |> rename(columns: {_value: \"value\"})\n |> group()\n", + "refId": "A" + } + ], + "title": "Geomap", + "type": "geomap" + }, + { + "datasource": { + "type": "influxdb", + "uid": "bdp80jf4cy328f" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + } + }, + "fieldMinMax": false, + "mappings": [] + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 8, + "x": 15, + "y": 14 + }, + "id": 1, + "options": { + "displayLabels": [], + "legend": { + "displayMode": "table", + "placement": "right", + "showLegend": true, + "values": [ + "percent" + ] + }, + "pieType": "pie", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "sort": "desc", + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.2.0", + "targets": [ + { + "datasource": { + "type": "influxdb", + "uid": "eeipdlx4ecav4c" + }, + "hide": false, + "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> group(columns: [\"proto\"])\n |> count()\n |> keep(columns: [\"proto\", \"_value\"])\n |> rename(columns: {_value: \"\"})\n", + "refId": "A" + } + ], + "title": "Top Protocols", + "type": "piechart" + } + ], + "preload": false, + "refresh": "10s", + "schemaVersion": 42, + "tags": [ + "FluxQL", + "InfluxDB", + "NetFlow" + ], + "templating": { + "list": [ + { + "current": { + "text": "influxdb", + "value": "bdp80jf4cy328f" + }, + "label": "Source", + "name": "influxdbsrc", + "options": [], + "query": "influxdb", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "current": { + "text": "NETFLOW", + "value": "NETFLOW" + }, + "datasource": { + "type": "influxdb", + "uid": "${influxdbsrc}" + }, + "definition": "buckets()", + "description": "Get buckets", + "label": "Bucket", + "name": "bucket", + "options": [], + "query": { + "query": "buckets()" + }, + "refresh": 1, + "regex": "", + "sort": 1, + "type": "query" + }, + { + "current": { + "text": "measurement-script", + "value": "measurement-script" + }, + "datasource": { + "type": "influxdb", + "uid": "${influxdbsrc}" + }, + "definition": "import \"influxdata/influxdb/schema\"\n\nschema.measurements(bucket: \"${bucket}\")\n", + "name": "Measurement", + "options": [], + "query": { + "query": "import \"influxdata/influxdb/schema\"\n\nschema.measurements(bucket: \"${bucket}\")\n" + }, + "refresh": 1, + "regex": "", + "type": "query" + }, + { + "current": { + "text": "ARPANET", + "value": "ARPANET" + }, + "datasource": { + "type": "influxdb", + "uid": "${influxdbsrc}" + }, + "definition": "import \"influxdata/influxdb/schema\"\n\nschema.tagValues(\n bucket: \"${bucket}\",\n tag: \"ROUTER\",\n start: -30d\n)\n", + "name": "Router", + "options": [], + "query": { + "query": "import \"influxdata/influxdb/schema\"\n\nschema.tagValues(\n bucket: \"${bucket}\",\n tag: \"ROUTER\",\n start: -30d\n)\n" + }, + "refresh": 1, + "regex": "", + "type": "query" + } + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "ARPANET-INTERNAL", + "uid": "beiq35nt3d1j4bgfghjt3wret", + "version": 14 +} \ No newline at end of file