{ "annotations": { "list": [ { "builtIn": 1, "datasource": { "type": "grafana", "uid": "-- Grafana --" }, "enable": true, "hide": true, "iconColor": "rgba(0, 211, 255, 1)", "name": "Annotations & Alerts", "type": "dashboard" } ] }, "editable": true, "fiscalYearStartMonth": 0, "graphTooltip": 0, "id": 2, "links": [], "panels": [ { "datasource": { "type": "influxdb", "uid": "eeipdlx4ecav4c" }, "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "dark-purple" } ] } }, "overrides": [] }, "gridPos": { "h": 15, "w": 11, "x": 0, "y": 0 }, "id": 2, "options": { "basemap": { "config": {}, "name": "Layer 0", "type": "default" }, "controls": { "mouseWheelZoom": true, "showAttribution": true, "showDebug": false, "showMeasure": false, "showScale": false, "showZoom": true }, "layers": [ { "config": { "showLegend": false, "style": { "color": { "field": "location", "fixed": "dark-green" }, "opacity": 0.4, "rotation": { "fixed": 0, "max": 360, "min": -360, "mode": "mod" }, "size": { "field": "value", "fixed": 10, "max": 50, "min": 7 }, "symbol": { "fixed": "img/icons/marker/circle.svg", "mode": "fixed" }, "symbolAlign": { "horizontal": "center", "vertical": "center" }, "text": { "field": "value", "fixed": "", "mode": "field" }, "textConfig": { "fontSize": 9, "offsetX": 0, "offsetY": 0, "textAlign": "center", "textBaseline": "middle" } } }, "filterData": { "id": "byRefId", "options": "A" }, "location": { "gazetteer": "public/gazetteer/countries.json", "lookup": "location", "mode": "lookup" }, "name": "L1", "tooltip": true, "type": "markers" } ], "tooltip": { "mode": "details" }, "view": { "allLayers": true, "id": "zero", "lat": 0, "lon": 0, "zoom": 1 } }, "pluginVersion": "11.6.0", "targets": [ { "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstCntr\")\n |> map(fn: (r) => ({ r with location: r._value })) // materialize _value to location\n |> group(columns: [\"location\"])\n |> count()\n |> rename(columns: {_value: \"value\"})\n |> group()\n", "refId": "A" } ], "title": "Geomap", "type": "geomap" }, { "datasource": { "type": "influxdb", "uid": "eeipdlx4ecav4c" }, "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "align": "auto", "cellOptions": { "mode": "gradient", "type": "gauge", "valueDisplayMode": "color" }, "filterable": false, "inspect": false }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "yellow", "value": 250 }, { "color": "orange", "value": 500 }, { "color": "red", "value": 1000 } ] } }, "overrides": [ { "matcher": { "id": "byName", "options": "ip" }, "properties": [ { "id": "custom.cellOptions", "value": { "type": "color-text", "wrapText": false } } ] } ] }, "gridPos": { "h": 8, "w": 12, "x": 11, "y": 0 }, "id": 3, "options": { "cellHeight": "sm", "footer": { "countRows": false, "enablePagination": false, "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true, "sortBy": [ { "desc": true, "displayName": "count" } ] }, "pluginVersion": "11.6.0", "targets": [ { "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"srcAddr\")\n |> map(fn: (r) => ({ r with ip: r._value }))\n |> group(columns: [\"ip\"])\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()\n", "refId": "A" } ], "title": "Top talkers", "type": "table" }, { "datasource": { "type": "influxdb", "uid": "eeipdlx4ecav4c" }, "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "align": "auto", "cellOptions": { "mode": "gradient", "type": "gauge", "valueDisplayMode": "color" }, "filterable": false, "inspect": false }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "yellow", "value": 250 }, { "color": "orange", "value": 500 }, { "color": "red", "value": 1000 } ] } }, "overrides": [ { "matcher": { "id": "byName", "options": "ip" }, "properties": [ { "id": "custom.cellOptions", "value": { "type": "color-text", "wrapText": false } } ] } ] }, "gridPos": { "h": 7, "w": 12, "x": 11, "y": 8 }, "id": 6, "options": { "cellHeight": "sm", "footer": { "countRows": false, "enablePagination": false, "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true, "sortBy": [ { "desc": true, "displayName": "count" } ] }, "pluginVersion": "11.6.0", "targets": [ { "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstAddr\")\n |> map(fn: (r) => ({ r with ip: r._value }))\n |> group(columns: [\"ip\"])\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()\n", "refId": "A" } ], "title": "Top destinations", "type": "table" }, { "fieldConfig": { "defaults": {}, "overrides": [] }, "gridPos": { "h": 8, "w": 11, "x": 0, "y": 15 }, "id": 5, "options": { "code": { "language": "plaintext", "showLineNumbers": false, "showMiniMap": false }, "content": "", "mode": "html" }, "pluginVersion": "11.6.0", "title": "", "type": "text" }, { "datasource": { "type": "influxdb", "uid": "eeipdlx4ecav4c" }, "description": "Ports 0 are omitted as they are most likely link layer protocols, like ARP.", "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "align": "auto", "cellOptions": { "mode": "gradient", "type": "gauge", "valueDisplayMode": "color" }, "filterable": false, "inspect": false }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "blue" } ] } }, "overrides": [ { "matcher": { "id": "byName", "options": "port" }, "properties": [ { "id": "custom.cellOptions", "value": { "type": "color-text" } } ] } ] }, "gridPos": { "h": 8, "w": 6, "x": 11, "y": 15 }, "id": 4, "options": { "cellHeight": "sm", "footer": { "countRows": false, "enablePagination": false, "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true, "sortBy": [ { "desc": true, "displayName": "count" } ] }, "pluginVersion": "11.6.0", "targets": [ { "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstPort\")\n |> group()\n |> map(fn: (r) => ({ r with port: string(v: r._value) }))\n |> group(columns: [\"port\"])\n |> filter(fn: (r) => r._value != 0)\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()", "refId": "A" } ], "title": "Top Ports", "type": "table" }, { "datasource": { "type": "influxdb", "uid": "eeipdlx4ecav4c" }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "fieldMinMax": false, "mappings": [] }, "overrides": [] }, "gridPos": { "h": 8, "w": 6, "x": 17, "y": 15 }, "id": 1, "options": { "displayLabels": [], "legend": { "displayMode": "table", "placement": "right", "showLegend": true, "values": [ "percent" ] }, "pieType": "pie", "reduceOptions": { "calcs": [ "lastNotNull" ], "fields": "", "values": false }, "tooltip": { "hideZeros": false, "mode": "single", "sort": "none" } }, "pluginVersion": "11.6.0", "targets": [ { "datasource": { "type": "influxdb", "uid": "eeipdlx4ecav4c" }, "hide": false, "query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> group(columns: [\"proto\"])\n |> count()\n |> keep(columns: [\"proto\", \"_value\"])\n |> rename(columns: {_value: \"\"})\n", "refId": "A" } ], "title": "Top Protocols", "type": "piechart" } ], "preload": false, "refresh": "10s", "schemaVersion": 41, "tags": [ "FluxQL", "InfluxDB", "NetFlow" ], "templating": { "list": [ { "current": { "text": "influxdb", "value": "eeipdlx4ecav4c" }, "label": "Source", "name": "influxdbsrc", "options": [], "query": "influxdb", "refresh": 1, "regex": "", "type": "datasource" }, { "current": { "text": "NETFLOW-7", "value": "NETFLOW-7" }, "datasource": { "type": "influxdb", "uid": "${influxdbsrc}" }, "definition": "buckets()", "description": "Get buckets", "label": "Bucket", "name": "bucket", "options": [], "query": { "query": "buckets()" }, "refresh": 1, "regex": "", "sort": 1, "type": "query" }, { "current": { "text": "testNetFlowPython-script", "value": "testNetFlowPython-script" }, "datasource": { "type": "influxdb", "uid": "${influxdbsrc}" }, "definition": "import \"influxdata/influxdb/schema\"\n\nschema.measurements(bucket: \"${bucket}\")\n", "name": "Measurement", "options": [], "query": { "query": "import \"influxdata/influxdb/schema\"\n\nschema.measurements(bucket: \"${bucket}\")\n" }, "refresh": 1, "regex": "", "type": "query" }, { "current": { "text": "HQ", "value": "HQ" }, "datasource": { "type": "influxdb", "uid": "${influxdbsrc}" }, "definition": "import \"influxdata/influxdb/schema\"\n\nschema.tagValues(\n bucket: \"${bucket}\",\n tag: \"ROUTER\",\n start: -30d\n)\n", "name": "Router", "options": [], "query": { "query": "import \"influxdata/influxdb/schema\"\n\nschema.tagValues(\n bucket: \"${bucket}\",\n tag: \"ROUTER\",\n start: -30d\n)\n" }, "refresh": 1, "regex": "", "type": "query" } ] }, "time": { "from": "now-6h", "to": "now" }, "timepicker": {}, "timezone": "browser", "title": "NetFlow", "uid": "beiq35nt3d1j4b", "version": 27 }