YuruC3/OPNsense-NetFlow-export
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
OPNsense-NetFlow-export/dashboard.json
YuruC3 0ccc4e674e Added files to repository.
2025-05-08 09:49:17 +02:00

618 lines
16 KiB
JSON
Raw Permalink Blame History

{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 2,
"links": [],
"panels": [
{
"datasource": {
"type": "influxdb",
"uid": "eeipdlx4ecav4c"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "dark-purple"
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 15,
"w": 11,
"x": 0,
"y": 0
},
"id": 2,
"options": {
"basemap": {
"config": {},
"name": "Layer 0",
"type": "default"
},
"controls": {
"mouseWheelZoom": true,
"showAttribution": true,
"showDebug": false,
"showMeasure": false,
"showScale": false,
"showZoom": true
},
"layers": [
{
"config": {
"showLegend": false,
"style": {
"color": {
"field": "location",
"fixed": "dark-green"
},
"opacity": 0.4,
"rotation": {
"fixed": 0,
"max": 360,
"min": -360,
"mode": "mod"
},
"size": {
"field": "value",
"fixed": 10,
"max": 50,
"min": 7
},
"symbol": {
"fixed": "img/icons/marker/circle.svg",
"mode": "fixed"
},
"symbolAlign": {
"horizontal": "center",
"vertical": "center"
},
"text": {
"field": "value",
"fixed": "",
"mode": "field"
},
"textConfig": {
"fontSize": 9,
"offsetX": 0,
"offsetY": 0,
"textAlign": "center",
"textBaseline": "middle"
}
}
},
"filterData": {
"id": "byRefId",
"options": "A"
},
"location": {
"gazetteer": "public/gazetteer/countries.json",
"lookup": "location",
"mode": "lookup"
},
"name": "L1",
"tooltip": true,
"type": "markers"
}
],
"tooltip": {
"mode": "details"
},
"view": {
"allLayers": true,
"id": "zero",
"lat": 0,
"lon": 0,
"zoom": 1
}
},
"pluginVersion": "11.6.0",
"targets": [
{
"query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstCntr\")\n |> map(fn: (r) => ({ r with location: r._value })) // materialize _value to location\n |> group(columns: [\"location\"])\n |> count()\n |> rename(columns: {_value: \"value\"})\n |> group()\n",
"refId": "A"
}
],
"title": "Geomap",
"type": "geomap"
},
{
"datasource": {
"type": "influxdb",
"uid": "eeipdlx4ecav4c"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"mode": "gradient",
"type": "gauge",
"valueDisplayMode": "color"
},
"filterable": false,
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green"
},
{
"color": "yellow",
"value": 250
},
{
"color": "orange",
"value": 500
},
{
"color": "red",
"value": 1000
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "ip"
},
"properties": [
{
"id": "custom.cellOptions",
"value": {
"type": "color-text",
"wrapText": false
}
}
]
}
]
},
"gridPos": {
"h": 8,
"w": 12,
"x": 11,
"y": 0
},
"id": 3,
"options": {
"cellHeight": "sm",
"footer": {
"countRows": false,
"enablePagination": false,
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "count"
}
]
},
"pluginVersion": "11.6.0",
"targets": [
{
"query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"srcAddr\")\n |> map(fn: (r) => ({ r with ip: r._value }))\n |> group(columns: [\"ip\"])\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()\n",
"refId": "A"
}
],
"title": "Top talkers",
"type": "table"
},
{
"datasource": {
"type": "influxdb",
"uid": "eeipdlx4ecav4c"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"mode": "gradient",
"type": "gauge",
"valueDisplayMode": "color"
},
"filterable": false,
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green"
},
{
"color": "yellow",
"value": 250
},
{
"color": "orange",
"value": 500
},
{
"color": "red",
"value": 1000
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "ip"
},
"properties": [
{
"id": "custom.cellOptions",
"value": {
"type": "color-text",
"wrapText": false
}
}
]
}
]
},
"gridPos": {
"h": 7,
"w": 12,
"x": 11,
"y": 8
},
"id": 6,
"options": {
"cellHeight": "sm",
"footer": {
"countRows": false,
"enablePagination": false,
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "count"
}
]
},
"pluginVersion": "11.6.0",
"targets": [
{
"query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstAddr\")\n |> map(fn: (r) => ({ r with ip: r._value }))\n |> group(columns: [\"ip\"])\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()\n",
"refId": "A"
}
],
"title": "Top destinations",
"type": "table"
},
{
"fieldConfig": {
"defaults": {},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 11,
"x": 0,
"y": 15
},
"id": 5,
"options": {
"code": {
"language": "plaintext",
"showLineNumbers": false,
"showMiniMap": false
},
"content": "<img src=\"https://data.fubukus.net/assets/others/illust_123291962_20250408_085815.png\">",
"mode": "html"
},
"pluginVersion": "11.6.0",
"title": "",
"type": "text"
},
{
"datasource": {
"type": "influxdb",
"uid": "eeipdlx4ecav4c"
},
"description": "Ports 0 are omitted as they are most likely link layer protocols, like ARP.",
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"mode": "gradient",
"type": "gauge",
"valueDisplayMode": "color"
},
"filterable": false,
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "blue"
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "port"
},
"properties": [
{
"id": "custom.cellOptions",
"value": {
"type": "color-text"
}
}
]
}
]
},
"gridPos": {
"h": 8,
"w": 6,
"x": 11,
"y": 15
},
"id": 4,
"options": {
"cellHeight": "sm",
"footer": {
"countRows": false,
"enablePagination": false,
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "count"
}
]
},
"pluginVersion": "11.6.0",
"targets": [
{
"query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> filter(fn: (r) => r._field == \"dstPort\")\n |> group()\n |> map(fn: (r) => ({ r with port: string(v: r._value) }))\n |> group(columns: [\"port\"])\n |> filter(fn: (r) => r._value != 0)\n |> count()\n |> sort(columns: [\"_value\"], desc: true)\n |> limit(n: 10)\n |> rename(columns: {_value: \"count\"})\n |> group()",
"refId": "A"
}
],
"title": "Top Ports",
"type": "table"
},
{
"datasource": {
"type": "influxdb",
"uid": "eeipdlx4ecav4c"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
}
},
"fieldMinMax": false,
"mappings": []
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 6,
"x": 17,
"y": 15
},
"id": 1,
"options": {
"displayLabels": [],
"legend": {
"displayMode": "table",
"placement": "right",
"showLegend": true,
"values": [
"percent"
]
},
"pieType": "pie",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"tooltip": {
"hideZeros": false,
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "11.6.0",
"targets": [
{
"datasource": {
"type": "influxdb",
"uid": "eeipdlx4ecav4c"
},
"hide": false,
"query": "from(bucket: \"${bucket}\")\n |> range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |> filter(fn: (r) => r._measurement == \"${Measurement}\")\n |> filter(fn: (r) => r.ROUTER == \"${Router}\")\n |> group(columns: [\"proto\"])\n |> count()\n |> keep(columns: [\"proto\", \"_value\"])\n |> rename(columns: {_value: \"\"})\n",
"refId": "A"
}
],
"title": "Top Protocols",
"type": "piechart"
}
],
"preload": false,
"refresh": "10s",
"schemaVersion": 41,
"tags": [
"FluxQL",
"InfluxDB",
"NetFlow"
],
"templating": {
"list": [
{
"current": {
"text": "influxdb",
"value": "eeipdlx4ecav4c"
},
"label": "Source",
"name": "influxdbsrc",
"options": [],
"query": "influxdb",
"refresh": 1,
"regex": "",
"type": "datasource"
},
{
"current": {
"text": "NETFLOW-7",
"value": "NETFLOW-7"
},
"datasource": {
"type": "influxdb",
"uid": "${influxdbsrc}"
},
"definition": "buckets()",
"description": "Get buckets",
"label": "Bucket",
"name": "bucket",
"options": [],
"query": {
"query": "buckets()"
},
"refresh": 1,
"regex": "",
"sort": 1,
"type": "query"
},
{
"current": {
"text": "testNetFlowPython-script",
"value": "testNetFlowPython-script"
},
"datasource": {
"type": "influxdb",
"uid": "${influxdbsrc}"
},
"definition": "import \"influxdata/influxdb/schema\"\n\nschema.measurements(bucket: \"${bucket}\")\n",
"name": "Measurement",
"options": [],
"query": {
"query": "import \"influxdata/influxdb/schema\"\n\nschema.measurements(bucket: \"${bucket}\")\n"
},
"refresh": 1,
"regex": "",
"type": "query"
},
{
"current": {
"text": "HQ",
"value": "HQ"
},
"datasource": {
"type": "influxdb",
"uid": "${influxdbsrc}"
},
"definition": "import \"influxdata/influxdb/schema\"\n\nschema.tagValues(\n bucket: \"${bucket}\",\n tag: \"ROUTER\",\n start: -30d\n)\n",
"name": "Router",
"options": [],
"query": {
"query": "import \"influxdata/influxdb/schema\"\n\nschema.tagValues(\n bucket: \"${bucket}\",\n tag: \"ROUTER\",\n start: -30d\n)\n"
},
"refresh": 1,
"regex": "",
"type": "query"
}
]
},
"time": {
"from": "now-6h",
"to": "now"
},
"timepicker": {},
"timezone": "browser",
"title": "NetFlow",
"uid": "beiq35nt3d1j4b",
"version": 27
}
Reference in New Issue View Git Blame Copy Permalink