trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added Malcolm

Browse Source
This commit is contained in:
Trinitor
2021-08-06 10:35:01 +02:00
parent f043730066
commit 70f1922e80
751 changed files with 195277 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-cyberchef.desktop Normal file
View File

@@ -0,0 +1,11 @@
[Desktop Entry]
Version=1.0
Name=Malcolm - CyberChef
Exec=/opt/firefox/firefox https://localhost/cyberchef/
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=applications-science.png
Categories=Network;
StartupWMClass=Firefox
StartupNotify=true

11
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-kibana.desktop Normal file
View File

@@ -0,0 +1,11 @@
[Desktop Entry]
Version=1.0
Name=Malcolm - Kibana
Exec=/opt/firefox/firefox https://localhost/kibana/
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=/usr/share/icons/hicolor/48x48/kibana.png
Categories=Network;
StartupWMClass=Firefox
StartupNotify=true

8
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-logs.desktop Normal file
View File

@@ -0,0 +1,8 @@
#!/usr/bin/env xdg-open
[Desktop Entry]
Name=Malcolm Debug Logs
Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --logs"
Comment=Monitor the debug output of Malcolm containers
Terminal=false
Type=Application
Icon=terminal.png

11
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-mapping.desktop Normal file
View File

@@ -0,0 +1,11 @@
[Desktop Entry]
Version=1.0
Name=Malcolm - Host and Subnet Name Mapping
Exec=/opt/firefox/firefox https://localhost/name-map-ui/
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=server.png
Categories=Network;
StartupWMClass=Firefox
StartupNotify=true

11
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-moloch.desktop Normal file
View File

@@ -0,0 +1,11 @@
[Desktop Entry]
Version=1.0
Name=Malcolm - Arkime
Exec=/opt/firefox/firefox https://localhost/
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=/usr/share/icons/hicolor/128x128/moloch.png
Categories=Network;
StartupWMClass=Firefox
StartupNotify=true

11
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-readme.desktop Normal file
View File

@@ -0,0 +1,11 @@
[Desktop Entry]
Version=1.0
Name=Malcolm - README
Exec=/opt/firefox/firefox https://localhost/readme
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=help-browser
Categories=Network;
StartupWMClass=Firefox
StartupNotify=true

8
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-restart.desktop Normal file
View File

@@ -0,0 +1,8 @@
#!/usr/bin/env xdg-open
[Desktop Entry]
Name=Restart Malcolm
Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --restart"
Comment=Restart Malcolm
Terminal=false
Type=Application
Icon=redo.png

8
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-start.desktop Normal file
View File

@@ -0,0 +1,8 @@
#!/usr/bin/env xdg-open
[Desktop Entry]
Name=Start Malcolm
Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --start"
Comment=Start Malcolm
Terminal=false
Type=Application
Icon=/usr/share/icons/hicolor/64x64/malcolm.png

8
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-stop.desktop Normal file
View File

@@ -0,0 +1,8 @@
#!/usr/bin/env xdg-open
[Desktop Entry]
Name=Stop Malcolm
Exec=lxterminal --command=/bin/bash\ -l\ -c\ "/usr/bin/python3\ ~/Malcolm/scripts/control.py\ --stop"
Comment=Stop Malcolm
Terminal=false
Type=Application
Icon=exit.png

11
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-upload.desktop Normal file
View File

@@ -0,0 +1,11 @@
[Desktop Entry]
Version=1.0
Name=Malcolm - Upload
Exec=/opt/firefox/firefox https://localhost/upload/
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=up.png
Categories=Network;
StartupWMClass=Firefox
StartupNotify=true

11
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/applications/malcolm-users.desktop Normal file
View File

@@ -0,0 +1,11 @@
[Desktop Entry]
Version=1.0
Name=Malcolm - User Management
Exec=/opt/firefox/firefox https://localhost:488/
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=config-users.png
Categories=Network;
StartupWMClass=Firefox
StartupNotify=true

142
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/auditbeat/kibana/7/dashboard-custom/Auditbeat-auditd-overview-custom.json Normal file
View File

@@ -0,0 +1,142 @@
{
"version": "7.6.2",
"objects": [
{
"id": "072befc0-ffba-11e8-a854-ad7782ef6a55",
"type": "dashboard",
"updated_at": "2019-12-23T19:07:39.093Z",
"version": "WzE2MDIsMV0=",
"attributes": {
"description": "Summary of Linux kernel audit events.",
"hits": 0,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"version\":true,\"highlightAll\":true}"
},
"optionsJSON": "{\"darkTheme\":true,\"useMargins\":false}",
"panelsJSON": "[{\"gridData\":{\"x\":0,\"y\":0,\"w\":28,\"h\":26,\"i\":\"1\"},\"version\":\"7.3.0\",\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\"},{\"gridData\":{\"x\":28,\"y\":0,\"w\":20,\"h\":26,\"i\":\"4\"},\"version\":\"7.3.0\",\"panelIndex\":\"4\",\"panelRefName\":\"panel_1\"},{\"gridData\":{\"x\":0,\"y\":26,\"w\":48,\"h\":38,\"i\":\"5\"},\"version\":\"7.3.0\",\"panelIndex\":\"5\",\"embeddableConfig\":{\"columns\":[\"beat.hostname\",\"auditd.summary.actor.primary\",\"auditd.summary.actor.secondary\",\"auditd.summary.object.type\",\"event.action\",\"auditd.summary.object.primary\",\"auditd.summary.object.secondary\",\"auditd.summary.how\",\"auditd.result\"]},\"panelRefName\":\"panel_2\"}]",
"timeRestore": false,
"title": "[Auditbeat auditd] Overview dashboard",
"version": 1
},
"references": [
{
"name": "panel_0",
"type": "visualization",
"id": "97680df0-c1c0-11e7-8995-936807a28b16"
},
{
"name": "panel_1",
"type": "visualization",
"id": "08679220-c25a-11e7-8692-232bd1143e8a"
},
{
"name": "panel_2",
"type": "search",
"id": "0f10c430-c1c3-11e7-8995-936807a28b16"
}
],
"migrationVersion": {
"dashboard": "7.3.0"
}
},
{
"id": "97680df0-c1c0-11e7-8995-936807a28b16",
"type": "visualization",
"updated_at": "2019-12-23T19:07:39.093Z",
"version": "WzE1OTksMV0=",
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{}"
},
"title": "Event Actions [Auditbeat Auditd Overview]",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"type\":\"metrics\",\"params\":{\"bar_color_rules\":[{\"id\":\"5bfc71a0-c1bd-11e7-938f-ab0645b6c431\"}],\"gauge_color_rules\":[{\"id\":\"5d20a650-c1bd-11e7-938f-ab0645b6c431\"}],\"background_color_rules\":[{\"id\":\"58c95a20-c1bd-11e7-938f-ab0645b6c431\"}],\"time_field\":\"@timestamp\",\"index_pattern\":\"auditbeat-*\",\"gauge_inner_width\":10,\"series\":[{\"line_width\":1,\"terms_field\":\"event.action\",\"point_size\":1,\"color\":\"#68BC00\",\"label\":\"Actions\",\"metrics\":[{\"type\":\"count\",\"id\":\"6b9fb2d0-c1bc-11e7-938f-ab0645b6c431\"}],\"seperate_axis\":0,\"split_mode\":\"terms\",\"chart_type\":\"line\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"fill\":0.5}],\"axis_formatter\":\"number\",\"interval\":\"auto\",\"filter\":{\"query\":\"event.module:auditd\",\"language\":\"lucene\"},\"legend_position\":\"left\",\"show_legend\":1,\"show_grid\":1,\"gauge_style\":\"half\",\"axis_position\":\"left\",\"gauge_width\":10,\"type\":\"timeseries\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\"},\"aggs\":[],\"title\":\"Event Actions [Auditbeat Auditd Overview]\"}"
},
"references": [],
"migrationVersion": {
"visualization": "7.4.2"
}
},
{
"id": "08679220-c25a-11e7-8692-232bd1143e8a",
"type": "visualization",
"updated_at": "2019-12-23T19:07:39.093Z",
"version": "WzE2MDAsMV0=",
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
},
"title": "Event Categories [Auditbeat Auditd]",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"type\":\"pie\",\"params\":{\"legendPosition\":\"right\",\"type\":\"pie\",\"isDonut\":true,\"addTooltip\":true,\"addLegend\":true},\"aggs\":[{\"params\":{},\"type\":\"count\",\"enabled\":true,\"id\":\"1\",\"schema\":\"metric\"},{\"params\":{\"orderBy\":\"1\",\"field\":\"event.category\",\"customLabel\":\"Category\",\"order\":\"desc\",\"size\":5},\"type\":\"terms\",\"enabled\":true,\"id\":\"2\",\"schema\":\"segment\"},{\"params\":{\"orderBy\":\"1\",\"field\":\"event.action\",\"customLabel\":\"Action\",\"order\":\"desc\",\"size\":20},\"type\":\"terms\",\"enabled\":true,\"id\":\"3\",\"schema\":\"segment\"}],\"title\":\"Event Categories [Auditbeat Auditd]\"}",
"savedSearchRefName": "search_0"
},
"references": [
{
"name": "kibanaSavedObjectMeta.searchSourceJSON.index",
"type": "index-pattern",
"id": "auditbeat-*"
},
{
"type": "search",
"name": "search_0",
"id": "0f10c430-c1c3-11e7-8995-936807a28b16"
}
],
"migrationVersion": {
"visualization": "7.4.2"
}
},
{
"id": "0f10c430-c1c3-11e7-8995-936807a28b16",
"type": "search",
"updated_at": "2019-12-23T19:07:39.093Z",
"version": "WzE2MDEsMV0=",
"attributes": {
"columns": [
"beat.hostname",
"auditd.summary.actor.primary",
"auditd.summary.actor.secondary",
"event.action",
"auditd.summary.object.type",
"auditd.summary.object.primary",
"auditd.summary.object.secondary",
"auditd.summary.how",
"auditd.result"
],
"description": "",
"hits": 0,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[{\"query\":{\"match\":{\"event.module\":{\"query\":\"auditd\",\"type\":\"phrase\"}}},\"meta\":{\"value\":\"auditd\",\"disabled\":false,\"alias\":null,\"params\":{\"query\":\"auditd\",\"type\":\"phrase\"},\"key\":\"event.module\",\"negate\":false,\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"$state\":{\"store\":\"appState\"}}],\"version\":true,\"highlightAll\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
},
"sort": [
[
"@timestamp",
"desc"
]
],
"title": "Audit Event Table [Auditbeat Auditd]",
"version": 1
},
"references": [
{
"name": "kibanaSavedObjectMeta.searchSourceJSON.index",
"type": "index-pattern",
"id": "auditbeat-*"
},
{
"name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index",
"type": "index-pattern",
"id": "auditbeat-*"
}
],
"migrationVersion": {
"search": "7.4.0"
}
}
]
}

167
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/filebeat/kibana/7/dashboard-custom/Filebeat-syslog-custom.json Normal file
View File

@@ -0,0 +1,167 @@
{
"version": "7.6.2",
"objects": [
{
"id": "1ca59220-ffb0-11e8-a854-ad7782ef6a55",
"type": "dashboard",
"updated_at": "2019-12-23T19:04:34.880Z",
"version": "WzE0MzcsMV0=",
"attributes": {
"description": "",
"hits": 0,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"
},
"optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}",
"panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":27,\"w\":48,\"h\":41,\"i\":\"1\"},\"panelIndex\":\"1\",\"title\":\"Syslog Events\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":30,\"y\":0,\"w\":18,\"h\":27,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":17,\"y\":0,\"w\":13,\"h\":27,\"i\":\"4\"},\"panelIndex\":\"4\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"gridData\":{\"x\":0,\"y\":0,\"w\":17,\"h\":27,\"i\":\"5\"},\"version\":\"7.3.0\",\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]",
"timeRestore": false,
"title": "[Filebeat] Syslog dashboard",
"version": 1
},
"references": [
{
"name": "panel_0",
"type": "search",
"id": "c1e3d120-ffb0-11e8-a854-ad7782ef6a55"
},
{
"name": "panel_1",
"type": "visualization",
"id": "462e04d0-ffb3-11e8-a854-ad7782ef6a55"
},
{
"name": "panel_2",
"type": "visualization",
"id": "cc3f9cf0-ffb3-11e8-a854-ad7782ef6a55"
},
{
"name": "panel_3",
"type": "visualization",
"id": "96e77ef0-ffb4-11e8-a854-ad7782ef6a55"
}
],
"migrationVersion": {
"dashboard": "7.3.0"
}
},
{
"id": "c1e3d120-ffb0-11e8-a854-ad7782ef6a55",
"type": "search",
"updated_at": "2019-12-23T19:04:34.880Z",
"version": "WzE0MzMsMV0=",
"attributes": {
"columns": [
"host.name",
"syslog.severity_label",
"syslog.facility_label",
"process.program",
"message"
],
"description": "",
"hits": 0,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"_exists_:syslog\",\"language\":\"lucene\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"
},
"sort": [
[
"@timestamp",
"desc"
]
],
"title": "[Filebeat] Syslog search",
"version": 1
},
"references": [
{
"name": "kibanaSavedObjectMeta.searchSourceJSON.index",
"type": "index-pattern",
"id": "filebeat-*"
}
],
"migrationVersion": {
"search": "7.4.0"
}
},
{
"id": "462e04d0-ffb3-11e8-a854-ad7782ef6a55",
"type": "visualization",
"updated_at": "2019-12-23T19:04:34.880Z",
"version": "WzE0MzQsMV0=",
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"title": "[Filebeat] Syslog by Host Timeline",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"title\":\"[Filebeat] Syslog by Host Timeline\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-15m\",\"to\":\"now\",\"mode\":\"quick\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"host.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Host\"}}]}",
"savedSearchRefName": "search_0"
},
"references": [
{
"type": "search",
"name": "search_0",
"id": "c1e3d120-ffb0-11e8-a854-ad7782ef6a55"
}
],
"migrationVersion": {
"visualization": "7.4.2"
}
},
{
"id": "cc3f9cf0-ffb3-11e8-a854-ad7782ef6a55",
"type": "visualization",
"updated_at": "2019-12-23T19:04:34.880Z",
"version": "WzE0MzUsMV0=",
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"title": "[Filebeat] Syslog Process Cloud",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"title\":\"[Filebeat] Syslog Process Cloud\",\"type\":\"tagcloud\",\"params\":{\"scale\":\"log\",\"orientation\":\"single\",\"minFontSize\":18,\"maxFontSize\":72,\"showLabel\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"process.program\",\"size\":25,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Process\"}}]}",
"savedSearchRefName": "search_0"
},
"references": [
{
"type": "search",
"name": "search_0",
"id": "c1e3d120-ffb0-11e8-a854-ad7782ef6a55"
}
],
"migrationVersion": {
"visualization": "7.4.2"
}
},
{
"id": "96e77ef0-ffb4-11e8-a854-ad7782ef6a55",
"type": "visualization",
"updated_at": "2019-12-23T19:04:34.880Z",
"version": "WzE0MzYsMV0=",
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"title": "[Filebeat] Syslog Facility by Host Pie Chart",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"title\":\"[Filebeat] Syslog Facility by Host Pie Chart\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":false,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"syslog.facility_label\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Syslog Facility\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host.name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Host\"}}]}",
"savedSearchRefName": "search_0"
},
"references": [
{
"type": "search",
"name": "search_0",
"id": "c1e3d120-ffb0-11e8-a854-ad7782ef6a55"
}
],
"migrationVersion": {
"visualization": "7.4.2"
}
}
]
}

BIN
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/icons/hicolor/128x128/moloch.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/icons/hicolor/48x48/kibana.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 645 B

112
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/protologbeat/kibana/7/dashboard/Protologbeat-temperatures-dashboard.json Normal file
View File

@@ -0,0 +1,112 @@
{
"objects": [
{
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"protologbeat-*\",\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"title": "Temperature Timeline",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"title\":\"Temperature Timeline\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Max cpu_temp_avg\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Maximum CPU °C\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":false,\"interpolate\":\"cardinal\"},{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":false,\"interpolate\":\"cardinal\",\"data\":{\"id\":\"3\",\"label\":\"Maximum Other °C\"},\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":false,\"interpolate\":\"cardinal\",\"data\":{\"id\":\"4\",\"label\":\"Maximum GPU °C\"},\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"normal\",\"type\":\"line\",\"drawLinesBetweenPoints\":true,\"showCircles\":false,\"interpolate\":\"cardinal\",\"data\":{\"id\":\"8\",\"label\":\"Maximum Storage °C\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"cpu_temp_avg\",\"customLabel\":\"Maximum CPU °C\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-12h\",\"to\":\"now\",\"mode\":\"quick\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"time_zone\":\"America/Denver\",\"drop_partials\":false,\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"other_temp_avg\",\"customLabel\":\"Maximum Other °C\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"gpu_temp_avg\",\"customLabel\":\"Maximum GPU °C\"}},{\"id\":\"8\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"hdd_temp_avg\",\"customLabel\":\"Maximum Storage °C\"}}]}"
},
"id": "752a7e30-03af-11e9-bf7f-6138c205dfb3",
"type": "visualization",
"updated_at": "2018-12-20T18:16:43.966Z",
"version": 1
},
{
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"title": "Host Chooser",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"title\":\"Host Chooser\",\"type\":\"input_control_vis\",\"params\":{\"controls\":[{\"id\":\"1545248066352\",\"indexPattern\":\"protologbeat-*\",\"fieldName\":\"host.name\",\"parent\":\"\",\"label\":\"Host\",\"type\":\"list\",\"options\":{\"type\":\"terms\",\"multiselect\":true,\"dynamicOptions\":true,\"size\":5,\"order\":\"desc\"}}],\"updateFiltersOnChange\":false,\"useTimeFilter\":false,\"pinFilters\":false},\"aggs\":[]}"
},
"id": "293d13a0-03c5-11e9-b42b-a7822d24ca20",
"type": "visualization",
"updated_at": "2018-12-19T19:34:54.681Z",
"version": 1
},
{
"attributes": {
"columns": [
"host.name",
"cpu_temp_avg",
"hdd_temp_avg",
"other_temp_avg"
],
"description": "",
"hits": 0,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"protologbeat-*\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"sort": [
"@timestamp",
"desc"
],
"title": "Protologbeat search",
"version": 1
},
"id": "65345580-03c5-11e9-b42b-a7822d24ca20",
"type": "search",
"updated_at": "2018-12-20T18:16:42.939Z",
"version": 1
},
{
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"protologbeat-*\",\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"title": "CPU and Storage Temperature Gauge",
"uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 60\":\"rgb(0,104,55)\",\"60 - 70\":\"rgb(255,255,190)\",\"70 - 90\":\"rgb(165,0,38)\"}}}",
"version": 1,
"visState": "{\"title\":\"CPU and Storage Temperature Gauge\",\"type\":\"gauge\",\"params\":{\"type\":\"gauge\",\"addTooltip\":true,\"addLegend\":false,\"isDisplayWarning\":false,\"gauge\":{\"verticalSplit\":false,\"extendRange\":true,\"percentageMode\":false,\"gaugeType\":\"Arc\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"Labels\",\"colorsRange\":[{\"from\":0,\"to\":60},{\"from\":60,\"to\":70},{\"from\":70,\"to\":90}],\"invertColors\":false,\"labels\":{\"show\":true,\"color\":\"black\"},\"scale\":{\"show\":true,\"labels\":false,\"color\":\"#333\"},\"type\":\"meter\",\"style\":{\"bgWidth\":0.9,\"width\":0.9,\"mask\":false,\"bgMask\":false,\"maskBars\":50,\"bgFill\":\"#eee\",\"bgColor\":false,\"subText\":\"\",\"fontSize\":60,\"labelColor\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"cpu_temp_avg\",\"customLabel\":\"Maximum CPU °C\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"hdd_temp_avg\",\"customLabel\":\"Maximum Storage °C\"}}]}"
},
"id": "db628ba0-03c5-11e9-b42b-a7822d24ca20",
"type": "visualization",
"updated_at": "2018-12-20T18:16:43.991Z",
"version": 1
},
{
"attributes": {
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"protologbeat-*\",\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[]}"
},
"title": "Maximum Sensor CPU and Storage Temperatures",
"uiStateJSON": "{}",
"version": 1,
"visState": "{\"title\":\"Maximum Sensor CPU and Storage Temperatures\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"rotate\":0},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Maximum CPU °C\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Maximum CPU °C\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"data\":{\"id\":\"3\",\"label\":\"Maximum Storage °C\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false,\"orderBucketsBySum\":true},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"cpu_temp_avg\",\"customLabel\":\"Maximum CPU °C\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host.name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Sensor Name\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"hdd_temp_avg\",\"customLabel\":\"Maximum Storage °C\"}}]}"
},
"id": "923c3ce0-03c6-11e9-b42b-a7822d24ca20",
"type": "visualization",
"updated_at": "2018-12-20T18:16:43.961Z",
"version": 1
},
{
"attributes": {
"description": "",
"hits": 0,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[]}"
},
"optionsJSON": "{\"darkTheme\":true,\"hidePanelTitles\":false,\"useMargins\":false}",
"panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":31,\"w\":48,\"h\":35,\"i\":\"1\"},\"id\":\"752a7e30-03af-11e9-bf7f-6138c205dfb3\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.5.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":0,\"w\":20,\"h\":11,\"i\":\"2\"},\"id\":\"293d13a0-03c5-11e9-b42b-a7822d24ca20\",\"panelIndex\":\"2\",\"title\":\"Sensor Filter\",\"type\":\"visualization\",\"version\":\"6.5.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":66,\"w\":48,\"h\":29,\"i\":\"3\"},\"id\":\"65345580-03c5-11e9-b42b-a7822d24ca20\",\"panelIndex\":\"3\",\"title\":\"Sensor Metrics\",\"type\":\"search\",\"version\":\"6.5.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":11,\"w\":20,\"h\":20,\"i\":\"4\"},\"id\":\"db628ba0-03c5-11e9-b42b-a7822d24ca20\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.5.3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":20,\"y\":0,\"w\":28,\"h\":31,\"i\":\"5\"},\"id\":\"923c3ce0-03c6-11e9-b42b-a7822d24ca20\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.5.3\"}]",
"timeRestore": false,
"title": "Sensor Temperature dashboard",
"version": 1
},
"id": "3c519150-03c5-11e9-b42b-a7822d24ca20",
"type": "dashboard",
"updated_at": "2018-12-20T18:16:43.882Z",
"version": 1
}
],
"version": "6.5.3"
}

16
Vagrant/resources/malcolm/malcolm-iso/config/includes.chroot/usr/share/protologbeat/kibana/7/index-pattern/protologbeat.json Normal file
View File

File diff suppressed because one or more lines are too long