{ "__inputs": [ { "name": "DS_WAZUH_INDEXER", "label": "WAZUH", "description": "", "type": "datasource", "pluginId": "elasticsearch", "pluginName": "Elasticsearch" } ], "__elements": {}, "__requires": [ { "type": "panel", "id": "bargauge", "name": "Bar gauge", "version": "" }, { "type": "datasource", "id": "elasticsearch", "name": "Elasticsearch", "version": "1.0.0" }, { "type": "grafana", "id": "grafana", "name": "Grafana", "version": "10.0.2" }, { "type": "panel", "id": "piechart", "name": "Pie chart", "version": "" }, { "type": "panel", "id": "stat", "name": "Stat", "version": "" }, { "type": "panel", "id": "table", "name": "Table", "version": "" }, { "type": "panel", "id": "table-old", "name": "Table (old)", "version": "" } ], "annotations": { "list": [ { "builtIn": 1, "datasource": { "type": "datasource", "uid": "grafana" }, "enable": true, "hide": true, "iconColor": "rgba(0, 211, 255, 1)", "name": "Annotations & Alerts", "target": { "limit": 100, "matchAny": false, "tags": [], "type": "dashboard" }, "type": "dashboard" } ] }, "editable": true, "fiscalYearStartMonth": 0, "graphTooltip": 0, "id": null, "links": [ { "asDropdown": true, "icon": "external link", "includeVars": true, "keepTime": true, "tags": [ "EDR" ], "targetBlank": true, "title": "", "type": "dashboards" } ], "liveNow": false, "panels": [ { "datasource": { "type": "datasource", "uid": "grafana" }, "gridPos": { "h": 1, "w": 24, "x": 0, "y": 0 }, "id": 58, "targets": [ { "datasource": { "type": "datasource", "uid": "grafana" }, "refId": "A" } ], "title": "SYSTEM OS AND SOFTWARE VULNERABILITIES - SUMMARY", "type": "row" }, { "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fieldConfig": { "defaults": { "mappings": [ { "options": { "match": "null", "result": { "text": "N/A" } }, "type": "special" } ], "thresholds": { "mode": "absolute", "steps": [ { "color": "dark-orange", "value": null } ] }, "unit": "short" }, "overrides": [] }, "gridPos": { "h": 7, "w": 4, "x": 0, "y": 1 }, "id": 43, "links": [], "options": { "colorMode": "value", "graphMode": "area", "justifyMode": "auto", "orientation": "horizontal", "reduceOptions": { "calcs": [ "sum" ], "fields": "", "values": false }, "text": {}, "textMode": "auto" }, "pluginVersion": "10.0.2", "targets": [ { "bucketAggs": [ { "field": "timestamp", "id": "2", "settings": { "interval": "auto", "min_doc_count": 0, "trimEdges": 0 }, "type": "date_histogram" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "select field", "id": "1", "type": "count" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "VULNERABILITY EVENTS", "type": "stat" }, { "columns": [], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fontSize": "100%", "gridPos": { "h": 7, "w": 8, "x": 4, "y": 1 }, "id": 31, "showHeader": true, "sort": { "col": 0, "desc": true }, "styles": [ { "alias": "Time", "align": "auto", "dateFormat": "YYYY-MM-DD HH:mm:ss", "pattern": "Time", "type": "date" }, { "alias": "", "align": "auto", "colorMode": "row", "colors": [ "rgba(50, 172, 45, 0.97)", "rgba(237, 129, 40, 0.89)", "#FA6400" ], "dateFormat": "YYYY-MM-DD HH:mm:ss", "decimals": -1, "mappingType": 1, "pattern": "Count", "thresholds": [ "0", "1" ], "type": "number", "unit": "short" }, { "alias": "AGENT", "align": "auto", "colors": [ "rgba(245, 54, 54, 0.9)", "rgba(237, 129, 40, 0.89)", "rgba(50, 172, 45, 0.97)" ], "dateFormat": "YYYY-MM-DD HH:mm:ss", "decimals": 2, "mappingType": 1, "pattern": "agent.name", "thresholds": [], "type": "number", "unit": "short" } ], "targets": [ { "bucketAggs": [ { "fake": true, "field": "agent.name", "id": "4", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_term", "size": "0" }, "type": "terms" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "select field", "id": "1", "type": "count" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "AGENTS", "transform": "table", "type": "table-old" }, { "columns": [], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fontSize": "100%", "gridPos": { "h": 7, "w": 6, "x": 12, "y": 1 }, "id": 54, "showHeader": true, "sort": { "col": 0, "desc": true }, "styles": [ { "alias": "Time", "align": "auto", "dateFormat": "YYYY-MM-DD HH:mm:ss", "pattern": "Time", "type": "date" }, { "alias": "", "align": "auto", "colorMode": "row", "colors": [ "rgba(50, 172, 45, 0.97)", "rgba(237, 129, 40, 0.89)", "#FA6400" ], "dateFormat": "YYYY-MM-DD HH:mm:ss", "decimals": -1, "mappingType": 1, "pattern": "Count", "thresholds": [ "0", "1" ], "type": "number", "unit": "short" }, { "alias": "CVSS2", "align": "auto", "colors": [ "rgba(245, 54, 54, 0.9)", "rgba(237, 129, 40, 0.89)", "rgba(50, 172, 45, 0.97)" ], "dateFormat": "YYYY-MM-DD HH:mm:ss", "decimals": 2, "mappingType": 1, "pattern": "data.vulnerability.cvss.cvss2.base.score", "thresholds": [], "type": "number", "unit": "short" } ], "targets": [ { "bucketAggs": [ { "fake": true, "field": "data.vulnerability.cvss.cvss2.base.score", "id": "4", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_term", "size": "0" }, "type": "terms" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "select field", "id": "1", "type": "count" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "CVSS2 BASE SCORE", "transform": "table", "type": "table-old" }, { "columns": [], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fontSize": "100%", "gridPos": { "h": 7, "w": 6, "x": 18, "y": 1 }, "id": 55, "showHeader": true, "sort": { "col": 0, "desc": true }, "styles": [ { "alias": "Time", "align": "auto", "dateFormat": "YYYY-MM-DD HH:mm:ss", "pattern": "Time", "type": "date" }, { "alias": "", "align": "auto", "colorMode": "row", "colors": [ "rgba(50, 172, 45, 0.97)", "rgba(237, 129, 40, 0.89)", "#FA6400" ], "dateFormat": "YYYY-MM-DD HH:mm:ss", "decimals": -1, "mappingType": 1, "pattern": "Count", "thresholds": [ "0", "1" ], "type": "number", "unit": "short" }, { "alias": "CVSS3", "align": "auto", "colors": [ "rgba(245, 54, 54, 0.9)", "rgba(237, 129, 40, 0.89)", "rgba(50, 172, 45, 0.97)" ], "dateFormat": "YYYY-MM-DD HH:mm:ss", "decimals": 2, "mappingType": 1, "pattern": "data.vulnerability.cvss.cvss3.base.score", "thresholds": [], "type": "number", "unit": "short" } ], "targets": [ { "bucketAggs": [ { "fake": true, "field": "data.vulnerability.cvss.cvss3.base.score", "id": "4", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_term", "size": "0" }, "type": "terms" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "select field", "id": "1", "type": "count" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "CVSS3 BASE SCORE", "transform": "table", "type": "table-old" }, { "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fieldConfig": { "defaults": { "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 9, "w": 9, "x": 0, "y": 8 }, "id": 37, "options": { "displayMode": "gradient", "minVizHeight": 10, "minVizWidth": 0, "orientation": "horizontal", "reduceOptions": { "calcs": [ "sum" ], "fields": "", "values": false }, "showUnfilled": true, "text": {}, "valueMode": "color" }, "pluginVersion": "10.0.2", "targets": [ { "bucketAggs": [ { "fake": true, "field": "data.vulnerability.package.name", "id": "6", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_count", "size": "15" }, "type": "terms" }, { "fake": true, "field": "timestamp", "id": "5", "settings": { "interval": "auto", "min_doc_count": 0, "trimEdges": 0 }, "type": "date_histogram" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "type", "id": "1", "meta": {}, "settings": {}, "type": "count" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "VULNERABLE SOFTWARE / PACKAGE", "type": "bargauge" }, { "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { "hideFrom": { "legend": false, "tooltip": false, "viz": false } }, "decimals": 0, "mappings": [], "unit": "short" }, "overrides": [ { "matcher": { "id": "byName", "options": "Critical" }, "properties": [ { "id": "color", "value": { "fixedColor": "#C4162A", "mode": "fixed" } } ] }, { "matcher": { "id": "byName", "options": "High" }, "properties": [ { "id": "color", "value": { "fixedColor": "#F2495C", "mode": "fixed" } } ] }, { "matcher": { "id": "byName", "options": "Low" }, "properties": [ { "id": "color", "value": { "fixedColor": "#5794F2", "mode": "fixed" } } ] }, { "matcher": { "id": "byName", "options": "Medium" }, "properties": [ { "id": "color", "value": { "fixedColor": "#FF9830", "mode": "fixed" } } ] } ] }, "gridPos": { "h": 9, "w": 7, "x": 9, "y": 8 }, "id": 45, "links": [], "maxDataPoints": 3, "options": { "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true, "values": [ "value" ] }, "pieType": "donut", "reduceOptions": { "calcs": [ "sum" ], "fields": "", "values": false }, "tooltip": { "mode": "single", "sort": "none" } }, "targets": [ { "bucketAggs": [ { "fake": true, "field": "data.vulnerability.severity", "id": "3", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_count", "size": "0" }, "type": "terms" }, { "field": "timestamp", "id": "2", "settings": { "interval": "auto", "min_doc_count": 0, "trimEdges": 0 }, "type": "date_histogram" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "select field", "id": "1", "type": "count" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "VULNERABILITY LEVELS", "type": "piechart" }, { "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "align": "auto", "cellOptions": { "type": "auto" }, "filterable": false, "inspect": false }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [ { "matcher": { "id": "byName", "options": "Time" }, "properties": [ { "id": "displayName", "value": "Time" }, { "id": "unit", "value": "time: YYYY-MM-DD HH:mm:ss" }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "" }, "properties": [ { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.cve" }, "properties": [ { "id": "displayName", "value": "CVE" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": -1 }, { "id": "links", "value": [ { "targetBlank": true, "title": "NVD - NIST DATABASE", "url": "https://nvd.nist.gov/vuln/detail/${__value.text}" } ] }, { "id": "custom.align", "value": "left" } ] }, { "matcher": { "id": "byName", "options": "Unique Count" }, "properties": [ { "id": "displayName", "value": "HITS" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": -1 }, { "id": "custom.align" } ] } ] }, "gridPos": { "h": 9, "w": 8, "x": 16, "y": 8 }, "id": 47, "options": { "cellHeight": "sm", "footer": { "countRows": false, "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true }, "pluginVersion": "10.0.2", "targets": [ { "bucketAggs": [ { "fake": true, "field": "data.vulnerability.cve", "id": "7", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_term", "size": "10" }, "type": "terms" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "data.vulnerability.cve", "id": "1", "meta": {}, "settings": {}, "type": "cardinality" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "CVEs", "transformations": [ { "id": "merge", "options": { "reducers": [] } } ], "type": "table" }, { "collapsed": false, "datasource": { "type": "datasource", "uid": "grafana" }, "gridPos": { "h": 1, "w": 24, "x": 0, "y": 17 }, "id": 60, "panels": [], "targets": [ { "datasource": { "type": "datasource", "uid": "grafana" }, "refId": "A" } ], "title": "SYSTEM OS AND SOFTWARE VULNERABILITIES - ENTRIES", "type": "row" }, { "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "align": "auto", "cellOptions": { "type": "auto" }, "filterable": false, "inspect": false }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [ { "matcher": { "id": "byName", "options": "Time" }, "properties": [ { "id": "displayName", "value": "Time" }, { "id": "unit", "value": "time: YYYY-MM-DD HH:mm:ss" }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "" }, "properties": [ { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.package.name" }, "properties": [ { "id": "displayName", "value": "PACKAGE NAME" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": -1 }, { "id": "custom.align", "value": "left" } ] }, { "matcher": { "id": "byName", "options": "Unique Count" }, "properties": [ { "id": "displayName", "value": "HITS" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": -1 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.package.condition" }, "properties": [ { "id": "displayName", "value": "CONDITION" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "CONDITION" }, "properties": [ { "id": "custom.width", "value": 378 } ] } ] }, "gridPos": { "h": 10, "w": 24, "x": 0, "y": 18 }, "id": 53, "options": { "cellHeight": "sm", "footer": { "countRows": false, "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true, "sortBy": [] }, "pluginVersion": "10.0.2", "targets": [ { "bucketAggs": [ { "fake": true, "field": "data.vulnerability.package.name", "id": "8", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_term", "size": "10" }, "type": "terms" }, { "fake": true, "field": "data.vulnerability.package.condition", "id": "7", "settings": { "min_doc_count": 1, "order": "desc", "orderBy": "_term", "size": "10" }, "type": "terms" } ], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "field": "data.vulnerability.package.condition", "id": "1", "meta": {}, "settings": {}, "type": "cardinality" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "SOFTWARE / PACKAGE", "transformations": [ { "id": "merge", "options": { "reducers": [] } } ], "type": "table" }, { "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "align": "auto", "cellOptions": { "type": "auto" }, "inspect": false }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "red", "value": 80 } ] } }, "overrides": [ { "matcher": { "id": "byName", "options": "data.vulnerability.package.name" }, "properties": [ { "id": "displayName", "value": "PACKAGE" }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.package.condition" }, "properties": [ { "id": "displayName", "value": "STATUS" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": -1 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.cve" }, "properties": [ { "id": "displayName", "value": "CVE" }, { "id": "unit", "value": "kbytes" }, { "id": "decimals", "value": -1 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "agent.name" }, "properties": [ { "id": "displayName", "value": "AGENT" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.title" }, "properties": [ { "id": "displayName", "value": "CVE TITLE" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.severity" }, "properties": [ { "id": "displayName", "value": "SEVERITY" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] } ] }, "gridPos": { "h": 12, "w": 24, "x": 0, "y": 28 }, "id": 48, "options": { "footer": { "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true }, "pluginVersion": "9.3.2", "targets": [ { "bucketAggs": [], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "id": "1", "settings": { "size": "500" }, "type": "raw_data" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "SYSTEM VULNERABILITIES - DETAILS", "transformations": [ { "id": "filterFieldsByName", "options": { "include": { "names": [ "timestamp", "agent.name", "data.vulnerability.cve", "data.vulnerability.severity", "data.vulnerability.title", "data.vulnerability.package.name" ] } } } ], "type": "table" }, { "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "fieldConfig": { "defaults": { "color": { "mode": "thresholds" }, "custom": { "align": "auto", "cellOptions": { "type": "auto" }, "inspect": false }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green" }, { "color": "red", "value": 80 } ] } }, "overrides": [ { "matcher": { "id": "byName", "options": "data.vulnerability.package.name" }, "properties": [ { "id": "displayName", "value": "PACKAGE" }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.package.condition" }, "properties": [ { "id": "displayName", "value": "STATUS" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": -1 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.cve" }, "properties": [ { "id": "displayName", "value": "CVE" }, { "id": "unit", "value": "kbytes" }, { "id": "decimals", "value": -1 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "agent.name" }, "properties": [ { "id": "displayName", "value": "AGENT" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.title" }, "properties": [ { "id": "displayName", "value": "CVE TITLE" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.severity" }, "properties": [ { "id": "displayName", "value": "SEVERITY" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.updated" }, "properties": [ { "id": "displayName", "value": "CVE LAST UPDATE" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.references" }, "properties": [ { "id": "displayName", "value": "REFERENCES" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "data.vulnerability.rationale" }, "properties": [ { "id": "displayName", "value": "VULNERABILITY INFO" }, { "id": "unit", "value": "short" }, { "id": "decimals", "value": 2 }, { "id": "custom.align" } ] }, { "matcher": { "id": "byName", "options": "VULNERABILITY INFO" }, "properties": [ { "id": "custom.width", "value": 201 } ] } ] }, "gridPos": { "h": 13, "w": 24, "x": 0, "y": 40 }, "id": 56, "options": { "footer": { "fields": "", "reducer": [ "sum" ], "show": false }, "showHeader": true, "sortBy": [] }, "pluginVersion": "9.3.2", "targets": [ { "bucketAggs": [], "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "metrics": [ { "id": "1", "settings": { "size": "500" }, "type": "raw_data" } ], "query": "rule.groups:sca AND agent.name:$agent_name", "refId": "A", "timeField": "timestamp" } ], "title": "VULNERABILITIES INFO", "transformations": [ { "id": "filterFieldsByName", "options": { "include": { "names": [ "timestamp", "agent.name", "data.vulnerability.package.name", "data.vulnerability.rationale", "data.vulnerability.references", "data.vulnerability.severity", "data.vulnerability.title", "data.vulnerability.updated", "data.vulnerability.package.condition" ] } } } ], "type": "table" } ], "refresh": "", "schemaVersion": 38, "style": "dark", "tags": [ "EDR" ], "templating": { "list": [ { "current": {}, "datasource": { "type": "elasticsearch", "uid": "DS_WAZUH_INDEXER" }, "definition": "{ \"find\": \"terms\", \"field\": \"agent.name\", \"query\": \"rule.groups:sca\"}", "hide": 0, "includeAll": true, "label": "Agent", "multi": false, "name": "agent_name", "options": [], "query": "{ \"find\": \"terms\", \"field\": \"agent.name\", \"query\": \"rule.groups:sca\"}", "refresh": 2, "regex": "", "skipUrlSync": false, "sort": 2, "tagValuesQuery": "", "tagsQuery": "", "type": "query", "useTags": false } ] }, "time": { "from": "now-90d", "to": "now" }, "timepicker": { "refresh_intervals": [ "5s", "10s", "30s", "1m", "5m", "15m", "30m", "1h", "2h", "1d" ], "time_options": [ "5m", "15m", "1h", "6h", "12h", "24h", "2d", "7d", "30d" ] }, "timezone": "", "title": "WAZUH - SYSTEM VULNERABILITIES", "uid": "1-SyUa0nz", "version": 3, "weekStart": "", "gnetId": 22451, "description": "Please Note. I used an extractor to format my log. To fix wazuh logs, replace _ with . eg (Change agent_name to agent.name in Grafana).Other than just using Kibana, You can use Elasticsearch data source to visualize Wazuh - SYSTEM VULNERABILITIES, on all Agents. I prefer Grafana because it loads faster and allows me to consolidate multiple data sources, such as Prometheus and InfluxDB, into a single source of truth." }