MarioCelumit/Octopus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Octopus/grafana/dashboards/vulnerabilidades.json
mariojaimezvila-png 3bbd7d6413 first commit
2026-04-09 13:05:27 +02:00

1825 lines
42 KiB
JSON
Raw Permalink Blame History

{
"__inputs": [
{
"name": "DS_WAZUH_INDEXER",
"label": "WAZUH",
"description": "",
"type": "datasource",
"pluginId": "elasticsearch",
"pluginName": "Elasticsearch"
}
],
"__elements": {},
"__requires": [
{
"type": "panel",
"id": "bargauge",
"name": "Bar gauge",
"version": ""
},
{
"type": "datasource",
"id": "elasticsearch",
"name": "Elasticsearch",
"version": "1.0.0"
},
{
"type": "grafana",
"id": "grafana",
"name": "Grafana",
"version": "10.0.2"
},
{
"type": "panel",
"id": "piechart",
"name": "Pie chart",
"version": ""
},
{
"type": "panel",
"id": "stat",
"name": "Stat",
"version": ""
},
{
"type": "panel",
"id": "table",
"name": "Table",
"version": ""
},
{
"type": "panel",
"id": "table-old",
"name": "Table (old)",
"version": ""
}
],
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "datasource",
"uid": "grafana"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"target": {
"limit": 100,
"matchAny": false,
"tags": [],
"type": "dashboard"
},
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": null,
"links": [
{
"asDropdown": true,
"icon": "external link",
"includeVars": true,
"keepTime": true,
"tags": [
"EDR"
],
"targetBlank": true,
"title": "",
"type": "dashboards"
}
],
"liveNow": false,
"panels": [
{
"datasource": {
"type": "datasource",
"uid": "grafana"
},
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 0
},
"id": 58,
"targets": [
{
"datasource": {
"type": "datasource",
"uid": "grafana"
},
"refId": "A"
}
],
"title": "SYSTEM OS AND SOFTWARE VULNERABILITIES - SUMMARY",
"type": "row"
},
{
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fieldConfig": {
"defaults": {
"mappings": [
{
"options": {
"match": "null",
"result": {
"text": "N/A"
}
},
"type": "special"
}
],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "dark-orange",
"value": null
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 7,
"w": 4,
"x": 0,
"y": 1
},
"id": 43,
"links": [],
"options": {
"colorMode": "value",
"graphMode": "area",
"justifyMode": "auto",
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"sum"
],
"fields": "",
"values": false
},
"text": {},
"textMode": "auto"
},
"pluginVersion": "10.0.2",
"targets": [
{
"bucketAggs": [
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "VULNERABILITY EVENTS",
"type": "stat"
},
{
"columns": [],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fontSize": "100%",
"gridPos": {
"h": 7,
"w": 8,
"x": 4,
"y": 1
},
"id": 31,
"showHeader": true,
"sort": {
"col": 0,
"desc": true
},
"styles": [
{
"alias": "Time",
"align": "auto",
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"pattern": "Time",
"type": "date"
},
{
"alias": "",
"align": "auto",
"colorMode": "row",
"colors": [
"rgba(50, 172, 45, 0.97)",
"rgba(237, 129, 40, 0.89)",
"#FA6400"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": -1,
"mappingType": 1,
"pattern": "Count",
"thresholds": [
"0",
"1"
],
"type": "number",
"unit": "short"
},
{
"alias": "AGENT",
"align": "auto",
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 2,
"mappingType": 1,
"pattern": "agent.name",
"thresholds": [],
"type": "number",
"unit": "short"
}
],
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "agent.name",
"id": "4",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_term",
"size": "0"
},
"type": "terms"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "AGENTS",
"transform": "table",
"type": "table-old"
},
{
"columns": [],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fontSize": "100%",
"gridPos": {
"h": 7,
"w": 6,
"x": 12,
"y": 1
},
"id": 54,
"showHeader": true,
"sort": {
"col": 0,
"desc": true
},
"styles": [
{
"alias": "Time",
"align": "auto",
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"pattern": "Time",
"type": "date"
},
{
"alias": "",
"align": "auto",
"colorMode": "row",
"colors": [
"rgba(50, 172, 45, 0.97)",
"rgba(237, 129, 40, 0.89)",
"#FA6400"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": -1,
"mappingType": 1,
"pattern": "Count",
"thresholds": [
"0",
"1"
],
"type": "number",
"unit": "short"
},
{
"alias": "CVSS2",
"align": "auto",
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 2,
"mappingType": 1,
"pattern": "data.vulnerability.cvss.cvss2.base.score",
"thresholds": [],
"type": "number",
"unit": "short"
}
],
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "data.vulnerability.cvss.cvss2.base.score",
"id": "4",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_term",
"size": "0"
},
"type": "terms"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "CVSS2 BASE SCORE",
"transform": "table",
"type": "table-old"
},
{
"columns": [],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fontSize": "100%",
"gridPos": {
"h": 7,
"w": 6,
"x": 18,
"y": 1
},
"id": 55,
"showHeader": true,
"sort": {
"col": 0,
"desc": true
},
"styles": [
{
"alias": "Time",
"align": "auto",
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"pattern": "Time",
"type": "date"
},
{
"alias": "",
"align": "auto",
"colorMode": "row",
"colors": [
"rgba(50, 172, 45, 0.97)",
"rgba(237, 129, 40, 0.89)",
"#FA6400"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": -1,
"mappingType": 1,
"pattern": "Count",
"thresholds": [
"0",
"1"
],
"type": "number",
"unit": "short"
},
{
"alias": "CVSS3",
"align": "auto",
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"decimals": 2,
"mappingType": 1,
"pattern": "data.vulnerability.cvss.cvss3.base.score",
"thresholds": [],
"type": "number",
"unit": "short"
}
],
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "data.vulnerability.cvss.cvss3.base.score",
"id": "4",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_term",
"size": "0"
},
"type": "terms"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "CVSS3 BASE SCORE",
"transform": "table",
"type": "table-old"
},
{
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fieldConfig": {
"defaults": {
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 9,
"x": 0,
"y": 8
},
"id": 37,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"sum"
],
"fields": "",
"values": false
},
"showUnfilled": true,
"text": {},
"valueMode": "color"
},
"pluginVersion": "10.0.2",
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "data.vulnerability.package.name",
"id": "6",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "15"
},
"type": "terms"
},
{
"fake": true,
"field": "timestamp",
"id": "5",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "type",
"id": "1",
"meta": {},
"settings": {},
"type": "count"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "VULNERABLE SOFTWARE / PACKAGE",
"type": "bargauge"
},
{
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
}
},
"decimals": 0,
"mappings": [],
"unit": "short"
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "Critical"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "#C4162A",
"mode": "fixed"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "High"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "#F2495C",
"mode": "fixed"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "Low"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "#5794F2",
"mode": "fixed"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "Medium"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "#FF9830",
"mode": "fixed"
}
}
]
}
]
},
"gridPos": {
"h": 9,
"w": 7,
"x": 9,
"y": 8
},
"id": 45,
"links": [],
"maxDataPoints": 3,
"options": {
"legend": {
"calcs": [],
"displayMode": "table",
"placement": "right",
"showLegend": true,
"values": [
"value"
]
},
"pieType": "donut",
"reduceOptions": {
"calcs": [
"sum"
],
"fields": "",
"values": false
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "data.vulnerability.severity",
"id": "3",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_count",
"size": "0"
},
"type": "terms"
},
{
"field": "timestamp",
"id": "2",
"settings": {
"interval": "auto",
"min_doc_count": 0,
"trimEdges": 0
},
"type": "date_histogram"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "select field",
"id": "1",
"type": "count"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "VULNERABILITY LEVELS",
"type": "piechart"
},
{
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"filterable": false,
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "Time"
},
"properties": [
{
"id": "displayName",
"value": "Time"
},
{
"id": "unit",
"value": "time: YYYY-MM-DD HH:mm:ss"
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": ""
},
"properties": [
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.cve"
},
"properties": [
{
"id": "displayName",
"value": "CVE"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": -1
},
{
"id": "links",
"value": [
{
"targetBlank": true,
"title": "NVD - NIST DATABASE",
"url": "https://nvd.nist.gov/vuln/detail/${__value.text}"
}
]
},
{
"id": "custom.align",
"value": "left"
}
]
},
{
"matcher": {
"id": "byName",
"options": "Unique Count"
},
"properties": [
{
"id": "displayName",
"value": "HITS"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": -1
},
{
"id": "custom.align"
}
]
}
]
},
"gridPos": {
"h": 9,
"w": 8,
"x": 16,
"y": 8
},
"id": 47,
"options": {
"cellHeight": "sm",
"footer": {
"countRows": false,
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true
},
"pluginVersion": "10.0.2",
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "data.vulnerability.cve",
"id": "7",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_term",
"size": "10"
},
"type": "terms"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "data.vulnerability.cve",
"id": "1",
"meta": {},
"settings": {},
"type": "cardinality"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "CVEs",
"transformations": [
{
"id": "merge",
"options": {
"reducers": []
}
}
],
"type": "table"
},
{
"collapsed": false,
"datasource": {
"type": "datasource",
"uid": "grafana"
},
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 17
},
"id": 60,
"panels": [],
"targets": [
{
"datasource": {
"type": "datasource",
"uid": "grafana"
},
"refId": "A"
}
],
"title": "SYSTEM OS AND SOFTWARE VULNERABILITIES - ENTRIES",
"type": "row"
},
{
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"filterable": false,
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "Time"
},
"properties": [
{
"id": "displayName",
"value": "Time"
},
{
"id": "unit",
"value": "time: YYYY-MM-DD HH:mm:ss"
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": ""
},
"properties": [
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.package.name"
},
"properties": [
{
"id": "displayName",
"value": "PACKAGE NAME"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": -1
},
{
"id": "custom.align",
"value": "left"
}
]
},
{
"matcher": {
"id": "byName",
"options": "Unique Count"
},
"properties": [
{
"id": "displayName",
"value": "HITS"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": -1
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.package.condition"
},
"properties": [
{
"id": "displayName",
"value": "CONDITION"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "CONDITION"
},
"properties": [
{
"id": "custom.width",
"value": 378
}
]
}
]
},
"gridPos": {
"h": 10,
"w": 24,
"x": 0,
"y": 18
},
"id": 53,
"options": {
"cellHeight": "sm",
"footer": {
"countRows": false,
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true,
"sortBy": []
},
"pluginVersion": "10.0.2",
"targets": [
{
"bucketAggs": [
{
"fake": true,
"field": "data.vulnerability.package.name",
"id": "8",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_term",
"size": "10"
},
"type": "terms"
},
{
"fake": true,
"field": "data.vulnerability.package.condition",
"id": "7",
"settings": {
"min_doc_count": 1,
"order": "desc",
"orderBy": "_term",
"size": "10"
},
"type": "terms"
}
],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"field": "data.vulnerability.package.condition",
"id": "1",
"meta": {},
"settings": {},
"type": "cardinality"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "SOFTWARE / PACKAGE",
"transformations": [
{
"id": "merge",
"options": {
"reducers": []
}
}
],
"type": "table"
},
{
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green"
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.package.name"
},
"properties": [
{
"id": "displayName",
"value": "PACKAGE"
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.package.condition"
},
"properties": [
{
"id": "displayName",
"value": "STATUS"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": -1
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.cve"
},
"properties": [
{
"id": "displayName",
"value": "CVE"
},
{
"id": "unit",
"value": "kbytes"
},
{
"id": "decimals",
"value": -1
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "agent.name"
},
"properties": [
{
"id": "displayName",
"value": "AGENT"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.title"
},
"properties": [
{
"id": "displayName",
"value": "CVE TITLE"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.severity"
},
"properties": [
{
"id": "displayName",
"value": "SEVERITY"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
}
]
},
"gridPos": {
"h": 12,
"w": 24,
"x": 0,
"y": 28
},
"id": 48,
"options": {
"footer": {
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true
},
"pluginVersion": "9.3.2",
"targets": [
{
"bucketAggs": [],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"id": "1",
"settings": {
"size": "500"
},
"type": "raw_data"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "SYSTEM VULNERABILITIES - DETAILS",
"transformations": [
{
"id": "filterFieldsByName",
"options": {
"include": {
"names": [
"timestamp",
"agent.name",
"data.vulnerability.cve",
"data.vulnerability.severity",
"data.vulnerability.title",
"data.vulnerability.package.name"
]
}
}
}
],
"type": "table"
},
{
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green"
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.package.name"
},
"properties": [
{
"id": "displayName",
"value": "PACKAGE"
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.package.condition"
},
"properties": [
{
"id": "displayName",
"value": "STATUS"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": -1
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.cve"
},
"properties": [
{
"id": "displayName",
"value": "CVE"
},
{
"id": "unit",
"value": "kbytes"
},
{
"id": "decimals",
"value": -1
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "agent.name"
},
"properties": [
{
"id": "displayName",
"value": "AGENT"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.title"
},
"properties": [
{
"id": "displayName",
"value": "CVE TITLE"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.severity"
},
"properties": [
{
"id": "displayName",
"value": "SEVERITY"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.updated"
},
"properties": [
{
"id": "displayName",
"value": "CVE LAST UPDATE"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.references"
},
"properties": [
{
"id": "displayName",
"value": "REFERENCES"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "data.vulnerability.rationale"
},
"properties": [
{
"id": "displayName",
"value": "VULNERABILITY INFO"
},
{
"id": "unit",
"value": "short"
},
{
"id": "decimals",
"value": 2
},
{
"id": "custom.align"
}
]
},
{
"matcher": {
"id": "byName",
"options": "VULNERABILITY INFO"
},
"properties": [
{
"id": "custom.width",
"value": 201
}
]
}
]
},
"gridPos": {
"h": 13,
"w": 24,
"x": 0,
"y": 40
},
"id": 56,
"options": {
"footer": {
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true,
"sortBy": []
},
"pluginVersion": "9.3.2",
"targets": [
{
"bucketAggs": [],
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"metrics": [
{
"id": "1",
"settings": {
"size": "500"
},
"type": "raw_data"
}
],
"query": "rule.groups:sca AND agent.name:$agent_name",
"refId": "A",
"timeField": "timestamp"
}
],
"title": "VULNERABILITIES INFO",
"transformations": [
{
"id": "filterFieldsByName",
"options": {
"include": {
"names": [
"timestamp",
"agent.name",
"data.vulnerability.package.name",
"data.vulnerability.rationale",
"data.vulnerability.references",
"data.vulnerability.severity",
"data.vulnerability.title",
"data.vulnerability.updated",
"data.vulnerability.package.condition"
]
}
}
}
],
"type": "table"
}
],
"refresh": "",
"schemaVersion": 38,
"style": "dark",
"tags": [
"EDR"
],
"templating": {
"list": [
{
"current": {},
"datasource": {
"type": "elasticsearch",
"uid": "DS_WAZUH_INDEXER"
},
"definition": "{ \"find\": \"terms\", \"field\": \"agent.name\", \"query\": \"rule.groups:sca\"}",
"hide": 0,
"includeAll": true,
"label": "Agent",
"multi": false,
"name": "agent_name",
"options": [],
"query": "{ \"find\": \"terms\", \"field\": \"agent.name\", \"query\": \"rule.groups:sca\"}",
"refresh": 2,
"regex": "",
"skipUrlSync": false,
"sort": 2,
"tagValuesQuery": "",
"tagsQuery": "",
"type": "query",
"useTags": false
}
]
},
"time": {
"from": "now-90d",
"to": "now"
},
"timepicker": {
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
]
},
"timezone": "",
"title": "WAZUH - SYSTEM VULNERABILITIES",
"uid": "1-SyUa0nz",
"version": 3,
"weekStart": "",
"gnetId": 22451,
"description": "Please Note. I used an extractor to format my log. To fix wazuh logs, replace _ with . eg (Change agent_name to agent.name in Grafana).Other than just using Kibana, You can use Elasticsearch data source to visualize Wazuh - SYSTEM VULNERABILITIES, on all Agents. I prefer Grafana because it loads faster and allows me to consolidate multiple data sources, such as Prometheus and InfluxDB, into a single source of truth."
}
Reference in New Issue View Git Blame Copy Permalink