grafana_dashboards/GeoIP-1699113833168.json

596 lines
17 KiB
JSON
Raw Permalink Normal View History

2023-11-04 16:15:13 +00:00
{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"target": {
"limit": 100,
"matchAny": false,
"tags": [],
"type": "dashboard"
},
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"gnetId": 17877,
"graphTooltip": 0,
"id": 4,
"links": [],
"liveNow": false,
"panels": [
{
"datasource": {
"type": "loki",
"uid": "c0696081-8d61-4fbd-bde3-6510cbc6b07f"
},
"description": "Source IP addresses accessing the infrastructure",
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 100
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 26,
"w": 20,
"x": 2,
"y": 0
},
"id": 2,
"options": {
"basemap": {
"config": {},
"name": "Layer 0",
"type": "default"
},
"controls": {
"mouseWheelZoom": true,
"showAttribution": false,
"showDebug": true,
"showMeasure": false,
"showScale": false,
"showZoom": true
},
"layers": [
{
"config": {
"blur": 12,
"radius": 5,
"weight": {
"fixed": 1,
"max": 1,
"min": 0
}
},
"location": {
"latitude": "Latitude",
"longitude": "Longitude",
"mode": "coords"
},
"name": "Map",
"opacity": 0.7,
"tooltip": true,
"type": "heatmap"
}
],
"tooltip": {
"mode": "none"
},
"view": {
"allLayers": true,
"id": "europe",
"lat": 46,
"lon": 14,
"zoom": 3
}
},
"pluginVersion": "10.2.0",
"targets": [
{
"datasource": {
"type": "loki",
"uid": "c0696081-8d61-4fbd-bde3-6510cbc6b07f"
},
"editorMode": "code",
"expr": "{filename=\"/var/log/iptables.log\"} | json | geoip_continent_code != \"\" | geoip_location_longitude != \"\" | geoip_location_latitude != \"\"",
"legendFormat": "",
"queryType": "range",
"refId": "A"
}
],
"title": "IP Locations Heatmap",
"transformations": [
{
"id": "extractFields",
"options": {
"format": "kvp",
"replace": true,
"source": "labels"
}
},
{
"id": "convertFieldType",
"options": {
"conversions": [
{
"destinationType": "number",
"targetField": "geoip_location_latitude"
},
{
"destinationType": "number",
"targetField": "geoip_location_longitude"
}
],
"fields": {}
}
},
{
"id": "organize",
"options": {
"excludeByName": {
"FACILITY": true,
"FILE_NAME": true,
"HOST": true,
"HOST_FROM": true,
"ISODATE": false,
"LEGACY_MSGHDR": true,
"MESSAGE": true,
"PRIORITY": true,
"PROGRAM": true,
"SOURCE": true,
"geoip_city_geoname_id": true,
"geoip_city_names_en": false,
"geoip_continent_geoname_id": true,
"geoip_continent_names_en": true,
"geoip_country_geoname_id": true,
"geoip_country_is_in_european_union": true,
"geoip_country_iso_code": true,
"geoip_country_names_en": false,
"geoip_location_accuracy_radius": false,
"geoip_location_latitude": false,
"geoip_location_location": true,
"geoip_location_metro_code": true,
"geoip_location_time_zone": true,
"geoip_registered_country_geoname_id": true,
"geoip_registered_country_is_in_european_union": true,
"geoip_registered_country_iso_code": true,
"geoip_registered_country_names_en": false,
"geoip_subdivisions_0_geoname_id": true,
"geoip_subdivisions_0_iso_code": true,
"geoip_subdivisions_0_names_en": true,
"geoip_subdivisions_1_geoname_id": true,
"geoip_subdivisions_1_iso_code": true,
"geoip_subdivisions_1_names_en": true,
"ipt_CODE": true,
"ipt_IN": true,
"ipt_LEN": true,
"ipt_TYPE": true,
"job": true,
"kv_DPT": false,
"kv_DST": true,
"kv_ID": true,
"kv_IN": true,
"kv_LEN": true,
"kv_MAC": true,
"kv_OUT": false,
"kv_PREC": true,
"kv_PROTO": true,
"kv_RES": true,
"kv_SPT": true,
"kv_TOS": true,
"kv_TTL": true,
"kv_URGP": true,
"kv_WINDOW": true
},
"indexByName": {},
"renameByName": {
"FACILITY": "",
"ISODATE": "Time",
"geoip_city_names_en": "City",
"geoip_continent_code": "Continent",
"geoip_country_names_en": "Country",
"geoip_location_accuracy_radius": "Accuracy Radius",
"geoip_location_latitude": "Latitude",
"geoip_location_longitude": "Longitude",
"geoip_postal_code": "Postal Code",
"geoip_registered_country_is_in_european_union": "",
"geoip_registered_country_names_en": "Registered Country",
"geoip_subdivisions_1_iso_code": "",
"ipt_DPT": "Destination Port",
"ipt_DST": "Destintation",
"ipt_IN": "Input Interface",
"ipt_LEN": "",
"ipt_OUT": "Output Interface",
"ipt_PROTO": "Protocol",
"ipt_SPT": "Source Port",
"ipt_SRC": "Source",
"job": "",
"kv_DPT": "Destintation Port",
"kv_OUT": "Output Interface",
"kv_SRC": "Source"
}
}
},
{
"id": "organize",
"options": {
"excludeByName": {},
"indexByName": {
"Accuracy Radius": 14,
"City": 9,
"Continent": 7,
"Country": 8,
"Destination Port": 5,
"Destintation": 4,
"Latitude": 12,
"Longitude": 13,
"Output Interface": 3,
"Postal Code": 10,
"Protocol": 6,
"Registered Country": 11,
"Source": 0,
"Source Port": 1,
"Time": 2
},
"renameByName": {}
}
},
{
"id": "convertFieldType",
"options": {
"conversions": [
{
"destinationType": "time",
"targetField": "Time"
}
],
"fields": {}
}
}
],
"type": "geomap"
},
{
"gridPos": {
"h": 26,
"w": 20,
"x": 2,
"y": 26
},
"id": 8,
"libraryPanel": {
"name": "IP Locations (non SSH Traffic)",
"uid": "OrPj7vZVk"
},
"title": "IP Locations (non SSH Traffic)"
},
{
"datasource": {
"type": "loki",
"uid": "c0696081-8d61-4fbd-bde3-6510cbc6b07f"
},
"description": "Source IP addresses by location accessing ssh",
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green"
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 26,
"w": 20,
"x": 2,
"y": 52
},
"id": 3,
"options": {
"basemap": {
"config": {},
"name": "Layer 0",
"type": "default"
},
"controls": {
"mouseWheelZoom": true,
"showAttribution": false,
"showDebug": true,
"showMeasure": false,
"showScale": false,
"showZoom": true
},
"layers": [
{
"config": {
"showLegend": false,
"style": {
"color": {
"fixed": "red"
},
"opacity": 0.4,
"rotation": {
"fixed": 0,
"max": 360,
"min": -360,
"mode": "mod"
},
"size": {
"fixed": 5,
"max": 15,
"min": 2
},
"symbol": {
"fixed": "img/icons/marker/circle.svg",
"mode": "fixed"
},
"text": {
"fixed": "",
"mode": "field"
},
"textConfig": {
"fontSize": 12,
"offsetX": 0,
"offsetY": 0,
"textAlign": "center",
"textBaseline": "middle"
}
}
},
"location": {
"latitude": "geoip_location_latitude",
"longitude": "geoip_location_longitude",
"mode": "coords"
},
"name": "Map",
"tooltip": true,
"type": "markers"
}
],
"tooltip": {
"mode": "details"
},
"view": {
"allLayers": true,
"id": "europe",
"lat": 46,
"lon": 14,
"zoom": 3
}
},
"pluginVersion": "10.1.5",
"targets": [
{
"datasource": {
"type": "loki",
"uid": "c0696081-8d61-4fbd-bde3-6510cbc6b07f"
},
"editorMode": "code",
"expr": "{filename=\"/var/log/iptables.log\"} | json | geoip_continent_code != \"\" | ipt_DPT == 22 | geoip_location_longitude != \"\" | geoip_location_latitude != \"\"",
"legendFormat": "",
"queryType": "range",
"refId": "A"
}
],
"title": "IP Locations (SSH)",
"transformations": [
{
"id": "extractFields",
"options": {
"format": "kvp",
"replace": true,
"source": "labels"
}
},
{
"id": "convertFieldType",
"options": {
"conversions": [
{
"destinationType": "number",
"targetField": "geoip_location_latitude"
},
{
"destinationType": "number",
"targetField": "geoip_location_longitude"
}
],
"fields": {}
}
},
{
"id": "organize",
"options": {
"excludeByName": {
"FACILITY": true,
"FILE_NAME": true,
"HOST": true,
"HOST_FROM": true,
"ISODATE": false,
"LEGACY_MSGHDR": true,
"MESSAGE": true,
"PRIORITY": true,
"PROGRAM": true,
"SOURCE": true,
"geoip_city_geoname_id": true,
"geoip_city_names_en": false,
"geoip_continent_geoname_id": true,
"geoip_continent_names_en": true,
"geoip_country_geoname_id": true,
"geoip_country_is_in_european_union": true,
"geoip_country_iso_code": true,
"geoip_country_names_en": true,
"geoip_location_accuracy_radius": false,
"geoip_location_latitude": false,
"geoip_location_location": true,
"geoip_location_metro_code": true,
"geoip_location_time_zone": true,
"geoip_registered_country_geoname_id": true,
"geoip_registered_country_is_in_european_union": true,
"geoip_registered_country_iso_code": true,
"geoip_registered_country_names_en": true,
"geoip_subdivisions_0_geoname_id": true,
"geoip_subdivisions_0_iso_code": true,
"geoip_subdivisions_0_names_en": true,
"geoip_subdivisions_1_geoname_id": true,
"geoip_subdivisions_1_iso_code": true,
"geoip_subdivisions_1_names_en": true,
"ipt_CODE": true,
"ipt_IN": true,
"ipt_LEN": true,
"ipt_TYPE": true,
"job": true,
"kv_DPT": false,
"kv_DST": true,
"kv_ID": true,
"kv_IN": true,
"kv_LEN": true,
"kv_MAC": true,
"kv_OUT": false,
"kv_PREC": true,
"kv_PROTO": true,
"kv_RES": true,
"kv_SPT": true,
"kv_TOS": true,
"kv_TTL": true,
"kv_URGP": true,
"kv_WINDOW": true
},
"indexByName": {},
"renameByName": {
"FACILITY": "",
"ISODATE": "Time",
"geoip_city_names_en": "City Name",
"geoip_continent_code": "Continent Code",
"geoip_location_accuracy_radius": "Accuracy Radius",
"geoip_location_latitude": "Latitude",
"geoip_location_longitude": "Longitude",
"geoip_postal_code": "Postal Code",
"ipt_DPT": "Destination Port",
"ipt_DST": "Destintation",
"ipt_IN": "Input Interface",
"ipt_LEN": "",
"ipt_OUT": "Output Interface",
"ipt_PROTO": "Protocol",
"ipt_SPT": "Source Port",
"ipt_SRC": "Source",
"job": "",
"kv_DPT": "Destintation Port",
"kv_OUT": "Output Interface",
"kv_SRC": "Source"
}
}
},
{
"id": "organize",
"options": {
"excludeByName": {},
"indexByName": {
"Accuracy Radius": 9,
"City Name": 7,
"Continent Code": 8,
"Destination Port": 5,
"Destintation": 4,
"Latitude": 10,
"Longitude": 11,
"Output Interface": 3,
"Postal Code": 12,
"Protocol": 6,
"Source": 0,
"Source Port": 1,
"Time": 2
},
"renameByName": {}
}
},
{
"id": "convertFieldType",
"options": {
"conversions": [
{
"destinationType": "time",
"targetField": "Time"
}
],
"fields": {}
}
}
],
"type": "geomap"
}
],
"refresh": "",
"revision": 1,
"schemaVersion": 38,
"tags": [],
"templating": {
"list": []
},
"time": {
"from": "now-2d",
"to": "now"
},
"timepicker": {},
"timezone": "",
"title": "GeoIP",
"uid": "pV2rGDZ4z",
"version": 4,
"weekStart": ""
}